azure:az-500:hybrid_identity

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
azure:az-500:hybrid_identity [2022/06/28 00:09] mmuzeazure:az-500:hybrid_identity [2022/07/22 14:52] (current) mmuze
Line 17: Line 17:
   * **Pass-through authentication.** A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn't require the additional infrastructure of a federated environment.   * **Pass-through authentication.** A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn't require the additional infrastructure of a federated environment.
       * Companies with a security requirement to immediately enforce on-premises user account states, password policies, and sign-in hours might use this authentication method.       * Companies with a security requirement to immediately enforce on-premises user account states, password policies, and sign-in hours might use this authentication method.
-      * When a user authenticates against AAD ADD passes the request to on-prem AD to complete the authentication.+      * When a user authenticates against AAD it passes the request to on-prem AD via the auth agent to complete the authentication.
       * PTA uses a lightweight on-premises agent that listens for and responds to password validation requests.       * PTA uses a lightweight on-premises agent that listens for and responds to password validation requests.
   * **Federation integration.** Federation is an optional part of Azure AD Connect and can be used to  configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.   * **Federation integration.** Federation is an optional part of Azure AD Connect and can be used to  configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
Line 39: Line 39:
 ====== Azure AD Join ====== ====== Azure AD Join ======
   * Azure AD Join allows a Windows 10/11 desktop to be joined to Azure AD for the purposes of controlling access to resources and enforcing requirements on devices.   * Azure AD Join allows a Windows 10/11 desktop to be joined to Azure AD for the purposes of controlling access to resources and enforcing requirements on devices.
-  * For example, an AAD joined phone could be Intune managed and be required to not be rooted or jail broken to access company resources.+  * For example, an AAD joined BYOD phone could be Intune managed and be required to not be rooted or jail broken to access company resources. 
 + 
 +====== AD Connect ====== 
 +  * [[https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions|Permissions]] needed to install AD Connect
  
  • azure/az-500/hybrid_identity.1656374949.txt.gz
  • Last modified: 2022/06/28 00:09
  • by mmuze