使用Azure AD对本地(集成Windows身份验证)应用程序进行身份验证 [英] Authenticate on premise (integrated windows authentication) application with Azure AD

问题描述

我们的客户使用azure，其活动目录中的azure与azure广告同步并配置了传递身份验证.

Our client uses azure where in our their active directory is synced with azure ad and configured pass-through authentication.

现在，我们需要配置内部应用程序(已配置集成Windows身份验证)以使用天蓝色广告进行身份验证，而无需对我们的应用程序进行任何更改.是否可以?我已经看过了Application Proxy，但它更多地介绍了启用对应用程序的远程访问.我们不想在网络外部公开应用程序.

Now we need to configure on premise applications (which are configured with Integrated windows authentication) to authenticate with azure ad without any changes to our application. Is it possible? I have looked at the Application proxy but it talks more on enabling remote access to the application. we don't want to expose application outside the network.

推荐答案

我认为您的意思是在天蓝色广告上启用SSO.

I think what you mean is enabling SSO on azure ad.

如果启用了SSO，并且您已登录Windows.，则不会显示天蓝色的登录屏幕.

If SSO is enabled and you are logged in to windows. , Logon screen from azure is not shown.

对于其他用户，显示登录屏幕，他们可以在其中输入凭据.请注意，其他用户必须单击取消"，然后身份验证逻辑才会引发登录错误.

For other users logon screen is shown where they can enter the credentials. Please note that other users have to click on cancel before the authentication logic throws login error.

请从下面的链接阅读IWA SSO.

Please read IWA SSO from below link.

位于 https://docs.microsoft.com/zh-CN/azure/active-directory/manage-apps/what-is-single-sign-on

这篇关于使用Azure AD对本地(集成Windows身份验证)应用程序进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！