堆栈内存溢出
  简体   繁体   English

Azure AD集成身份验证

[英]Azure AD Integrated Authentication

 原文  2017-12-12 10:05:10       asp.net/ azure/ azure-active-directory/ windows-authentication/ azure-authentication

问题描述

I want to implement something like the Windows Integrated Authentication, where the user data was read from your pc which was in the intranet of the organisation. 我想实现类似Windows集成身份验证的功能,在该系统中,可以从位于组织Intranet的PC中读取用户数据。

We have registered our organisation on Azure and set up the Azure AD and we have apps that use SSO to connect to the AD and retrieve user data from it. 我们已经在Azure上注册了我们的组织并设置了Azure AD,并且我们拥有使用SSO连接到AD并从中检索用户数据的应用程序。 We are also able to login to our devices with "name.surename@organisation.onmicrosoft.com" account. 我们还可以使用“ name.surename@organisation.onmicrosoft.com”帐户登录到我们的设备。

Questions: 问题:

  1. Is it possible to automatically authentificate the user to our web apps, just by using the pc login information? 是否可以仅使用PC登录信息就自动向我们的Web应用程序验证用户身份?
  2. Is there a Authentification Scheme that allows us to use the Azure AD to authentificate the user in a way it is done with the Windows Integrated Authentication 是否有一个身份验证方案,使我们可以使用Azure AD通过Windows集成身份验证的方式对用户进行身份验证

The end goal would be to have something like Windows Integrated Authentication but with the device in the Azure Domain of the organisation. 最终目标是拥有类似Windows集成身份验证的功能,但该设备必须位于组织的Azure域中。

1 个解决方案

解决方案1
 1  2017-12-13 01:58:52

1.Is it possible to automatically authentificate the user to our web apps, just by using the pc login information? 1.是否可以仅通过使用PC登录信息就自动向我们的Web应用程序验证用户身份?

Yes, It is possible. 对的,这是可能的。 But you need a lot of work to do. 但是您需要做很多工作。 You can configure your application for SSO with Azure AD. 您可以使用Azure AD为SSO配置应用程序。 This need Azure AD premium first. 这首先需要Azure AD高级版。

Then,you need to use Azure AD join to let your devices in your organization join Azure AD. 然后,您需要使用Azure AD联接来让组织中的设备加入Azure AD。 But this requires all your devices are windows 10. 但这要求您所有的设备都是Windows 10。

After joining Azure AD, you can use the Azure AD account to sign in your device and you will found that you can Single-Sign-On (SSO) to your Azure managed SaaS apps and services . 加入Azure AD之后,您可以使用Azure AD帐户登录设备,并且会发现您可以对Azure托管的SaaS应用程序和服务进行单点登录(SSO) Your users don't see additional authentication prompts when accessing work resources. 您的用户在访问工作资源时看不到其他身份验证提示。 The SSO functionality is even when they are not connected to the domain network available. 即使未将SSO功能连接到可用的域网络,SSO功能也是如此。

Is there a Authentification Scheme that allows us to use the Azure AD to authentificate the user in a way it is done with the Windows Integrated Authentication 是否有一个身份验证方案,使我们可以使用Azure AD通过Windows集成身份验证的方式对用户进行身份验证

I understand what you want. 我明白你想要什么。 Actually,Azure AD doesn't work as local AD and may not have some features as local AD. 实际上,Azure AD不能用作本地AD,并且可能没有某些功能像本地AD。 It doesn't support kerberos neither. 它也不支持kerberos。 As the above I mentioned, you can use Azure AD join to achieve what you want. 如前所述,您可以使用Azure AD连接来实现所需的功能。 Join your devices to Azure AD, you can just manage them via Azure AD because they are under your organization. 将设备加入Azure AD,因为它们在您的组织之下,所以您只能通过Azure AD对其进行管理。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Azure AD身份验证的自定义授权 - Custom authorization with Azure AD authentication 应用程序之间的Azure AD身份验证 - Azure AD authentication between applications 针对Azure AD的WebForms身份验证 - WebForms authentication against Azure AD Alexa技能和Azure AD身份验证 - Alexa skill and Azure AD authentication Azure AD身份验证以及Passport身份验证 - Azure AD Authentication alongwith Passport Authentication 使用Azure AD的Azure API APP身份验证 - Azure API APP authentication using Azure AD Azure AD 身份验证:重定向到原始页面 - Azure AD Authentication: Redirect to originating page 在遗留“aspx”项目中包含 Azure AD 身份验证 - Include Azure AD authentication in legacy “aspx” project 仅将Azure AD用于身份验证而不将其用于授权 - Use Azure AD only for Authentication and not Authorization 在现有应用程序中添加Azure AD身份验证 - Add Azure AD Authentication in the exiting applicaiton
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM