Tip #671: Azure AD is your best friend even if you are on premises

Use backdoorYour CRM deployment is on premises, as is the rest of your IT infrastructure and services, and your bosses cannot be persuaded to consider Office 365, CRM Online or Windows Azure even for a second.

That means you know the pain of discovering that some of the on-premises services, like AD FS, are lagging behind in their capabilities. For example, AD FS 3.0 (Windows Server 2012) does not support OpenID Connect, OAuth password authentication for confidential clients (aka web sites), to name a few. And if you ever tried to configure multi-factor authentication, you know the real pain.

One of the scenarios you may want to consider: while maintaining your preccccious infrastructure, provision Azure AD and federate it with your on-premises domain. The result? Magically, you now have support for OpenID Connect (so you can try approaches previously unavailable to you), and MFA is an absolute breeze.

2 thoughts on “Tip #671: Azure AD is your best friend even if you are on premises

  1. Jeff Loucks says:


Leave a Reply

Your email address will not be published. Required fields are marked *