Download presentation
Presentation is loading. Please wait.
Published byBeverly Wilkins Modified over 9 years ago
13
Cloud Identity Windows Azure Active Directory Cloud Identity & Directory SyncFederated Identity Appropriate for Smaller orgs without AD on-premises Pros No servers required on-premises Cons No SSO No multi-factor authentication Two sets of credentials to manage with differing password policies IDs mastered in the cloud Appropriate for Medium/large orgs with AD on- premises Pros Users and groups mastered on- premises It enables coexistence scenarios Cons No SSO No multi-factor authentication Two sets of credentials to manage with differing password policies Single server deployment Appropriate for Larger enterprise orgs with AD on- premises Pros SSO with corporate credentials IDs mastered on-premises Password policy controlled on- premises Two-factor authentication possible It enables coexistence scenarios Cons High availability server deployments required
16
StructureDescriptionConsiderations Matching domainsInternal domain and external domain are the same i.e. contoso.com No special requirements Sub-domainInternal domain is a sub-domain of the external domain i.e. corp.contoso.com Requires domains to be registered in order, primary and then sub- domains Local domainInternal domain is not publicly “registered” i.e. contoso.local Domain ownership can’t be proved, must use a different domain: Requires all users to get new UPN Use SMTP address if possible Multiple distinct UPN suffixes in single forest Mix of users having login UPNs under different domains i.e. contoso.com and fabrikam.com AD FS QFE—to resolve this issue. Requires new switch in Windows PowerShell SupportMultipleDomain Multi-forestMultiple AD forest“External” FIM + Guidance
25
Sponsored by
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.