It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Cloud Control

How to Authenticate On-Premise Active Directory with Azure AD

  • Last updated on

If your organization has an on-premise Active Directory with Azure AD with Active Directory Federation Services (ADFS) enabled, users can sign in to both cloud and on-premise resources using Azure AD Connect. For Barracuda Cloud Control services, you must use one of the following authentication methods:

  • Password hash synchronization (PHS) – PHS enables users to log in to Barracuda Cloud Control using the same username and password that they use on-premises without having to deploy any additional infrastructure besides Azure AD Connect.
  • Pass-through authentication (PTA) – This option is similar to password hash sync, but provides a simple password validation using on-premises software agents for organizations with strong security and compliance policies.

For additional information, refer to the Microsoft Azure article Azure AD Connect user sign-in options.

Federated Domains

By default, Azure AD federated domains do not allow direct authentication. Once a domain is federated, all login requests are fulfilled by the federated service and therefore Azure AD logins fail. To resolve this issue, you can stop federating the login domains. Use Azure AD Connect to disable federation on the domains and instead use either the PHS or PTA authentication method described above. 

If it is not feasible to stop federating the login domains, contact Barracuda Networks Technical Support for additional guidance.