Microsoft yesterday announced that Azure AD Pass-Through Authentication and Seamless Single Sign-on are now available in public preview. These new features will allow organizations to integrate their on-premises identity infrastructure with Azure AD.
Azure AD Pass-Through Authentication:
Azure AD pass-through authentication provides a simple solution for these customers ensuring that password validation for Azure AD services is performed against their on-premises Active Directory, without the need for complex network infrastructure or for the on-premises passwords to exist in the cloud in any form.
Seamless single sign-on for all:
SSO is a feature that is enabled through AAD Connect and works with Password hash sync or Pass-through authentication and your on-premises Active Directory. For your end users to use single sign on in your environment, you need to ensure that users are:
- On a domain joined machine
- Have a direct connection to a domain controller, for example on the corporate wired or wireless network or via a remote access connection such as a VPN connection.
- Define the Kerberos end-points in the cloud as part of the Intranet zone.
When Azure AD pass-through authentication is combined with Single Sign on, users need not type their password to log in to Azure AD or other cloud services, providing these customers with a truly integrated experience on their corporate machines.
Read more about these features here.