Home > How-to Guides > Single-Sign-On for Office 365 mailboxes authenticated through on-prem ADFS server

Single-Sign-On for Office 365 mailboxes authenticated through on-prem ADFS server

This article applies to the following products:

     Messageware ActiveSend O365

     Messageware OWA Desktop O365

 SUMMARY

The article provides information required to configure Single-Sign-On for Office 365 mailboxes authenticated through on-prem ADFS server.

CONFIGURATION

In order to enable Single-Sign-On please check the following:

  1. Internet Explorer browser’s setting has to be configured with ADFS server URL added to the Local Intranet zone

 

To confirm that the above configuration is correct, logon to Office 365, if no password is required then the configuration will work for both Messageware ActiveSend and MessagewareOWA Desktop as well.

 

  1. The following Deployment file flags should be configured depending on the scenario

 

If users logon to the computer using a domain account associated with a mailbox, and authentication occurs on-prem (e.g.ADFS  in a Hybrid environment), enable E-mail address and username auto populate by setting the following flags to true

 

<emailAddress>

      <autoPopulate>true</autoPopulate>

 

<userName>

        <autoPopulate>true</autoPopulate>

 

 

Moreover, the administrator must choose the format of the username field auto populated for users who match the format expected by the logon provider.

 

<!--autoPopulateUserLogonFormat values:= DownLevel | Upn -->

        <autoPopulateUserLogonFormat>DownLevel</autoPopulateUserLogonFormat>

 

DownLevel - domain\username (for example messageware.com\John) – this format is typically used for on-prem authentication

 

Upn - username@domain (for example John@messageware.com) – this format can be used for on-prem and/or O365 authentication