As far as we know, the only feasible approach to realize custom security in SharePoint Online is to mirror all custom security principals in an Active Directory. To protect the productive Kerberos Token we would need to set up an additional AD Forrest to sync custom security groups to Azure AD.
This is very annoying because the implementation becomes unnecessarily complex and expensive.
As far as we know, the only feasible approach to realize custom security in SharePoint Online is to mirror all custom security principals in an Active Directory. To protect the productive Kerberos Token we would need to set up an additional AD Forrest to sync custom security groups to Azure AD.
This is very annoying because the implementation becomes unnecessarily complex and expensive.