Use OpenLDAP student/staff records as authentication to microsoft 365

ZALAZ NOR BIN MOHAMED DINI 1 Reputation point
2020-06-06T04:56:41.013+00:00

I have records of student and staff in OpenLDAP. I want to use these records for authentication of our Office 365's Organization . I'm planning to create a new server windows based (windows server 2019 database) as the middle man between my OpenLDAP and Ad Azure. Need advised.

Regards,
Zalaz

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
23,927 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,715 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jai Verma 451 Reputation points
    2020-06-06T05:57:48.457+00:00

    I am not sure how many users you are planning but it requires more than one server, speciaily, if you do not have active directory infrastructure in place.

    Let us understand possible options we have, if you want to use Microsoft technologies and servers to get your users authenticate against Azure AD

    1. Pass Hash Synchrnization - where you can sync users and thier passwords to Azure AD. This requires on premise AD, may be two Domain Controllers and One AAD Connect server
    2. PassThrough Authentication - Where a local agent will install on your on premise server and gets user authenticate using Active Directory. This also needs at least two Domain Controllers, one AADConnect Server and at least one PTA. This does not sounds suitable in your scenario
    3. Federartion - Where a local federation server( prefbly ADFS or any third party), two domain controllers and one Azure ADConnect server. ADFS running on 2019 can authenticate users from LDAP. Or you can use open source technology and setup SAML trust with Azure AD, but in that case you need at least two domain controllers + on Azure ADCOnnect server.
    No comments