Why do they want to migrate to ADFS? We have workshops to help move OFF of ADFS https://techcommunity.microsoft.com/t5/community-events-list/microsoft-workshops-how-to-successfully-migrate-away-from-ad-fs/m-p/3668480 & https://www.microsoft.com/en-us/security/business/identity-access/upgrade-adfs
Migrating from Azure AD SSO authentication to ADFS
Hey guys
We are having a customer with the following setup.
- onPrem Active Directory with Azure AD Connect and Password Hash Sync (PHS) including SSO activation
- SSO for all M365 apps
- Integration of about 15 different external Cloud Apps, which Trust Relationship to Azure in order to use SSO in the browser
Now, the customer wants to migrate to ADFS authentication, in order to use onPrem MFA solution for all his apps in the future. How can we migrate all apps to use ADFS instead of Azure for Single Sign-On? I've seen the following post: mix-adfs-and-azure-ad-pta.html . But how would it affect the Apps if I migrate the domain to "ADFS Authentication" in Microsoft AD Connect? Would SSO still automatically work? And what do we need to take into account in regards to the two different SSO approaches: "PRT SSO" and "Seamless SSO". We currently don't know, what type of SSO the customer uses.
Thanks for your help!
1 answer
Sort by: Most helpful
-
Mark Morowczynski 251 Reputation points Microsoft Employee
2023-01-22T15:18:47.56+00:00