Hi Guys,
I have a sitution, we have a situation in which we want to use ADFS authentication for users accessing Office online.
We only want users who are a part of Intranet ( either connected to LAN or VPN ) to access office apps outside of it is not allowed . This means , we dont need ADFS Proxy Servers in DMZ.
Question is :
Once we install ADFS in intranet ( no proxy) , and just convert the domain in Azure from managed to Federated. It should work right ?
Any specific firewall related things i need to consider as my concern is that the Azure AD in the public internet will redirect the user to On-premise ADFS ( no proxy ) in Intranet.
Over all picture -
Domain in Azure AD (verified) - abc.com
On-premise ADFS DNS ( load balancer ) - sts.xy.abc.com
Your inputs would be very helpful.
Thanks
