Enabling Azure AD Single-Sign-On
Before starting this task, ensure that you create an application registration. For details, see https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal. The user interface on Microsoft Azure is subject to change without notice.
You must first complete the following steps before enabling SSO.
-
Ensure that your NAS has an x86 (Intel or AMD) processor.
-
Configure Azure site-to-site VPN. For details, visit https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal.
You can also add a custom domain name using the Azure AD portal for the on-premise Windows AD. For details, visit https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal and https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain.
-
Configure Azure AD Domain service. For details, see the following:
If you want to enable SSO on more than one NAS, you must repeat all of these steps on each NAS.