locked
Azure AD connect Passthrough using public subdomain RRS feed

  • Question

  • Hi, I am using azure AD connect Pass through. My requirement is customer have their public domain https://contoso.com  and attached with their azure tenant. now we have created new tenant and mapped with their public subdomain https://m.contoso.com. my question is can we use pass through without changing customer AD to authenticate using username user1@m.contoso.com. presently I am doing this by creating a user principal(Alias UPN) on customer ad user1@m.onmicrosoft.com. I don't want to touch customer AD. is this possible using changing editor rule.
    Friday, January 26, 2018 6:14 PM

All replies

  • Hi,

    I had a few clarifying Qs about your scenario:

    - Do you have 2 Azure AD tenants with 1 verified domain each? Or do you have 1 Azure AD tenant with 2 verified domains?

    - Do you want users to sign in with the subdomain only (i.e., user1@m.contoso.com), and not with the primary domain? What is your goal?

    - To clarify, you added the UPN suffix to one of your user's AD object and tested it out with Pass-through Authentication, and it worked. However, you don't want to do this for all users in AD. Is this right?

    - By "changing editor rule" do you mean the Sync rules editor in Azure AD Connect?

    Your scenario warrants a deeper discussion. Would you be willing to email your answers to our team alias (aadopauthfeedback@microsoft.com) so we can discuss offline? We can come back on this thread if there is a general solution that is applicable to other customers as well.

    Thank you for your interest in Pass-through Authentication.

    Regards,

    Swaroop

    Friday, January 26, 2018 9:59 PM
  • send you the mail.
    Sunday, January 28, 2018 1:58 AM