question

MayurMaster-2553 avatar image
0 Votes"
MayurMaster-2553 asked amanpreetsingh-msft answered

AADDS - Custom Domain federated with onprem ADFS

Hi
I have AADDS setup on custom domain. Domain is federated with on-premises ADFS servers.
Will I be able to join my Azure VMs to custom domain which is setup on AADDS?

azure-active-directoryazure-ad-domain-services
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered

Hello @MayurMaster-2553

The answer to your question would depend on whether you are synchronizing Password Hashes to Azure AD or not. To authenticate users via NTLM or Kerberos, Azure AD Domain Services needs access to the password hashes of user accounts.

Usually in a federated directory, password hash synchronization to Azure AD is not configured as the authentication is done against On-premises Active Directory via ADFS. Therefore, Azure AD Domain Services doesn't work with such Azure AD directories.

However, if you're using Azure AD Connect for password hash synchronization, you can use Azure AD Domain Services with federated domain because the password hash values are stored in Azure AD.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.