Nobody wants have to reset and distribute new passwords to dozens or hundreds of users. But removing SSO can be perilous too, as minimizing the impact to the users is critical. After many support cases, several being escalated very high within the Office 365 server support team and still being told “We know ADFS is broken right now, so please wait two weeks and try again”, it was clear that SSO just wasn’t ready for primetime. In practice, I don’t believe Microsoft truly has a handle on how to make this service reliable as of yet. In theory, Single Sign-On is a great capability that provides convenient transparent access to Office 365 services for users on your internal Active Directory domain. I recently had a scenario where a domain that was using Directory Sync and SSO (Federation) needed to be converted back to a Standard domain. What has not been great, however, is the implementation of Active Directory Federation Services with the Office 365 infrastructure when attempting to use Single Sign-On (SSO) to transparently authenticate local AD domain users to Office 365 services. ![]() Being a person who has had a long love/hate relationship with Microsoft products, I have to say that I have been very pleased with what Microsoft has done with the Office 365 suite – particularly with Exchange Online and SharePoint Online, the hosted versions of their popular messaging and collaboration products.
0 Comments
Leave a Reply. |