Forum Discussion
Office365 login with ADFS and public Email addresses
Hi,
We have a scenario where a client wants to use private email addresses for login-credentials in Office 365.
We believe that we need to use ADFS for authentication, but not sure where to start to implement this for emailaddresses that might be john.doe@hotmail.com
The users only need to access sharepoint, prefarably via groups, and not using microsoft accounts.
Anyone have any thoughts?
Thanks in advance
Daniel Wahlgren
- Dean_GrossSilver Contributor
I would take a close look at Azure B2B for this scenario, see https://blogs.technet.microsoft.com/educloud/2016/08/16/azure-ad-b2b-walkthrough/ to get started
Define "private"? If they are associated with some vanity domain, you need to verify the domain in O365 and optionally setup password sync or AD FS. If you mean something like a google email address, no, it's not possible.
- Daniel WahlgrenCopper ContributorPrivate meaning if the users could authenticate using John.doe@hotmail.com and a password into our ADFS, which authenticates and logs the user into Office365, where the actual username may be John.doe@tenant.onmicrosoft.com
- Chris BrownIron Contributor
I'd say technically this would probably be doable. You'd look at configuring this user to have the UPN "john.doe@hotmail.com" and would have to modify the claims issuance rules to send a different value. Additionally, the user would have to have a password in your Active Directory against that object. Not pleasant.
Technically doable? Probably. Clever? Probably not. This will introduce A LOT of complexity, pain, and lack-of-support, for minimal gain.
I'd very strongly suggest reevaluating your requirements here.
EDIT: To clarify, you could configure AD FS to do strictly what you've asked, but as VasilMichev mentions above, using a public account's credentials against AD FS is not possible.