0

How can I configure Azure AD Domain Services to support GSS negotiation?

I see that in the on-premises AD it can be configured to "Require signature" to negotiate the authentication mechanism, but for Azure ADDS I can't locate any documentation about something similar. I also saw it mentioned that the on-prem method would not require signing if TLS is being used.

Is my only option to bind with Azure ADDS simple authentication over LDAPS?

JayBee
  • 11
  • 1

1 Answers1

0

Short answer: you can't.

This is due to how AADDS is meant to be used, you don't have admin access to manage anything DC level such as changing group policies, you're very limited on the type of management operations that you can do.

Reference: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-management-vm#available-administrative-tasks-in-azure-ad-ds

Noor Khaldi
  • 3,869
  • 3
  • 19
  • 28
  • Thank you for the documentation that you provided. Unfortunately, it doesn't explicitly call out the exclusion of setting up a negotiated authentication method when binding with LDAP. I wish MS would just say outright that it doesn't work. – JayBee Sep 04 '20 at 18:48