We are looking at SSO using ADFS for a couple systems and were wondering if that means users have to have a domain account, we have a couple users that do not have an AD account and was wondering if it is possible to have a hybrid of SSO and local accounts.
Thanks in advanced!
I will speak specifically for UCM. The answer to your question is, no. When you enable SSO for UCM, the login URL's are directed to your IDp. So the user that is logging in must be resolvable in your IDp. Even though you can defined local end users in UCM End User page, if they are not in your IDp, then you will not be able to get them logged in.
For UCM admin pages, you can bypass IDp by choosing the recovery login to UCM admin, which will use the Application User accounts, but app users on UCM do not have the same capabilities as an end user. Additionally, the CCMUser pages will exclusively redirect to IDp, thus preventing app users from managing their users setting through the CCMUser pages.
Technical Marketing Engineer