- Mastering Identity and Access Management with Microsoft Azure
- Jochen Nickel
- 146字
- 2021-07-02 12:57:26
Identity and password-hash synchronization including ADFS integration
With the implementation of the federation, all authentication is retained on-premises, and all passwords are stored on-premises only. All authentication traffic is redirected from Azure AD to the on-premises ADFS, which authenticates the user against a trusted AD domain. This scenario is commonly used in different company sizes if SSO is required and password-hash synchronization is prohibited due to \ security reasons.
The requirement is the usage of a federation service provider, such as ADFS in addition to Azure AD Connect in a highly available deployment.
The following diagram shows the identity and password-hash synchronization with ADFS scenario:
You can also combine the ADFS integration with password-hash synchronization to provide the capability if the on-premises infrastructure turns into an outage and users can still access their cloud services with their known password.
- 數(shù)據(jù)恢復(fù)方法及案例分析
- 黑客大曝光:無(wú)線網(wǎng)絡(luò)安全(原書第3版)
- 黑客攻防入門秘笈
- 工業(yè)物聯(lián)網(wǎng)安全
- 硬黑客:智能硬件生死之戰(zhàn)
- 情報(bào)驅(qū)動(dòng)應(yīng)急響應(yīng)
- 網(wǎng)絡(luò)安全設(shè)計(jì)、配置與管理大全
- 互聯(lián)網(wǎng)企業(yè)安全高級(jí)指南
- 網(wǎng)絡(luò)用戶行為的安全可信分析與控制
- 網(wǎng)絡(luò)安全實(shí)戰(zhàn)詳解(企業(yè)專供版)
- 華為Anti-DDoS技術(shù)漫談
- 交換機(jī)·路由器·防火墻(第2版)
- 黑客攻防從入門到精通:命令版
- 網(wǎng)絡(luò)安全監(jiān)控實(shí)戰(zhàn):深入理解事件檢測(cè)與響應(yīng)
- 信息組織