Skip to end of banner
Go to start of banner

Azure AD

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Synergetic Windows Client (SynMain) and Azure AD: Solutions for Authentication Compatibility

The Synergetic Windows client, SynMain (a FAT32 application), relies on Kerberos authentication to communicate with on-premises domain controllers (DC). However, when end-user devices are Azure AD-joined, the SynMain client doesn’t function as expected. This is because Azure AD does not natively support Kerberos authentication.

Below are the alternative solutions that can be implemented:

  1. Hybrid Azure AD Join (Recommended)

  • This solution allows laptops to be both domain-joined and Azure AD-joined.

  • Laptops can authenticate against on-premises Active Directory (AD) while also registering with Azure AD for cloud services.

  • In this scenario, the SynMain client continues to use domain credentials for authentication via the on-prem AD, ensuring that the application works as expected.

  1. Active Directory Domain Services (ADDS) in Azure

  • You can set up an Azure Virtual Machine running ADDS, which acts as a domain controller in the cloud.

  • This extends your on-premises AD infrastructure to Azure, allowing devices to authenticate with this domain controller.

  • By doing this, you maintain the traditional Windows authentication required by the FAT32 application while taking advantage of Azure AD’s cloud services.

  1. Remote Access or Virtualization

  • If modifying the environment is not feasible, consider deploying the FAT32 application on a virtual machine (VM) that remains domain-joined.

  • Users can then access this VM through Remote Desktop or a similar solution, ensuring the application functions as it would in an on-prem domain-joined environment.

Troubleshooting

TBC

  • No labels