You should be able to do this without any customization in AEM by
integrating AEM with ADFS via SAML. I don't know the details of how to
configure domain authentication (which I think is what you are
describing) in ADFS, but I suspect it is fairly straightforward.FWIW,
inside Adobe we do something similar, although we use Okta, not ADFS.
Although we require MFA for most internal applications so even though I
never enter a password when I'm on the corporate network, I have to
accept a push messag...