Forum Discussion
ADFS SSO sign-in as different user
We have federation configured with Azure AD using ADFS with SSO enabled. This is working as expected. However, one slight issue for the admin team who are required to sign-in using different privileg...
Vasil,
You state "you can disable WIA/autologin by removing the AD FS URL from the local zone" I assume you mean using settings in the IE11 browser, and the local Intranet zone? These are set by group policy and blocked. So going back to Gurdev's question, that implies a non-domain workgroup computer which has no group policy. Is there no other method?
For example, our situation, we have many ADFS federated partner websites besides Office365. We want the locally loggedin non-privileged user to continue to have single signon to all those sites, including Office365. But also have the ability, as in Gurdev's question, to occasionally specify alternative credentials. One of the ADFS partner's allows, this, namely ServiceNow. They offer an alternate URL called side_door. That URL allows the user to specify a different user and password. Does Office 365 have a "side door" alternative URL?
Our organization was able to solve this problem and I documented the solution over on TechNet ("https://social.technet.microsoft.com/Forums/en-US/79c2050b-9977-4524-83a5-eb47d86e2f96/bypass-adfs-sso-url-side-door-into-portalofficecom?forum=ADFS") gperkins