It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda Cloud Control

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

How to Authenticate On-Premise Active Directory with Microsoft Entra ID

Last updated on 2024-04-23 14:40:16

If your organization has an on-premise Active Directory with Microsoft Entra ID with Active Directory Federation Services (AD FS) enabled, users can sign in to both cloud and on-premise resources using Microsoft Entra Connect. For Barracuda Cloud Control services, you must use one of the following authentication methods:

Password hash synchronization (PHS) – PHS enables users to log in to Barracuda Cloud Control using the same username and password that they use on-premises without having to deploy any additional infrastructure besides Microsoft Entra Connect.
Pass-through authentication (PTA) – This option is similar to password hash sync, but provides a simple password validation using on-premises software agents for organizations with strong security and compliance policies.

For additional information, refer to the Microsoft article Microsoft Entra Connect user sign-in options.

Important

Federated Domains

By default, Microsoft Entra ID federated domains do not allow direct authentication. Once a domain is federated, all login requests are fulfilled by the federated service and therefore Microsoft Entra ID logins fail. To resolve this issue, you can stop federating the login domains. Use Microsoft Entra Connect to disable federation on the domains and instead use either the PHS or PTA authentication method described above.

If it is not feasible to stop federating the login domains, contact Barracuda Networks Technical Support for additional guidance.