Solved

Old On-Prem Active Directory as External Identity Provider

  • 9 December 2021
  • 3 replies
  • 425 views

Userlevel 7
Badge +18

We user Active Directory with a Windows domain that is older than 2016, so OpenID Connect isn’t available to us natively yet. If we don’t upgrade our domain before we upgrade to IFS Cloud, is it still possible to use AD to authenticate our users? Is there a third party tool that we can use to relay requests to expose our LDAP endpoint as the OpenID Connect protocol?

 

I think my question is essentially asking the same thing as this one, but some extra details in the context of IFS could be very useful to me here, please.

Active Directory as OpenID provider? - Stack Overflow

Keycloak is mentioned here as an option; has anyone here used it?

icon

Best answer by william.klotz 14 December 2021, 20:37

View original

This topic has been closed for comments

3 replies

Userlevel 7
Badge +18

Bump

Userlevel 7
Badge +18

Bump

 

Upgrading AD is a huge project.

Userlevel 7
Badge +21

Hi @durette ,

 

What version of Windows server and AD level are you running?    I believe with Windows 2012 onward you could subscribe to Azure AD and install a connector on-premise to sync on-premise and Azure AD which would allow you to configure IFS to use Azure AD authentication.

 

Regards,

William Klotz