This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 55.00000000000001%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
I have a client trying to determine how they wish to manage cloud identities. Here is their statement and question:
"We are still looking into whether to use AD Connect in PTA or Password Hash mode. We are also looking at purchasing SAML capable software. Would we be able to use Azure AD as our SAML ID source using either of the AD Connect modes?"
I've found articles indicating Azure AD itself can be a SAML source (or ADFS can be), but I haven't been able to find much about whether or not the AD Connect configuration has an impact on this.
Any information/recommendations are appreciated!
Thank you!
A cloud-based identity and access management service for securing user authentication and resource access
@Penny Morgan
I just wanted to check in and see if you required additional assistance or if you were able to resolve this issue?
Sure, Azure can be used as the SAML source in all three scenarios.
In all cases, Azure will know where to authenticate against as the Identity Provider.
Personally, PHS/SSSO is the way to go if you can :)
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn