Azure Active Directory (AD) pass-through authentication
What are the key benefits of using Azure AD pass-through authentication and seamless single sign-on?
· Great user experience
· Users will be able to use the same passwords to sign into both on-premises and cloud-based applications.
· They spend less time talking to the IT helpdesk resolving password-related issues by completing self-service password management tasks in the cloud.
· With seamless single sign-on, users will be able to avoid entering passwords repeatedly while at work.
· Easy to deploy and administer
· No need for complex on-premises deployments or network configuration.
· Agent can be installed on-premises, require zero management, and auto update.
· Installing multiple agents will provide high availability out of box.
· Seamless single sign-on can also be turned on for customers using Password Hash Synchronization.
· Seamless single sign-on lets users register their non-Windows 10 devices with Azure AD without AD Federated Service.
· On-premises passwords will never be stored in the cloud in any form.
· The agent will only make outbound connections from within the customer’s network. Therefore, there's no requirement to install the agent in a perimeter network, also known as a DMZ.
· Pass-through authentication integrates with Azure AD’s cloud protection capabilities such as Conditional Access policies (including Multi-Factor Authentication), Identity Protection, and Smart Lockout to enable a highly secure sign-in experience for end users.
Visit the Pass-through Authentication documentation.
Watch the EMS Microsoft Mechanics pass-through authentication and seamless single sign-on video.
Visit seamless single sign-on.