Forum Discussion

Daniel Wahlgren's avatar
Daniel Wahlgren
Copper Contributor
Sep 19, 2016

Office365 login with ADFS and public Email addresses

Hi,

We have a scenario where a client wants to use private email addresses for login-credentials in Office 365.

We believe that we need to use ADFS for authentication, but not sure where to start to implement this for emailaddresses that might be john.doe@hotmail.com

 

The users only need to access sharepoint, prefarably via groups, and not using microsoft accounts.

 

Anyone have any thoughts?

Thanks in advance

Daniel Wahlgren

  • Define "private"? If they are associated with some vanity domain, you need to verify the domain in O365 and optionally setup password sync or AD FS. If you mean something like a google email address, no, it's not possible.

  • Daniel Wahlgren's avatar
    Daniel Wahlgren
    Copper Contributor
    Private meaning if the users could authenticate using John.doe@hotmail.com and a password into our ADFS, which authenticates and logs the user into Office365, where the actual username may be John.doe@tenant.onmicrosoft.com
    • Chris Brown's avatar
      Chris Brown
      Iron Contributor

      I'd say technically this would probably be doable. You'd look at configuring this user to have the UPN "john.doe@hotmail.com" and would have to modify the claims issuance rules to send a different value. Additionally, the user would have to have a password in your Active Directory against that object. Not pleasant.

       

      Technically doable? Probably. Clever? Probably not. This will introduce A LOT of complexity, pain, and lack-of-support, for minimal gain. 

       

      I'd very strongly suggest reevaluating your requirements here.

       

       

      EDIT: To clarify, you could configure AD FS to do strictly what you've asked, but as VasilMichev mentions above, using a public account's credentials against AD FS is not possible.

Resources