远离第三方身份提供商 [英] Coming away from third party Identity Provider
问题描述
您好,
我们目前拥有Office 365,我们的Azure目录同步由第三方服务管理,该服务不使用AD Connect,而是使用自己的API。一旦我们配置ADFS,我们的结束和设置AD Connect将打破Azure上的所有帐户,因为他们已经从我们的AD填充了
,或者一旦我们离开第三方并允许SSO再次重新启用同步?
We currently have Office 365 and our Azure Directory sync is managed by a a third party service who do not use AD Connect but their own API. Once we configure ADFS our end and setup AD Connect will this break all the accounts on Azure since they have already been populated from our AD or will this re-enable the sync again once we come away from third party and allow SSO?
此外,在我们离开第三方之前设置AD Connect会有问题,因为Azure会检索相同的内容来自我们的ADFS和我们的第三方身份提供商的帐户?
Also, would there be an issue with setting up AD Connect before we come away from our third party as Azure will be retrieving the same accounts from our ADFS and our third party identity provider?
谢谢,
彼得
推荐答案
如果帐户来自同一个Active Directory,会没事的。例如,您可以从AAD Connect切换到其他工具(如Okta)以执行同步。
If the accounts originate from the same Active Directory it will be fine. For example, you can switch from AAD Connect to other tools like Okta to perform synchronization.
如果这些是不同的Active Director,则用户的对象ID将不同所以会有重复。
If these are different Active Directories the object IDs will not be the same for the users so there will be duplicates.
这篇关于远离第三方身份提供商的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
