I'm not sure if the 'Microsoft' option in Captive Portal > User Authentication points to O365 these days, but you could try that. It's an older integration and referred specifically to Microsoft's 'use a Microsoft account' OAuth option, if I remember correctly.

You can set up your Azure ADDS DC in Directory Connector > Active Directory. Just be sure to check the 'Azure' box when setting up the DC.

They are asking for a host address and I am not sure what that is or where to find it. Checking Azure isn't working without that info.

Thanks.

By they, do you mean NG Firewall? The 'Host' attribute of the DC is the IP address of Azure ADDS. We wouldn't be able to tell you what to use there, but you should be able to find that address in your Azure config.

Please clarify.

Azure AD != Azure AD DS

The former is AAD, the latter is just a hosted Active Directory in Azure, and the configuration plane for that service details which vnet the service is hooked to, and this creates an endpoint with a private Azure IP address you can link to.

There's zero difference in working with Azure AD DS as it is with AD on prem, it's the same darned thing, and you need VPN access into Azure to link the LANs up if you want Untangle to be able to access it.

You will note, this also means you need Azure AD Connect running somewhere to sync the AD into AAD, which converts your AAD identities to hybrid identities with all the baggage that applies.

There is no way at present to have NGFW's captive portal authenticate with native AAD. Yes... it should have the ability by now, but it doesn't.