Using Windows Passport for work without Azure AD RRS feed

  • Question

  • I am looking to find some information on Internet to implement Microsoft Passport for Work inEnterprises. We are a small Microsoft shop with various applications from other vendors.  We use Google Apps for our productivity applications and use Microsoft Windows workstations joined to AD environment. We run PKI using Microsoft Enterprise CAs. Most common login is by Smart Cards. But to reduce some of the infrastructures costs, we would like to evaluate if Microsoft Passport is an option for newer Windows 10 devices. We already have third party MDM (Xen Mobile from Citrix) to manage iOS, and Android devices. 

    Most of my research online indicates that Azure AD is required for Microsoft Passport to work with in Enterprises. Is this true? Can it only work with AD and not depend on Azure AD? Signing up for Azure AD for this very purpose seems like an over kill for us. If there are ways where Azure AD is not required, could you please point me to some docs?

    I also read online that custom IDPs will be supported based on FIDO protocol. Not sure if this is required as we hope to leverage out of box integration with AD. 

    To conclude,  could you please confirm or deny if Azure AD is required for AD on premise users in Enterprise scenarios? If Azure AD is required, are there any plans to support deployments with non Azure AD in your road map? If Azure AD is not required, could you please point me to some details?

    Thanks and Regards


    Sunday, January 1, 2017 5:11 AM