Forsyte IT Solutions
Forsyte IT Solutions

Password Sync VS ADFS

Share This Post

Access Method ADFS DirSync w/ Password Verdict
Outlook 2010/2013 Prompted for credentials on first connection (and at each password change) with checkbox to remember them. Prompted for credentials on first connection (and at each password change) with checkbox to remember them. Draw, both have the same experience
ActiveSync, POP, IMAP Prompted for credentials on first connection (and at each password change) with checkbox to remember them. Prompted for credentials on first connection (and at each password change) with checkbox to remember them. Draw, both have the same experience
MS Online Portal, SharePoint Online, Office Web Apps Internal: Pop up offers click to sign in with no credentials required (External Forms Based Prompted) Prompted for credentials on first connection (and at each password change) with checkbox to remember them Better experience for ADFS while internal to company network, draw when external
OWA Internal: Seamless (External Forms Based Prompted) Prompted for credentials on first connection (and at each password change) with checkbox to remember them Better experience for ADFS while internal to company network, draw when external
Lync 2010/2013 Seamless (with Sign on Assistance installed for Lync 2010) Prompted for credentials on first connection (and at each password change) with checkbox to remember them. Better experience for ADFS

 

 

SSO Using ADFS

Pros Cons
 True SSO with minimum credential prompts  Additional infrastructure needed to deploy FS and Proxy FS
 Better security than when using DirSync’s password Sync  Added point of failure (even if multiple FS servers are deployed, this option brings in more dependencies for the setup to work)
   Additional cost involved with this setup
   SSL certificate from a public CA is needed and needs to be renewed on a periodic basis (cost/administrative work involved)
   More time/effort involved in setting up

 

DirSync with Password Sync

Pros and cons above reversed :)

In addition, based on my experience, for DirSync with Password Synchronization, you enable your users to use the same password they are using to logon to your on-premises Active Directory to logon to Windows Azure Active Directory. The users’ accounts and password are authenticated by Office 365, but for SSO with ADFS, the credentials are authenticated by the on premise ADFS server.

More To Explore

Schedule a Pen Test

The Guardian 365 Pen Test assesses your systems by simulating cyberattacks on internal resources, external resources, and web apps.

See identify configuration issues and vulnerabilities that external and internal attackers could use to exploit your systems. Sign up for a Guardian 365 Pen Test to enhance your security today!

Contact - Schedule a Pen Test
Name
Name
First
Last

EDUCATION LEADERS TALK SECURITY

You’re in the right place! Complete the form to hear the latest Guardian 365 security discussion featuring IT leaders from Spelman College and Spring Grove Area School District. You won’t want to miss this!

Guardian 365: Featured Webinar
Name
Name
First
Last

Cybersecurity Insurance Audit

Let us help you save money on your Cybersecurity Insurance by providing an audit of your current environment, and provide recommendations on how to reduce the cost of your insurance policy,

Contact - Cybersecurity Insurance
Name
Name
First
Last

Request a Demo

At Forsyte Guardian 365, we believe in transparency and hands-on experiences. Complete the form to request your personalized demo. Remember, security is not a luxury. It’s a necessity. Let’s empower your team with Guardian 365! 

Request a Demo

At Forsyte Guardian 365, we believe in transparency and hands-on experiences. Complete the form to request your personalized demo. Remember, security is not a luxury. It's a necessity. Let's empower your team with Guardian 365! 

Request A Demo
Name
Name
First
Last

Get Started

If you are experiencing a security breach or have detected suspicious activity, get help now.

Contact - Talk to an Expert
Name
Name
First
Last

Expert Recovery Services for Security Breaches

If you are experiencing a security breach or have detected suspicious activity, get help now.

Contact - Recovery Services
Name
Name
First
Last