![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 26%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZN%3C/text%3E%3C/svg%3E)
Not Monitored
Tag not monitored by Microsoft.
40,975 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 45%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJV%3C/text%3E%3C/svg%3E)
I am not sure how many users you are planning but it requires more than one server, speciaily, if you do not have active directory infrastructure in place.
Let us understand possible options we have, if you want to use Microsoft technologies and servers to get your users authenticate against Azure AD
- Pass Hash Synchrnization - where you can sync users and thier passwords to Azure AD. This requires on premise AD, may be two Domain Controllers and One AAD Connect server
- PassThrough Authentication - Where a local agent will install on your on premise server and gets user authenticate using Active Directory. This also needs at least two Domain Controllers, one AADConnect Server and at least one PTA. This does not sounds suitable in your scenario
- Federartion - Where a local federation server( prefbly ADFS or any third party), two domain controllers and one Azure ADConnect server. ADFS running on 2019 can authenticate users from LDAP. Or you can use open source technology and setup SAML trust with Azure AD, but in that case you need at least two domain controllers + on Azure ADCOnnect server.