Office 365

Introduction

  • Office 365 does not expose any web interface for setting up Single Sign-On, you must issue a few Powershell commands.

  • The following command require a Windows computer with Powershell ≥ 5.0 installed.

Setup Powershell environment

  • Start Powershell as administrator and enter the following command:

    Install-Module MSOnline

Connect to Azure AD

  • In Powershell, enter the following command and enter your Office 365 administrator credentials:

    connect-msolservice

Change Office federation settings

  • Issue the following command to load the certificate:

    $cert = "MIIDXXX...XXXZWCxicZzKAgV"

    The contents of the certificat is available on the setup page of your Trustelem application

  • Choose a federation brand name for your organization, for instance:

    $FederationBrandName = "mycompany.com"
  • Execute the following commands (adapt the DomainName, the URLs and keep the backquotes characters ` ):

        Set-MsolDomainAuthentication -DomainName mycompany.com -Authentication managed
        Set-MsolDomainAuthentication       -DomainName mycompany.com `
        -FederationBrandName             $FederationBrandName `
        -Authentication                  Federated `
        -PassiveLogOnUri                 https://mycompany.trustelem.com/app/34XXX/sso `
        -SigningCertificate              $cert `
        -IssuerUri                       https://mycompany.trustelem.com/app/34XXX/mycompany.com `
        -LogOffUri                       https://mycompany.trustelem.com/app/34XXX/slo `
        -PreferredAuthenticationProtocol SAMLP