locked
ADFS Deployment with Existing Office 365 Tenant RRS feed

  • Question

  • We are currently using Azure AD connect to synchronize login credentials with Office 365. We are looking into ADFS for SSO but I cannot find any documentation on enabling ADFS in an existing Office 365 tenant. What are the risks associated with doing this? What will happen to existing Outlook and mobile configurations (ie will we need to reconfigure user profiles)? 

    Wednesday, December 28, 2016 4:19 PM

Answers

  • From an O365 perspective you must convert the domain in the tenant to Federated.

    Basically 3 commands in Windows Azure Active Directory PowerShell console

    Connect-MsolService –Credential $cred
    Set-MsolADFSContext –Computer adfs_servername.domain_name.com
    Convert-MsolDomainToFederated –DomainName domain_name.com

    But before you do that you need to setup and configure your ADFS environment.

    Generally there is no "risk" by converting to federated login in Office365, but you have to configure your ADFS environment so it works as it should before you make the change.

    Are you using any email services in Office365?


    Wednesday, December 28, 2016 5:33 PM