Hi Everyone,
I'm looking through some 365 deployment options and have a scenario I'd really appreciate the communities opinion on-
So client has an on-premise AD and would like to move to Office365 and retain single sign on. Now I've setup Office 365/DirSync/ADFS before but the glaring issue was what happens when the local internet connection goes down and the ADFS service isn't available - presumably no-one could sign into 365 as AD wouldn't be available to issue the tokens to 365?
The first solution I could think of was to run AD/DirSync/ADFS in Azure or another cloud hosted VM environment to ensure high availability but that would add significant cost to a 365 deployment which is meant to "reduce" costs (Never quite as cheap as people think it will be!) I assume Azure must present an external IP address that would then allow for a LAN-LAN vpn to be created to the local site where a read-only domain controller could be used for local authentication purposes.
Does this sound feasible? something I've missed? - very interested to hear your experiences with SSO for 365!
Thanks,
Dan