Outlook 2013 – Office 365 SSO (ADFS)

To enable SSO in Outlook with Office365 (through ADFS), you need to do a few things:

1. In Server Manager on the AD FS 3.0 server, click Tools, and then click AD FS Management.

2. In the AD FS snap-in, click Authentication Policies.

3. In the Primary Authentication section, click Edit next to Global Settings.

4. In the Edit Global Authentication Policy dialog box, click the Primary tab.

5. In the Extranet and Intranet sections, select the Forms Authentication check box.

6. Enable-AdfsEndpoint -TargetAddressPath “/adfs/services/trust/13/windowstransport”

7. Restart the “Active Directory Federation Services” on both ADFS servers.

8. Connect to your O365 Exchange via remote powershell:

a. $cred = get-credential

b. Enter your Office 365 administrator credentials.

c. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection

d. Import-PSSession $Session

e. set-organizationconfig -oauth2clientprofileEnabled $true

9. Add the following regkeys to your users using GPO:

a. HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL, DWORD, 1

b. HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\Version, DWORD, 1

Your users should now be able to use SSO in Outlook 2013!

Leave a comment

Your email address will not be published. Required fields are marked *