How to implement Self-Service Password Reset in Azure AD Connect Then, the request information is encrypted with AES_GCM as described above and then sent on-premises via Azure Service Bus. The requests from the cloud service include the new password (encrypted with the public key described above), as well as metadata. In addition to this, a AES_GCM symmetric key is exchanged for use at runtime. The cloud backend only knows the public key and the Azure AD Connect keeps the private key. When Azure AD Connect is configured, a new private/public key is generated. RSA 2048 Private/Public key pair AES_GCM (256-bits key, 96-bits IV size) Now from a security perspective, the communication uses the following encryption mechanisms. The network channel used for password writeback operations (for example password reset) is initiated from the Azure AD Connect computer on-premises to the cloud service using Azure Service Bus this technology uses bi-directional sockets to enable the operations at runtime. The feature is run through Azure AD Connect but any actions done to it cannot be initiated directly. If you are concerned about the security, the feature itself is quite safe.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |