Having Azure AD does not prevent clients from also having Okta or any other 2FA provider for 2 factor authentication. In fact, I have worked with at least 10 clients in the last 2 years that used Azure AD for authentication but then something else for 2-factor depending on the type of apps.
Sometimes even within one company, there are multiple 2FA protocols, e.g. using Oracle single sign on for ERP apps but Okta for Citrix and other external facing apps.
I've actually created this setup (in order to ditch Okta as it is far more expensive than AAD P1 if you want MFA).
You federate AAD and Okta. Sign in to Okta and it's smooth sailing into AAD-based resources like M365.
Okta puts on a good dog and pony show for execs. From a technical perspective, they're no better for corps (at least in first party auth or B2B -- I don't get into the B2C space). We found, for the apps we used, AAD as of ~4 years ago had better SCIM support (!) than Okta.
On top of getting O365 E5 + Ent Sec (I think they're just now called M365 E5) which gave us AAD P2 licenses, overall it was much cheaper than Okta. The goal was to just get MFA, which Microsoft gives away for free (with limited toggles) or in P1 licenses (with more toggles) where-as Okta wanted $6/user/month _just for_ MFA.
Microsoft puts on a terrible sales pitch, though. We were fortunate enough to have an _awesome_ Principal Program Manager spend days with us in-person answering all of our questions and explaining AAD to our IT management.
I don’t know the specific setup, but the app passes you to AAD which passes you to a SAML source (Okta in this instance, but we use Cisco Duo). The SAML provider authenticates you, sets a cookie, then sends you back to AAD, which sets its own cookie, then passes you back to the App. (Or something like that.) if the next app you sign into is an AAD app, you pass through quickly, but if the next app you sign into uses SAML directly you have a cookie set for that as well.
We use AAD for O365 and the few apps that won’t use generic SAML, but everything else uses Duo directly. The reason for this is at our O365 license level we don’t get the ability to restrict access to applications by AD group—everyone or we have to manually manage access account by account.
Identity federation can be pretty complex to set up and administer, but once the trust relationship is configured and the identity mapping set up, it's pretty transparent to use. Source: I do this for a living.
Signing up for Office 365 gets the company in AzureAD as it is used for logging into 365 on the back end. And all the user accounts etc. You can have another identity solution and also Azure AD. Its just why would you when everyone needs an email and they are already in AAD
Absolutely nothing came of Microsoft bundling IE with Windows in the 90s in the US. There was never a day since IE came bundled with Windows that it wasn’t bundled with Windows . There was never s browser choice initiative - nothing.
Out of all of the anti trust allegations, bundling was the nothingburger. MS was forced to stop making OEMs pay for licenses for all of their PCs whether or not they came with Windows and they were forcing OEMs to not include Netscape, share APIS, and document file formats.
Microsoft Office (bundling) has been a thing since 1990 and today, every single major company bundles products together - Apple, Amazon (Prime), Microsoft, Google, Adobe, Salesforce (SFFC and Concur), etc.
Next up: no, “cable was not ad free when it was introduced”
The whole Windows/IE bundling fracas has to be looked at in the context of Microsoft not only having a lot of unsavory business practices--as did it's welded together at the hip partner Intel--but also it was seen in the eyes of a lot of people as on the way to utterly dominate computing once Unix got pushed out of the way.
Add in the dominance of Office and Microsoft's presumed dominance of mobile once that became ubiquitous and a lot of people were looking for any lever to use against the company. All this activity probably made Microsoft back off a bit in some areas and likely tarnished its aura of inevitability a bit--but it's not entirely clear that it made much difference in the end. (And there were certainly people at the time arguing that the Microsoft winning over all narrative was deeply flawed.
The nuance that you’re missing is that Microsoft was a monopoly found guilty of antitrust violations. Bundling has different consequence for them than non-monopolies or monopolies that that have not had antitrust convictions.
Yes, there was a version of Windows that did come unbundled, Windows N <level> that was targeted for EU users to comply with EU antitrust agreements. And there was a browser choice selection during OOTB configuration with the top 4 or 5 browsers in the marketplace.
Could an Okta have a claim against Microsoft similar to Netscape in the late 90's?