Methods for Integrating Azure Active Directory with on-Premise Active Directory

Posted on Christian By Christian No Comments on Methods for Integrating Azure Active Directory with on-Premise Active Directory
Azure AD integration

In this article, we will learn the methods for Integrating Azure Active Directory with on-Premise Active Directory. Azure Active Directory (Azure AD) is a multi-tenant, cloud-based identity and access management service. Azure Active Directory (Azure AD) offers single sign-on (SSO) and multi-factor authentication. See the following articles for Azure AD Pass-Through Authentication with on-Premise AD, reasons to deploy AAD, and how to set up an Azure AD Tenant. Also, see the following article on how to add a custom domain in the Azure Active directory.

Updated: Azure AD is being renamed to Microsoft Entra ID. The service will continue to function as it does today, and all existing deployments, configurations, and integrations will continue to function as they do today. The display names of service plans will change on October 1, 2023. Azure AD Premium P1 and P2 offers are becoming Microsoft Entra ID P1 and P2, also included in Microsoft 365 E3 and E5

With Azure AD, you can protect your users from 99.9% of all cyberattacks. Below are the three steps in integrating Windows Active Directory (AD) with Azure Active Directory (AD). 

Methods for Integrating Azure Active Directory on on-premise AD
- Password hash synchronization (PHS)
- Pass-through authentication (PTA) and
- Federation (AD FS)

I will implement and test the integration with ADFS SS0 and Pass-Through Authentication.

  • Federation with single sign-on (SSO) ADFS: This option provides SSO capabilities + MFA option and does not store the password hash in the cloud.
  • Pass-Through Authentication: This option provides SSO abilities as well but does not have the option to use the MFA and does not store password hash in the cloud.

The Microsoft Hybrid Identity with Azure AD

Microsoft’s identity solutions extend both on-premises and cloud-based capabilities. These solutions create a common user identity for authentication and authorization to all resources, regardless of location. This is referred to as a hybrid identity.

Note: Azure AD Connect replaces legacy Directory synchronization (DirSync) or Azure AD Sync.  Azure AD Connect synchronize your on-premises Active Directory to Azure Active Directory.

This allows you to provide a common identity for your users for Office 365, Azure, and SaaS applications integrated with Azure AD. See the video on how to set up Azure AD Connect and synchronize your on-premises AD to AAD.

See how Federating with ADFS with Azure Active Directory works in theory.Lastly, we also have the Azure AD Password Hash Synchronisation. This is really not recommended as the credentials are saved in the cloud. Here is how the authentication happens in the cloud

I hope you found this blog post on the Methods for Integrating Azure Active Directory with on-Premise Active Directory helpful. If you have any questions, please let me know in the comment session.

5/5 - (1 vote)
AWS/Azure/OpenShift Tags:, , , , , , , , , ,

Related Posts

More Related Articles

intro to azure cloud shell The Overview of Azure Cloud Shell AWS/Azure/OpenShift
AWS Scheduled Events View Scheduled Events on AW using AWS Web Console and CLI AWS/Azure/OpenShift
Simple Notification Service AWS SNS Create Simple Notification Service (SNS) Notification on AWS AWS/Azure/OpenShift
Create an S3 Bucket Backup Repository: How to Create Amazon S3 buckets AWS/Azure/OpenShift
Generate SSH Keys Associate SSH Public key with Azure Linux VM AWS/Azure/OpenShift
Deploy to ACI Create Azure Container instance to deploy your image to Azure using Azure CLI AWS/Azure/OpenShift

Leave a Reply