Enabling Hybrid Modern Authentication - Change to Window 10 Outlook client authentication flow?

Question

We are looking to enable HMA to allow secured external access to Exchange on prem for iOS and Windows 10. iOS isn't a problem here, we understand the change to end user experience. For Windows 10, Outlook currently tunnels through a VPN to CAS. Users still leverage EAS basic auth, so we are not entirely sure how enabling HMA will change this flow.

Time and means unfortunately doesn't permit us to create a lab in which to carry out extensive testing.

Might anyone have encountered a similar challenge or provide insight as to the 'known' change in flow?

Thanks,

Answer 1

Hi @Roy Esteves ,
Regarding the changes and working methods after enabling Hybrid Modern Authentication, you can refer to: What changes when I use modern authentication?

According to the Microsoft' official article we could know that "Once you enable HMA, a client's next login will use the new auth flow. Note that just turning on HMA won't trigger a reauthentication for any client. The clients reauthenticate based on the lifetime of the auth tokens and/or certs they have.".
For more information: How to configure Exchange Server on-premises to use Hybrid Modern Authentication

----------

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.