ADFS 3.0 with Office 365: can we skip the password prompts? RRS feed

  • Question

  • Hello,

    We have ADFS running with Office 365. Our primary UPN is [domain].lan, but we have an alternative UPN for our Office 365 users, with [domain].com, which we use with ADFS. 

    This all works fine, in a sense that users can authenticate through ADFS with their federated identity. Skype for Business uses true SSO (they do not need to type their password, but are authenticated through their windows account). However, whenever a new online session is started (e.g. by opening https://portal.office.com in the browser), each uses needs to type in their password (on our Web Application Proxy web server), before they can access the Online Office 365 apps (OneDrive, SharePoint, etc.). Once the federated token is available, they can switch between the different apps without being prompted for the password.

    The next day however, this session has ended, and each user must authenticate once more to start a new session. But, since they're already signed into their PC, I'd like for Office 365 to use this identity to sign in, avoiding the need to re-enter the password.

    Is this possible? And, given that the primary UPN is not the same one as they use when signing in to ADFS and Office 365, do we need to do any extra configuration for this?

    Thanks in advance!

    Morgan - http://blog.morg.nl - @morgnl

    Monday, October 3, 2016 12:16 PM

All replies

  • Hello Morgan, 

    can you check if this forum page can  help 


    Linus || Please mark posts as answers/helpful if it answers your question.

    Thursday, October 6, 2016 8:02 AM
  • Any update here?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, October 11, 2016 10:14 AM
  • I don't think Akampa's post really applies here; we have only one forest, but with two UPN suffixes. I'm not even sure if this is the issue or not.

    Morgan - http://blog.morg.nl - @morgnl

    Tuesday, October 11, 2016 11:09 AM