AD - No password synchronization and SAML auth to identity apps.
I have been tasked with finding out if it is possible to use SAML to log in to identity apps from AD FS, and disable (or actually not enable) password synchonization between idv and AD.
That means, that the users passwords are indeed not in sync.
I've never done that before.
Is that possible?
That is the idea behind authentication using SAML, when you can use SAML to authenticate from AD FS to the User Application there should be no need for password synchronization since passwords do not play in this scenario. I did not test this and never did setup, but answer is based on SAML definition.