Entra ID Integration with On-Premises Active Directory

Owned by Mont Rothstein
Last updated: Nov 28, 2023
2 min read

Entra ID was formerly Azure AD

The Foray ADAMS hosted solution integrates with Entra ID. This means that you can continue to manage accounts in your on-premises Active Directory and your users will be able to access the Foray ADAMS hosted solution with those same accounts. Disable an account on-premises and it will be disabled in the cloud.

You own the Entra ID account. You control it. Foray is merely granted limited rights so that authentication and authorization can occur.

Entra ID Government

The Entra ID tenant must be a Public/Commercial/Business tenant not an Azure Government tenant. This is because Azure Government currently has limitations such as limited support for collaboration. This is critical for sharing with external users. If you must use an Azure Government tenant please contact Foray Support to learn what options are available to you. As of February 2021 this limitation may be lifted. Microsoft’s documentation does not yet reflect this change. If a government tenant is desired please contact Foray Support for more information on how to verify if this will work.

Choose the Integration Method

Microsoft offers three different methods of integrating with Entra ID. Your first step is to choose the integration method you wish to use. You will then implement your chosen integration and activate syncing from your on-premises Active Directory to Entra ID.

The three integration options are:

  1. Password hash synchronization (PHS)

  2. Pass-through Authentication (PTA)

  3. AD Federation Services (AD FS)

Here are two resources to help you decide which is the best integration method for your organization:

What is hybrid identity with Microsoft Entra ID

Choose the right authentication method for your Microsoft Entra hybrid identity solution

AD Connect

All three integration methods use Azure AD Connect

What is Entra Connect?

Single Sign-On

Once you are integrated you can optionally configure single sign-on.

Microsoft Entra seamless single sign-on

Connecting the Foray ADAMS Applications

Once Entra ID has been integrated with your on-premises Active Directory the next step will be to connect the Foray ADAMS Applications with your Entra ID instance. To do this you will need some configuration parameters from Foray and to follow the steps in Connect Foray ADAMS to Entra ID. Please contact Foray Support when you are ready for this next step.

© 2023 Foray, LLC - All Rights Reserved