2

Our company is a Windows shop with Windows Active Directory deployed full time. We have a mix of Windows 7 and Windows 10 machines. I understand authentication of Linux machines when I am inside the company network. I am not sure how the authentication happens over the internet. Could somebody shed some light on how the authentication happens over the internet when I login to my Windows machine i.e. after boot up and in the login screen what are steps that happen when I put my AD user ID and password.

Also if ADFS is involved is there a way to know the servers involved so that I can configure my Linux machine?

PS: I am pretty sure that we do not do a VPN login.

mindentropy
  • 21
  • 1
  • 1
    Please note that ADFS is irrelevant when you login a windows machine. If you want to login a windows machine using your corporate credential in the non-VPN environment, the Azure AD join must be completed and your corporate accounts must be synced to Azure AD from the on-premises domain. – Jimmy Sun Feb 27 '17 at 08:34
  • Thanks. I know the machine join is complete. What do you mean by "corporate accounts must be synced" ? Also where can I get the Azure AD server name from? Would it be somewhere in the registry etc? – mindentropy Feb 27 '17 at 09:20
  • It means you need to synchronize your on-premises domain accounts to the cloud-side, which is the Azure AD (you need to purchase an Azure AD subscription for using it). Then after you complete a Azure AD join on your computers (only support win10 at this moment), the users will be able to login using the corporate account as the do in the intranet. More details about Azure AD join can be found here:https://docs.microsoft.com/da-dk/azure/active-directory/active-directory-azureadjoin-overview – Jimmy Sun Feb 28 '17 at 03:05

1 Answers1

1

Windows Active Directory client cache user credential to allow user auth when client has no access to domain. For some scenarios, it is enough. And it makes no sense to bother with Azure.

On Linux you can create similar behavior with sssd for example.

Slipeer
  • 3,295
  • 2
  • 21
  • 33