Microsoft Azure Active Directory

0
votes

Im kinda new to Windows server, but have been checking out Microsoft Azure and like the IaaS.

Just a question about SSO verse Azure Active Directory Sync.

Im moving my infrastructure into Azure, my base is a AD server, "dirsync" or AD FS server and a few web servers etc. We use Google Apps for Email, Calendar and Drive.

So I see that there are two ways to keep my AD directory and Azure directory in sync. SSO and Azure Active Directory Sync.

If I use Azure Active Directory Sync and not setup AD FS on a server with SSO, will I still be able to use SSO with my Azure Directory to Apps the Microsoft have in the Azure portal?

The only reason I would need a AD FS server if I had Apps/Services on site that I wanted to use SSO with, correct?

I plan to run, kayako and CrashPlan in two VM's in Azure. Both will use LDAP/AD for usernames/password authentication. But would be cool to get SSO for both webapps so employees can sing-on via the myapps.microsoft.com portal.

1
single-sign-onadfsazure-active-directory

1 Answers

-1
votes

The two ways are DirSync and AAD Sync. Refer: Synchronization Previews Now Available for Microsoft Azure Active Directory.

  • Sync = Same Sign On between on-premise and cloud
  • Sync + ADFS = Single Sign On between on-premise and cloud

Update

myapps.microsoft.com is for third-party vendors like SalesForce who have asked Microsoft to add them as a SaaS application to AAD. It's not for company specific apps.

For company specific apps., you need ADFS as above.

Having done that, if your user SSO's into your app. and then wants to use e.g. SalesForce, they won't have to login again.