- Community Home
- >
- Software
- >
- HPE Morpheus Software
- >
- HPE Morpheus Enterprise
- >
- Morpheus integration with Azure AD with "condition...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2022 07:51 PM
06-22-2022 07:51 PM
Morpheus integration with Azure AD with "condition access mechanism" is supported or not?
Hello Experts,
One of our customers is planning to integrate Morpheus with Azure AD and they request a condition access mechanism while user log in to Morpheus.
The Morpheus user identity authentication mechanism needs to support real-time judgment of the current authentication risk status through specific conditions and rules, such as to force MFA authentication for geographic area or IP Range (ex. Log in through an IP outside the company, or the authenticated device does not install the latest security patches). Otherwise, if it is a low-risk authentication (ex. login through the company IP), you can log in Morpheus without MFA.
We know Morpheus can integrate AAD an AAD also supports conditional access.
We’d like to confirm with you if conditional access login is achievable while Morpheus integrate with Microsoft AD solutions that support conditional access ?
We appreciate if you could help to check on this and provide your inputs.
- Tags:
- users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2022 05:34 AM
06-23-2022 05:34 AM
Re: Morpheus integration with Azure AD with "condition access mechanism" is supported or not?
Hi @piyush.jain, I hope you are well today.
The local Morpheus authentication itself does not contain conditional access, or any geographic/IP range validation. So, local user authentication in Morpheus or other authentication mechanisms that don’t provide conditional access would be out of scope.
However, if they are using AAD as an authentication mechanism, as you mentioned, and want to turn on conditional access in AAD, I’d expect that to work without issue. In the case of a SAML connection like AAD is, the client does not really interact with Morpheus for authentication or validating that information, that would all be up to the Identity Provider (IdP).
This would be the general process:
- Client comes to Morpheus
- User clicks the SSO button
- The client gets redirected to AAD for authentication, MFA, conditional access, etc. (the IP is sent from the client to AAD directly)
- Once all the above is worked out by the IdP, they are sent back to Morpheus with an authentication token to let them in
Hope that answers your question! If not, feel free to elaborate here if I misunderstood.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2022 05:58 AM
06-23-2022 05:58 AM
Re: Morpheus integration with Azure AD with "condition access mechanism" is supported or not?
Thanks a lot for very precise and clear explanation.