The new Azure AD sign-in and “Keep me signed in” experiences rolling out now!

---

Kelvin Xia wrote:
To support SharePoint mapped drives with ADFS, we recommend setting up PSSO which will result in the same logic as a user manually checking the old KMSI checkbox.
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-single-sign-on-settings#enable-psso-for-office-365-users-to-access-sharepoint-online

---

That claim did not work for me and my customers (tried it with two different setups), but MS support supplied the following claim rule, that works just perfectly:

c:[Type == "http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork"]
 => issue(Type = "http://schemas.microsoft.com/2014/03/psso", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType);

Using this rule gets rid of the username prompt "Pick an account". For my customer that is the solution to the problem.

Kelvin Xia: I'd be pleased to keep on working on the "Pick an account" prompt to get it working as designed.