![]() This is not too big of an issue for the customer because they require a connection to their network prior to login, so authentication hits the DCs. ![]() , but would require AD FS for authentication for M365 services. ![]() The second option is setup the environment to handle Yubikey deplpoyment. This would allow the customer to deploy FIDO2 Keys like Yubikey to the employees, but would still require the initial setup of MFA in Azure AD (MS Authenticator App, Text, etc.) Here are a couple options I presented to the customer:įirst, I presented Cloud Trust Setup for Windows Hello for Business (WHfB). Wants to have MFA at the device level and for M365 Services Moving to a pure cloud infrastructure, Azure IaaS, Azure AD with Synchronized IdentitiesĤ. They have a stand-alone CA, bad practice, but it is what we are working withģ. Customer does not want AD FS, so we chose to go with Pass-Through Authentication as an alternative.Ģ. I have researched this pretty extensively for a customer and here are the challenges we have to overcome:ġ.
0 Comments
Leave a Reply. |