Seamless Single Sign-On

Get the “best of both worlds"

"You’ve been able to join a Windows device to Active Directory domains for as long as there have been Active Directory domains. 

With Windows 10, there is the ability to join Azure Active Directory. Azure Active Directory is a multitenant directory, so you aren’t joining a domain, you’re joining a tenant. And most of your organizations already have such a tenant, since it’s used by Office 365, Intune, Azure services, and many other things..." (by Michael Niehaus)

Why should we use Azure Active Directory?

Read: Mobile device management enrollment, AND single sign-on capability!

Azure AD offers a simplified joining experience, efficient device management, automatic mobile device management enrollment, and single sign-on capability for Azure AD and on-premises resources. An incremental step in this direction is to auto-Azure-AD join your on-premises joined Windows 10 devices.

On step back, Single Sign-on? Without ADFS? and without seamless-Sign-On?

In this video you will see a demo of SSO in Outlook Web Access. (OWA)

And how will these sign-on features reflect in Outlook 2016?

in this video you will see the creation of a new account in Outlook. Without entering a password, or entering credentials.

Seamless Single Sign-On...

Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components. (except Azure AD Connect)

Seamless sign on will let you sign-in easily without entering your password..

The Windows 10 EDGE browser isn't supported yet. that's too bad.. support is coming, they say..

See this comment: You don't need to join your device in Azure AD! Could be great for companies who will not evolve in the modern world we are living in today, and won't use Intune, and all great future to manage your modern workstations..

Would you like to combine these two great features?

You can use both features, it's very great when you're in transition joining all workstations to Azure Active Directory. Keep in mind that it would become difficult for your users if Seamless single sign-on will stop working when you are joining your device to Azure Active Directory. BUT you will have great experience in the edge browser!

Bring it all together

Would you use Seamless single sign-on? it's a difficult choice when you could give all your users the possibility to do SSO when the devices are joined to Azure.

but you could provide SSO for all browsers except edge with Seamless single sign-no (and it is not entirely true,..)

If you are willing to go with the new way of work, and would like to turn off your on-premises infrastructure, your on-premises domain controllers..

I’m sure you should look into the cloud, and beyond.. ??