Skip to content

Commit 31ee0db

Browse files
martincoetzermartincoetzer
authored
Update choose-ad-authn.md
1 parent 1b17c53 commit 31ee0db

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

articles/active-directory/hybrid/choose-ad-authn.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -170,8 +170,8 @@ The following diagrams outline the high-level architecture components required f
170170
|What are the requirements for on-premises Internet and networking beyond the provisioning system?|None|[Outbound Internet access](../../active-directory/hybrid/how-to-connect-pta-quick-start.md) from the servers running authentication agents|[Inbound Internet access](/windows-server/identity/ad-fs/overview/ad-fs-requirements) to WAP servers in the perimeter<br><br>Inbound network access to AD FS servers from WAP servers in the perimeter<br><br>Network load balancing|
171171
|Is there a TLS/SSL certificate requirement?|No|No|Yes|
172172
|Is there a health monitoring solution?|Not required|Agent status provided by [Azure portal](../../active-directory/hybrid/tshoot-connect-pass-through-authentication.md)|[Azure AD Connect Health](../../active-directory/hybrid/how-to-connect-health-adfs.md)|
173-
|Do users get single sign-on to cloud resources from domain-joined devices within the company network?|Yes with Azure AD joined devices, the [SSO extension for macOS](../../active-directory/develop/apple-sso-plugin.md), or [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)|Yes with Azure AD joined devices, the [SSO extension for macOS](../../active-directory/develop/apple-sso-plugin.md), or [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)|Yes|
174-
|What sign-in types are supported?|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)<br><br>[Alternate login ID](../../active-directory/hybrid/how-to-connect-install-custom.md)<br><br>[Azure AD Joined Devices](../../active-directory/devices/concept-azure-ad-join.md)<br><br>[macOS SSO Extension](../../active-directory/develop/apple-sso-plugin.md)<br><br>[Certificate and smart card authentication](../../active-directory/authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)<br><br>[Alternate login ID](../../active-directory/hybrid/how-to-connect-pta-faq.yml)<br><br>[Azure AD Joined Devices](../../active-directory/devices/concept-azure-ad-join.md)<br><br>[macOS SSO Extension](../../active-directory/develop/apple-sso-plugin.md)<br><br>[Certificate and smart card authentication](../../active-directory/authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>sAMAccountName + password<br><br>Windows-Integrated Authentication<br><br>[Certificate and smart card authentication](/windows-server/identity/ad-fs/operations/configure-user-certificate-authentication)<br><br>[Alternate login ID](/windows-server/identity/ad-fs/operations/configuring-alternate-login-id)|
173+
|Do users get single sign-on to cloud resources from domain-joined devices within the company network?|Yes with [Azure AD joined devices (AADJ)](../../active-directory/devices/concept-azure-ad-join.md), [Hybrid Azure AD joined devices (HAADJ)](../../active-directory/devices/howto-hybrid-azure-ad-join.md), the [Microsoft Enterprise SSO plug-in for Apple devices](../../active-directory/develop/apple-sso-plugin.md), or [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)|Yes with [Azure AD joined devices (AADJ)](../../active-directory/devices/concept-azure-ad-join.md), [Hybrid Azure AD joined devices (HAADJ)](../../active-directory/devices/howto-hybrid-azure-ad-join.md), the [Microsoft Enterprise SSO plug-in for Apple devices](../../active-directory/develop/apple-sso-plugin.md), or [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)|Yes|
174+
|What sign-in types are supported?|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)<br><br>[Alternate login ID](../../active-directory/hybrid/how-to-connect-install-custom.md)<br><br>[Azure AD Joined Devices](../../active-directory/devices/concept-azure-ad-join.md)<br><br>[Hybrid Azure AD joined devices (HAADJ)](../../active-directory/devices/howto-hybrid-azure-ad-join.md)<br><br>[Certificate and smart card authentication](../../active-directory/authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](../../active-directory/hybrid/how-to-connect-sso.md)<br><br>[Alternate login ID](../../active-directory/hybrid/how-to-connect-pta-faq.yml)<br><br>[Azure AD Joined Devices](../../active-directory/devices/concept-azure-ad-join.md)<br><br>[Hybrid Azure AD joined devices (HAADJ)](../../active-directory/devices/howto-hybrid-azure-ad-join.md)<br><br>[Certificate and smart card authentication](../../active-directory/authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>sAMAccountName + password<br><br>Windows-Integrated Authentication<br><br>[Certificate and smart card authentication](/windows-server/identity/ad-fs/operations/configure-user-certificate-authentication)<br><br>[Alternate login ID](/windows-server/identity/ad-fs/operations/configuring-alternate-login-id)|
175175
|Is Windows Hello for Business supported?|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)<br><br>*Both require Windows Server 2016 Domain functional level*|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)<br><br>[Certificate trust model](/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs)|
176176
|What are the multifactor authentication options?|[Azure AD MFA](/azure/multi-factor-authentication/)<br><br>[Custom Controls with Conditional Access*](../../active-directory/conditional-access/controls.md)|[Azure AD MFA](/azure/multi-factor-authentication/)<br><br>[Custom Controls with Conditional Access*](../../active-directory/conditional-access/controls.md)|[Azure AD MFA](/azure/multi-factor-authentication/)<br><br>[Third-party MFA](/windows-server/identity/ad-fs/operations/configure-additional-authentication-methods-for-ad-fs)<br><br>[Custom Controls with Conditional Access*](../../active-directory/conditional-access/controls.md)|
177177
|What user account states are supported?|Disabled accounts<br>(up to 30-minute delay)|Disabled accounts<br><br>Account locked out<br><br>Account expired<br><br>Password expired<br><br>Sign-in hours|Disabled accounts<br><br>Account locked out<br><br>Account expired<br><br>Password expired<br><br>Sign-in hours|

0 commit comments

Comments
 (0)