question

Jinseng-6509 avatar image
0 Votes"
Jinseng-6509 asked ·

AAD Sign-Ins, but no Local AD sign-ins

We are configured with Azure AD Sync and ADFS for authentication. When a user signs in, they're directed to ADFS for authentication, and then back to the O354/Azure application. This records a Sign-In in the Azure Sign-Ins log, and it updates the LastLogon or LastLogonTimestamp attribute in our local Active Directory. We have one user with many Office 365 Exchange Online logins in the Azure Sign-Ins log, but their Local active directory attribute is not updated. Any thoughts on how this is happening? All of their AAD Sign-Ins for the last 7 days are for Office 365 Exchange Online, so I'm wondering if they're using Outlook and it just keeps updating an authentication token with AAD so it rarely hits our local ADFS server. Does that sound reasonable?

Thanks for any thoughts you have.

adfs
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

piaudonn avatar image
0 Votes"
piaudonn answered ·

The user goes to ADFS only if does not already have a valid token for Azure AD.

If the user is connected on an Hybrid Azure AD joined device for example, the user will have a PRT and the chance to go back to ADFS are really low.

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

That's what I guessed. Since this appears to be for Outlook, I'm assuming Outlook is maintaining the token and keeps refreshing it directly with AAD.

Thank you for confirming.

0 Votes 0 · ·