多个IAM提供商 [英] Multiple IAM Providers
问题描述
我对我的一个项目感到担忧,我需要一些帮助.我们将为A365服务将多个目录林迁移到AAD中.我们有2个独立的组织,都将迁移到我们的主租户中.我们计划通过Azure AD Connect进行设置.
I have a concern for one of my projects I need some help on. We will be migrating multiple forests into AAD for O365 services. We have 2 separate organizations that will all migrate into our master tenant. We are planning to set them up via Azure AD Connect.
这两个独立的企业中的每个企业都希望使用与主租户中使用的系统不同的自己的IAM系统(SailPoint,Octa,OneLogin等).我们可以将这些单独的林连接到AAD Connect,并且仍然让它们使用自己的IAM系统吗?
Each of these 2 separate businesses want to use their own IAM systems (SailPoint, Octa, OneLogin, etc) differeant from those used in the master tenant. Can we connect these separate forests to AAD Connect and still have them use their own IAM systems?
推荐答案
你好,
如果两个独立企业的用户不共享UPN后缀,则可能有不同的IAM解决方案.
If the users from the 2 separate businesses do not share UPN suffixes then it is possible to have different IAM solutions for them.
在Azure AD中,身份验证配置是每个域的.因此,假设您在azure广告中使用octa联合了business1.com,那么将使用octa对所有使用UPN business1.com的用户进行身份验证.然后,您可以使business2.com与Octa/ADFS/ping联合 等
In Azure AD authentication configuration is per domain. So let's assume you federated business1.com with octa in azure ad, then all the users with UPN business1.com will be authenticated against octa. You can then have business2.com federated with Octa/ADFS/ping etc.
我不确定这些提供商在这种情况下提供的服务范围. Azure AD仅将它们用于身份验证.
I am not sure about the extent of services these providers offer in this scenario. Azure AD will leverage them only for authentication.
希望这会有所帮助.
这篇关于多个IAM提供商的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
