6zkch (6zkch) asked a question.
We recently setup WS-Federation with universal directory sync on our Office 365/Azure AD instance. We have all our users working and people are using the Okta to sign in. We have our Windows devices joined to Azure AD and Intune. Our Windows users sign into their computers using their Azure AD credentials (it's an Azure AD profile and we are cloud only). Since the migration users can still sign into their computers using their cached credentials, however trying to change the credentials using Ctrl-Alt-Delete or from the office portal is not permitted (as I would expect with the federation). My main question is are Azure AD profiles and this sign on method with Windows 10 supported in this configuration? Did I miss something in the support/configuration details that we haven't configured properly? I'm also wondering if all the our existing users will be blocked from signing in if the local cached credentials get cleared or expire? Should I look into migrating users to a local profile? I haven't been able to find any relevant support docs or posts so far. Any help would be greatly appreciated
Hi James,
Baver here from Okta Support Team.
Okta will only authenticate the users using it's credentials here. If I am not mistaken you want to know if a user from a federated domain can login into windows with Okta credentials. This will be a question more suited for Microsoft team. If you want to discuss this further with our team feel free to open a case with Okta Support.
Thank you,
Baver Deacu