locked
Federated SSO With Intune and O365 RRS feed

  • Question

  • Hello,

    I've found a number of old queries on this subject but none which are recent or deal with our specific issue.

    We have O365 set up as follows:

    • DirSync is configured to sync users from our on premise AD to Azure AD.
    • We have ADFS v3.0 published through a Web Application Proxy.
    • We have successfully configured Federated SSO so we can log into O365 using our domain accounts.

    The symptoms of our problem are as follows: when our domain is configured as federated users cannot log into Intune. The user is redirected from Intune to our ADFS server to input credentials but the log in form just refreshes with the fields blank.

    If we configure our domain to be "standard",  users authenticating directly with Azure AD can log in successfully to Intune, O365 and Azure with the same account.

    Testing has shown:

    • The ADFS server issues a security token and O365 and Azure accept these for SSO auth.
    • The Intune service appears not to accept this security token.
    • The Remote Connectivity Analyser tests are successful.

    Is our ADFS server missing a relying party identifier for Intune? (I haven't been able to find any info on this).

    Should we be able to use the same ADFS set up for all services?

    Thanks,

    Simon.


    • Edited by Simon J Day Thursday, October 2, 2014 8:24 PM clarity
    Thursday, October 2, 2014 8:19 PM

Answers