From the course: Planning for Microsoft Entra ID
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Entra ID FS Authentication - Microsoft Entra ID (Azure Active Directory) Tutorial
From the course: Planning for Microsoft Entra ID
Entra ID FS Authentication
- [Instructor] Let's move on to the second sign in method, the Active Directory Federation Services Authentication. Here, in addition to the domain controller, you will also need an ADFS server and a WAP application proxy. All of them present On Premises. The synchronization here works in such a way that only user objects are synchronized to the Cloud but their password hashes are not. Password hashes are stored only On Premises, not in the Cloud. This is an important differentiating factor, remember that. The way for a user to authenticate locally is pretty much the same as before but if a user tries to authenticate to Azure AD, the whole logging session is redirected to the On Premises servers. They enter the password, which is validated against Windows Server Active Directory present On Premises. At no point during this process does the password even touch Azure AD. If the authentication is successful, a token is passed…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.