Azure AD Authentication Using SSO #2184
AddisonBurn
started this conversation in
General
Replies: 1 comment
-
What do all these components do? Why are they needed? If Azure AD acts like an AD server from old, then it might offer a RADIUS interface that could be accessed directly via |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Is it technically possible to develop a plugin for strongswan that would authenticate users using email address and password against Azure AD (aka Azure Entra ID) using the Graph API or other supported methods (SAML, OCID, OAuth, etc.)? Or is there some limitation that makes IKEv2 authentication incompatible with those authentication methods?
I know that something similar can be accomplished using Azure AD connected to Azure ADDS connected to FreeRadius connected to StrongSwan but I would like to cut out the middle men for simplicity and cost.
The reason I want to do this is because we deploy all of our user PCs using Intune, I can deploy the necessary certificates using Intune and I could deploy the VPN configuration using Intune. Then when the user goes to connect they are forced to put in their SSO email and password and if they are in the StrongSwan users group in Azure, they are authenticated and connect, if they are removed from the group in Azure their VPN privileges are revoked.
If this is technically possible, where would I go about looking for a qualified developer to contract to do this development?
Beta Was this translation helpful? Give feedback.
All reactions