E
Ewan Monro
Guest
After enabling Hybrid Azure AD join for a customer, SSO for a particular application is broken.
I have managed to build a non hybrid machine and the app works fine again.
What is different in the Authentication Process/Flow between Hybrid and regular Domain Joined?
My assumption is that once a machine is Hybrid Joined it defaults to use the Primary Refresh Token from Azure instead of Kerberos. Is there anyway to ensure a hybrid machines doesnt use PRT? or can anyone think of a way around this? The app is in house written and using 10 year old libraries that wont be aware of PRT and there is no way they will uplift as eventually this app is being replaced my Salesforce.
Any assistance would be greatly appriciated.
More...