Managing Federation Services– Enabling Single Sign-On (SSO)

Share this:

Configuring an existent domain in Microsoft Azure to support Single Sign-On (SSO)

Solution


At this point in the game we have already installed, configured and prepare the Federation Services and in this last episode of this implementation we will enable SSO (Single Sign-On).

The first step is logged on the Federation Server (ADFS), open the  Windows Azure Active Directory Module for PowerShell.

The first step is to connect to the Microsoft Azure, and we can do that by running the cmdlet below. After running that cmdlet an authentication box will be displayed, we need to fill that out with our dialog box with the Microsoft Azure credentials

Connect-MSOLService

image8_thumb

Before performing any changes, we will list all the domains using cmdlet below. Domains listed as Managed do not have Single Sign-On (SSO) enabled.

Get-MSOLDomain

image17_thumb

In order to enable the SSO for our domain (in our Tutorial will be the domain apatricio.info) we need to run the cmdlet below, and after converting it to Federated we will list the domains again to check if the changes take place.

Convert-MSOLDomainToFederated –DomainName <domain.ca>

Get-MSOLDomain

image34_thumb

Testing the solution…

Logged on a computer in the domain, an user that has a mailbox in the Office365, can go to http://Office365.com, the next step is to click on Sign in located in the right upper corner. In the new page, type in the e-mail address and click on Sign in.

image37_thumb

If everything goes well a redirecting information will be displayed during the process, and the user will redirected automatically to the Office365 portal without being asked for password which means that our Federation Server is working properly.

image2

Conclusion


In this Tutorial we converted an existent domain to support Single Sign-On and tested the results on a client domain-joined machine.

Written by Anderson Patricio

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at ITPROCentral.com, MSExchange.org, Techgenix.com and Anderson Patricio.org (Portuguese).

Related Post

Restoring cloud services during an outage of the A... The Federation Server role is crucial when integrating on-premises with the Microsoft Cloud and in this article we are going to demonstrate how an out...
How to renew the ADFS certificate Replacing a certificate that is about to expire on the Active Directory Federation Services (ADFS) server. The process is simple and we will show all ...
Managing your UC Certificate to add support to ADF... Exchange Administrators that already purchased UC Certificate (Unified Communications) may take advantage of the multiple names accepted by this type ...
How to activate synchronization in Office365 We are going over the process to enable synchronization in the new Office 365 Administration Center and also using PowerShell.  Solution In s...