Skip to main content
Solved

Old On-Prem Active Directory as External Identity Provider

  • December 9, 2021
  • 3 replies
  • 511 views
durette
Superhero (Customer)
Forum|alt.badge.img+19
  • durette
  • Superhero (Customer)
  • 537 replies

We user Active Directory with a Windows domain that is older than 2016, so OpenID Connect isn’t available to us natively yet. If we don’t upgrade our domain before we upgrade to IFS Cloud, is it still possible to use AD to authenticate our users? Is there a third party tool that we can use to relay requests to expose our LDAP endpoint as the OpenID Connect protocol?

 

I think my question is essentially asking the same thing as this one, but some extra details in the context of IFS could be very useful to me here, please.

Active Directory as OpenID provider? - Stack Overflow

Keycloak is mentioned here as an option; has anyone here used it?

Best answer by william.klotz

Hi @durette ,

 

What version of Windows server and AD level are you running?    I believe with Windows 2012 onward you could subscribe to Azure AD and install a connector on-premise to sync on-premise and Azure AD which would allow you to configure IFS to use Azure AD authentication.

 

Regards,

William Klotz

View original
If you find this forum useful, please consider paying back to the community in your own areas of expertise. If you ask for help in a private message, please know that I will likely repost it as a forum question (with your personal details redacted) and answer it publicly. -- Kevin Durette - https://www.linkedin.com/in/kevindurette
Did this topic help you find an answer to your question?
This topic has been closed for replies.

3 replies

durette
Superhero (Customer)
Forum|alt.badge.img+19
  • durette
  • Author
  • Superhero (Customer)
  • 537 replies
  • December 13, 2021

Bump

If you find this forum useful, please consider paying back to the community in your own areas of expertise. If you ask for help in a private message, please know that I will likely repost it as a forum question (with your personal details redacted) and answer it publicly. -- Kevin Durette - https://www.linkedin.com/in/kevindurette
durette
Superhero (Customer)
Forum|alt.badge.img+19
  • durette
  • Author
  • Superhero (Customer)
  • 537 replies
  • December 14, 2021

Bump

 

Upgrading AD is a huge project.

If you find this forum useful, please consider paying back to the community in your own areas of expertise. If you ask for help in a private message, please know that I will likely repost it as a forum question (with your personal details redacted) and answer it publicly. -- Kevin Durette - https://www.linkedin.com/in/kevindurette
william.klotz
Superhero (Customer)
Forum|alt.badge.img+21
  • william.klotz
  • Superhero (Customer)
  • 479 replies
  • Answer
  • December 14, 2021

Hi @durette ,

 

What version of Windows server and AD level are you running?    I believe with Windows 2012 onward you could subscribe to Azure AD and install a connector on-premise to sync on-premise and Azure AD which would allow you to configure IFS to use Azure AD authentication.

 

Regards,

William Klotz

durette
1 person likes this
  • durette
    durette
Terms & ConditionsCookie settingsAccessibility statement

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings