Forum Discussion
SSO to O365
I do not use ADFS and do not have to input my login for Web access. I am using ADSync with SSO. If you setup your Group Policy correctly with the proper sites. etc. And then setup 365 work account, and or do Hybrid Domain Join you do not need to login.
Here is the article I used to setup Seamless SIgn On, and it works quiet well. https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-sso
Hi Christopher,
It's also an option, but depends the requirements. Some customers will always use ADFS because of privacy of passwords and access services.
- In that case you can use the Azure AD Sync option with Password pass through as well.
PTA can work with AlternateId (using any attribute other than UPN), and so does AAD Connect SSO, so AD FS is not mandatory unless you have some very specific requirements. Now, if you need true "seamless" SSO, in all cases you will also have to configure some form of smart links, for any/all applications that do not send domain_hint information as part of the auth flow. Otherwise you will still have to enter the UPN (mail) of the user before SSO happens.
