question

sajithgh avatar image
0 Votes"
sajithgh asked JerryXu-MSFT edited

Federated authentication between Azure Active Directory and SharePoint on-premise 2013 Web Application.

The requirement is federated authentication between Azure Active Directory and SharePoint on-premise 2013 Web Application. The goal is to allow users to sign in on Azure Active Directory and use their identity to access the SharePoint on-premises sites.

There is an IOS Mobile App which is connected to SharePoint 2013 using Rest API uses basic authenticaion as shown below.From the mobile ios App, files are uploaded to SharePoint 2013 Document Libraries.

97373-basicauthentication.png




Also the Web Application contains SSRS Reports. How to handle permissions for these ? Is there any particular steps required for these ?

office-sharepoint-server-administration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JerryXu-MSFT avatar image
0 Votes"
JerryXu-MSFT answered JerryXu-MSFT edited

Hi, @sajithgh ,

For implementing federated authentication between Azure Active Directory and SharePoint on-premises, please follow this tutorial with detailed steps inside.

To configure a web application in SharePoint to trust the Azure AD Enterprise application created above. There are important rules to have in mind:

  • The default zone of the SharePoint web application must have Windows authentication enabled. This is required for the Search crawler.

  • The SharePoint URL that will use Azure AD authentication must be set with HTTPS.


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the information.

For https, can we have an organizational SSL Certificate or Third Party External Certificate like GoDaddy required ?

Does IOS App and SSRS Report will work as expected with Azure AD Authentication ?

0 Votes 0 ·

Hi, @sajithgh ,
Self-signed certificates are suitable only for test purposes. In production environments, we strongly recommend that you use certificates issued by a certificate authority instead.

For M365, basic authentication will be retired, if you are going to use Microsoft account in Azure AD for daily work, it may be better to consider moving to modern authentication. If only use the synced local AD accounts, they shall still work AFAIK.

0 Votes 0 ·

Thanks for the update.

Is it possible to revert the Azure AD Authenticaion ? After configuring Azure AD Authentication, how to remove from the SharePoint Environment ?

Can we use basic authentication for Azure AD Users (synced local AD accounts) ? For users only available in Azure AD, basic authentication will not supported right ?

0 Votes 0 ·
Show more comments