Azure AD Connect - Hybrid Identity

Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
On-premises AD can be integrated with Azure AD using Azure AD Connect with the following methods. Every method supports Single Sign-on (SSO):
Password Hash Sync (PHS)
Pass-Through Authentication (PTA)
Federation
For each method, at least the user synchronization is done and an account with the name MSOL_<installationidentifier> is created on the on-prem AD.
Moreover, both PHS and PTA support Seamless SSO to automatically sign in in Azure AD computers joined to the on-prem domain.
It's possible to check if Azure AD Connect is installed with this command from the AzureADConnectHealthSync module that is installed by default on installation of Azure AD Connect:
Get-ADSyncConnector
PHS
PHS - Password Hash Sync
PTA
PTA - Pass-through Authentication
Seamless SSO
Seamless SSO
Federation
Federation
Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Az - Local Cloud Credentials
Federation
Last modified 10mo ago