Yes that’s exactly right. In federated environments, the authentication itself is performed by the “identification service” IP. It the creates a token that is signed and forwarded to the consumer who trusts it. It means the app and WAAD don’t do the password management. That is done by the folks who understand it best the IT admins INSIDE your business enterprise.
If a person forgets their password, they get it changed in AD. If someone leaves the org, in the event you disable their account in AD, they are instantly locked out of not only the AD integrated environments, but additionally the environments which are federated with the local AD such as WAAD based apps. Wonderful video!Kudos!Thanks a lot. I have a question here. We deliver Sharepoint Solutions and Installations for our clients.
We want to install Sharepoint as 3tier farm in an Azure VM and it needs AD for its authentication. But, one of our clients doesnt are looking to manage AD within Azure VM atmosphere and needs to use Office 365 for SSO. Due to one of the vital barriers of Sharepoint Online o365, they need a on prem SP put in but on a VM. The query is can we use O365 as identification service for sharepoint which is installed in one of several Azure Vms?If no, how can we combine O365, Sharepoint on Azure VM and Azure Active Directory.