locked
one ADFS server use for multiple cloud services RRS feed

  • Question

  • Hi ,

    We have one On premises ADFS server which is currently being use for office 365 , now my question can we use same ADFS server for sales force too for single sign on ?

    We just want to archive single single sign on using this KB ( https://developer.salesforce.com/page/Configuring-SAML-SSO-to-Office365)




    • Edited by satya11 Thursday, April 28, 2016 11:17 AM
    Thursday, April 28, 2016 11:17 AM

Answers

All replies

  • Not sure I am following. You want to use the same user you are using to access Office 365 and access SalesForce?

    Yes you can. Just create a Relying Party Trust on your ADFS server to trust SalesForce.

    Now, the KB you are mentioning is not really doing that. Or am I missing something?


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, April 28, 2016 6:00 PM
  • Hi ,

    Thanks for this suggestion ,hope relaying group is the good idea, but if you will go through this kb( https://developer.salesforce.com/page/Configuring-SAML-SSO-to-Office365) step 5 IDP Issuer must be xxyz.mysalesforce.com .

    And we cannot change our Issuer URL.




    • Edited by satya11 Friday, April 29, 2016 8:38 AM
    Friday, April 29, 2016 8:38 AM
  • I don't understand the guidance they give either.

    You want to use Salesforce user to access Office 365? Is there such a thing as a Saleforce user?

    If you are using AD users, why would you create anything on Salesforce? I would assume that this: https://developer.salesforce.com/page/Single_Sign-On_with_Force.com_and_Microsoft_Active_Directory_Federation_Services is a better guidance. But again, I think I am missing something here...

    Others?


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Saturday, April 30, 2016 4:30 PM
  • There are a number of different possible use cases.

    1. ADFS as IDP, Salesforce as RP
    2. ADFS as IDP, Salesforce as Azure AD SaaS, AD synced to Office 365 via AD Connect.
    3. Salesforce as IDP, Office 365 as "RP", no ADFS.

    etc.

    The article refers to the 3rd use case.

    Your question refers to the 1st.

    @Pierre's link is the way to go!

    Sunday, May 1, 2016 7:10 PM