In this, the second of two blog posts (read part one here), we will look at the process of installing Azure AD Connect with the new Pass-through Authentication option. I will then touch on “modern authentication” which has been around in the Office products for about a year now, but the interaction between modern auth and pass-through auth is particularly interesting when we start to thinkg about some of the more advanced features available in Microsoft’s product line-up.

NB: At the time of writing (January 2017), the Pass-through Authentication feature is in public preview. Do not use it in production.

A very mainstream configuration of Office 365 uses synchronised identity with password sync. This means that every time a user is authenticated, that authentication happens against Azure Active Directory rather than the on-premises AD. This was the configuration in our lab environment before the changes.

