4 questions
Support Request: Hybrid IAM Authentication (AD & Microsoft Entra) in IIS
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 16%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Shri Krishna Ulithaya
0
Reputation points
Dear Microsoft Support,
We have an on-premises application that currently uses Active Directory (AD) as both a resource and Identity and Access Management (IAM) system. The application supports both Windows Authentication and Single Sign-On (SSO).
We are now integrating Microsoft Entra ID as an additional IAM solution. Our current configuration is as follows:
- If AD is the IAM provider, users authenticate via Windows Authentication.
- If Microsoft Entra ID is the IAM provider, users authenticate via SSO.
- Authentication settings in IIS are configured accordingly.
Now, we aim to support a hybrid IAM model, where authentication is dynamically determined based on the user or device:
- Users from AD should log in using Windows Authentication.
- Users from Microsoft Entra ID should log in using SSO.
However, we are facing challenges in logging in after configuring IIS with both Windows Authentication and Anonymous Authentication. We need guidance from Microsoft on how to properly configure IIS and handle authentication dynamically for both IAM systems.
Could you please assist us in resolving this issue ?
Best regards,
Shri Krishna
Flexera Software
Sign in to answer