Setting up ADFS for Office 365 SSO RRS feed

  • Question

  • I am setting up ADFS for Office 365 SSO, using this step-by-step on Technet:


    For now it will be used just for Office 365 licensing be we will be migrating local exchange to 365 soon as well. 

    We have a root domain: Domain.local 

    and a sub domain: Sub.Domain.local

    Office 365 tenant: Domain.com

    We are still on local exchange; the local exchange servers exist in Domain.local, but all of our users exist in Sub.domain.local. 

    Where do I put the ADFS and DirSync Servers? In the root or sub domain? 

    Also to note; we are working on migrating in another company as part of a merger in to another sub domain here as well:


    With that being said; I believe the best thing to do here is to put the ADFS and DirSync servers in the root domain. With the servers in the root domain, I believe they will be able to allow SSO for sub domain users as well, correct?

    One other item regarding adding UPN Suffixes: I assume when I add the UPN suffix of domain.com to the root domain.local domains and trusts, the suffix will be available for the sub domains as well, correct? Also I assume this has no negative side affects on production users? 

    *note* the domain.com and .local are used for examples only, these are not my domains...*

    • Edited by commdudeaf Wednesday, May 24, 2017 12:30 PM
    Wednesday, May 24, 2017 12:21 PM