![]() If your users browse to with no domain, they’ll need to enter their username in the form This will redirect them to your domain sign-in page, at which point SSO will take over to log them in. At that point, you should be seamlessly signed in, and presented with a list of Office 365 apps available to you. Then, open up Internet Explorer or Edge, and browse to, where is your Office 365 domain. Log out and back in, or do a GPUpdate to refresh group policy. Click OK a few times, then close out of Group Policy Management. There, locate the setting Allow updates to status bar via script and enable it. Click OK twice, then browse to User Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Intranet Zone. Then, create a new Group Policy that applies to the group of users who you would like to enable for SSO.īrowse to User Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page, and then select Site to Zone Assignment List.ġ is the value that corresponds to the Intranet Zone in IE settings. ![]() This tells Internet Explorer, Edge, and Chrome that it’s OK to pass the user’s Kerberos ticket to Office 365, since by default this is only allowed for websites that are internal to your network.įirst, open Group Policy Management Editor as a user that has rights to edit your domain GPO. Next up, you’ll need to adjust your domain’s Group Policy to add the Azure SSO URL to the Local Intranet zone.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |