Failures can be extremely damaging to business operations, which is why Microsoft has announced that it will expand its “failure mode” in Azure to cover both web and desktop applications.
Azure Active Directory (Azure AD) is the software giant’s cloud directory responsible for managing authentication for Office 365, although it can also be linked to on-premises Active Directory. However, when it goes down, Microsoft customers cannot access the Azure portal to manage their cloud services.
Last year, the software giant updated the SLA for Azure AD to 99.9% from 99.9% and one way to do that is through a backup authentication service that replicates data. authentication during normal operations. If Azure AD fails due to a network outage or some other issue, the service goes into “outage mode” where it is able to verify requests and provide tokens to clients so that they can continue to service. work.
This backup authentication service has been available in Microsoft Outlook and SharePoint Online since 2019 and the company will now extend it to all native Microsoft applications, including Office 365 and Microsoft Teams, as well as third-party and customer-owned applications. running natively on an organization’s devices. .
Improved resilience to failure
According to a new blog post from Microsoft, when a failure of the Azure AD back-end service is detected, the backup authentication service automatically engages, allowing a user’s applications to continue running. However, as the primary service recovers, authentication requests are redirected to the primary Azure AD service.
In normal mode, the backup service stores critical authentication data, and successful Azure AD authentication responses to dependent applications generate session-specific data. This data is securely stored by the backup service for up to three days.
However, in outage mode, whenever an authentication request unexpectedly fails, the Azure AD gateway automatically routes it to the backup service. Requests are then authenticated, artifacts like refresh tokens and session cookies are verified as valid, and Azure AD looks for a strict session match in previously stored data.
Although Azure AD is now more resistant to failure, keep in mind that you will not be able to log into your work applications after purchasing a new laptop or workstation because the mode outage will only work on your existing devices.
We also presented the best dedicated server hosting, best cloud hosting and best VPS hosting
Via the register