You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises.md
+6-9Lines changed: 6 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ services: active-directory
6
6
ms.service: active-directory
7
7
ms.subservice: authentication
8
8
ms.topic: how-to
9
-
ms.date: 02/22/2022
9
+
ms.date: 08/22/2022
10
10
11
11
ms.author: justinha
12
12
author: justinha
@@ -101,13 +101,11 @@ Run the following steps in each domain and forest in your organization that cont
101
101
1. Run the following PowerShell commands to create a new Azure AD Kerberos Server object both in your on-premises Active Directory domain and in your Azure Active Directory tenant.
102
102
103
103
### Example 1 prompt for all credentials
104
-
> [!NOTE]
105
-
> Replace `contoso.corp.com` in the following example with your on-premises Active Directory domain name.
106
104
107
105
```powershell
108
106
# Specify the on-premises Active Directory domain. A new Azure AD
109
107
# Kerberos Server object will be created in this Active Directory domain.
110
-
$domain = "contoso.corp.com"
108
+
$domain = $env:USERDNSDOMAIN
111
109
112
110
# Enter an Azure Active Directory global administrator username and password.
113
111
$cloudCred = Get-Credential -Message 'An Active Directory user who is a member of the Global Administrators group for Azure AD.'
@@ -127,7 +125,7 @@ Run the following steps in each domain and forest in your organization that cont
127
125
```powershell
128
126
# Specify the on-premises Active Directory domain. A new Azure AD
129
127
# Kerberos Server object will be created in this Active Directory domain.
130
-
$domain = "contoso.corp.com"
128
+
$domain = $env:USERDNSDOMAIN
131
129
132
130
# Enter an Azure Active Directory global administrator username and password.
133
131
$cloudCred = Get-Credential
@@ -147,7 +145,7 @@ Run the following steps in each domain and forest in your organization that cont
147
145
```powershell
148
146
# Specify the on-premises Active Directory domain. A new Azure AD
149
147
# Kerberos Server object will be created in this Active Directory domain.
150
-
$domain = "contoso.corp.com"
148
+
$domain = $env:USERDNSDOMAIN
151
149
152
150
# Enter a UPN of an Azure Active Directory global administrator
@@ -164,13 +162,12 @@ Run the following steps in each domain and forest in your organization that cont
164
162
### Example 4 prompt for cloud credentials using modern authentication
165
163
> [!NOTE]
166
164
> If you are working on a domain-joined machine with an account that has domain administrator privileges and your organization protects password-based sign-in and enforces modern authentication methods such as multifactor authentication, FIDO2, or smart card technology, you must use the `-UserPrincipalName` parameter with the User Principal Name (UPN) of a global administrator. And you can skip the "-DomainCredential" parameter.
167
-
> - Replace `contoso.corp.com` in the following example with your on-premises Active Directory domain name.
168
-
> - Replace `[email protected]` in the following example with the UPN of a global administrator.
165
+
> - Replace `[email protected]` in the following example with the UPN of a global administrator.
169
166
170
167
```powershell
171
168
# Specify the on-premises Active Directory domain. A new Azure AD
172
169
# Kerberos Server object will be created in this Active Directory domain.
173
-
$domain = "contoso.corp.com"
170
+
$domain = $env:USERDNSDOMAIN
174
171
175
172
# Enter a UPN of an Azure Active Directory global administrator
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments