Forum Discussion

Seth Van Heerden's avatar
Seth Van Heerden
Copper Contributor
Apr 16, 2018

Signle Sign On and Outlook

Good day. Hope you are all well. I have an issue with single sign on and the way it is affecting the outlook client. We set up o365 with our clients and all seemed to be working well, we finished the final touches and shortly afterwards one of the users started experiencing problems with the single sign on. Upon entering the outlook client, the user is prompted for a password to an account name@ggzar.onmicrosoft.com. I change the account name to the correct account i.e. name@business.org and sign in with the users credentials. 5 minutes later, it connects and the mail flows through. However, the mail on the users cellphone also crashes then restarts. If the mailbox isn't actively worked in, it disconnects again and the process must be repeated. Please help

Authentication
  • Dominik Hoefling's avatar
    Dominik Hoefling
    MVP
    Apr 16, 2018

    In short:

    Modern authentication is an authentication stack used by Office 2013 and 2016 client applications against Office 365. This authentication method allows the Office client application like Outlook to engage in browser-based authentication with the organization’s on-premises AD FS server, for example.

     

    Office client will behave as a Web Browser when authenticating, it will send the Access Token requests directly to the authentication provider.

     

    Depending on your on-premises infrastructure and configured features, I would refer to Vasil's answer and open a support case.

  • VasilMichev's avatar
    VasilMichev
    MVP
    Apr 16, 2018

    First of all, can you clarify what exactly you mean by Single Sign On, as the term can be loosely used to reference different things. Is this a federated scenario, or are you using the AAD Connect "seamless SSO" feature or? Also, did you check the user UPN, any form of SSO will only work with custom domains, not the default onmicrosoft.com domain. As a best practice, make sure that the UPN and the primary SMTP address match.

     

    You should also consider opening a support case, as these forums are not really intended to be a support channel and we can only give some basic suggestions without having access to additional data.

    • Seth Van Heerden's avatar
      Seth Van Heerden
      Copper Contributor
      Apr 17, 2018

      Hi Vasil,

       

      I am referring to the ADD seamless SSO. Custom domains have been set and the UPN and SMTP do match. I will raise this issue in a support case, thank you. 

Resources