none
Hybrid Exchange AAD Joined RRS feed

  • Question

  • We have setup Exchange 2016 Hybrid latest CU etc.
    Moved my mailbox to O365 and all works well, free busy, autodiscover etc.

    Now i have a test Windows 10 device joined to Azure AD (not hybrid).
    Accessing my mailbox via Outlook is SSO but i also have a shared mailbox to open that is on-premises and this one causes a authentication prompt. 

    Is the authentication prompt for the on-premises mailbox expected behaviour or can we achieve SSO ?

    Thursday, July 18, 2019 1:41 PM

All replies

  • I would like to ask the following questions before the further troubleshooting:

    1. Which option did you choose to deploy the SSO? Password hash synchronization, pass-through authentication and AD FS?

    2. If you remove your delegated permission from the shared mailbox, then there would be no authentication prompt when opening Outlook, am I right? 

    I ask this because generally shared mailbox accessing required no credentials.

    Let me know the result.

    Regards,

    Manu Meng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Friday, July 19, 2019 8:22 AM
    Moderator
  • 1 We currently use ADFS

    2 We have Full Access on the mailbox, if we remove it also a prompt

    Will Exchange Modern Hybrid Authentication fix the issue ?

    Tuesday, July 23, 2019 8:10 AM
  • 1 We currently use ADFS

    2 We have Full Access on the mailbox, if we remove it also a prompt

    Will Exchange Modern Hybrid Authentication fix the issue ?

    If you are using ADFS, it is an expected behavior. Yes, Modern authentication will fix it.

    Regards,

    Manu Meng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thursday, July 25, 2019 9:27 AM
    Moderator
  • 1 We currently use ADFS

    2 We have Full Access on the mailbox, if we remove it also a prompt

    Will Exchange Modern Hybrid Authentication fix the issue ?

    If you are using ADFS, it is an expected behavior. Yes, Modern authentication will fix it.

    Regards,

    Manu Meng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thanks.

    Yo mention 'If you are using ADFS, it is an expected behavior.' will it not prompt when using pass hash or  passthrough auth ?

    Or is HMA only fix for this ?

    Thursday, July 25, 2019 1:20 PM
  • From my point of view, HMA is an option but if you want to get it confirmed with others Azure sign-on methods, you may ask it in Microsoft Azure  >  Azure Active Directory forum.

    Regards,

    Manu Meng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Monday, July 29, 2019 8:52 AM
    Moderator