Questions on Office 365 Tenants integration

%3CLINGO-SUB%20id%3D%22lingo-sub-908191%22%20slang%3D%22en-US%22%3EQuestions%20on%20Office%20365%20Tenants%20integration%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-908191%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3EHi%20Community%2C%20%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EOne%20of%20our%20customer%20has%20the%20below%20environment%3A%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3EForest%20A%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EAD%3C%2FLI%3E%3CLI%3ECitrix%20thin%20clients%20are%20installed.%3C%2FLI%3E%3CLI%3EOffice%20365%20enabled%20with%20Teams%20licenses%20%3CSTRONG%3E(Tenant%20A)%3C%2FSTRONG%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EForest%20B%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EAD%3C%2FLI%3E%3CLI%3EADFS%20installed.%3C%2FLI%3E%3CLI%3ESSO%20is%20enabled.%3C%2FLI%3E%3CLI%3ELaptops%20are%20provided%20by%20vendor%20and%20those%20accounts%20are%20hosted%20in%20this%20AD.%3C%2FLI%3E%3CLI%3EOffice%20365%20enabled%20for%20Exchange%20mailboxes.%20%3CSTRONG%3E(Tenant%20B)%3C%2FSTRONG%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EThe%20fact%20is%20that%20the%20end-users%20would%20be%20using%20the%20Citrix%20Virtual%20Desktop%20environment%20in%20a%20full-screen%20mode.%20So%20while%20%3CSTRONG%3EForest%20B%20%2F%20Tenant%20B%3C%2FSTRONG%3E%20does%20provide%20workplace%20services%20(like%20a%20mailbox)%20the%20end-users%20would%20not%20access%20those%20directly%20from%20their%20desktop%20session.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3ERequirement%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CUL%3E%3CLI%3EAs%20a%20%3CSTRONG%3EForest%20B%20%3C%2FSTRONG%3Euser%2C%20the%20user%20should%20be%20able%20to%20log%20on%20to%20their%20laptop%20using%20%3CSTRONG%3EForest%20B%E2%80%99s%3C%2FSTRONG%3E%20AD%20credentials.%20(As%20they%E2%80%99ve%20SSO%20enabled%20they%20can%20access%20%3CSTRONG%3ETenant%20B%20%3C%2FSTRONG%3Emailboxes%20without%20entering%20the%20credentials%20again)%3C%2FLI%3E%3CLI%3EThen%20the%20user%20would%20be%20able%20to%20log%20on%20to%20the%20Citrix%20session%20using%20%3CSTRONG%3EForest%20A%3C%2FSTRONG%3E%20credentials.%3C%2FLI%3E%3CLI%3EUser%20would%20be%20able%20to%20use%20Teams%20with%20%3CSTRONG%3EForest%20A%20%2F%20Tenant%20A%3C%2FSTRONG%3E%20credentials%3C%2FLI%3E%3CLI%3EThen%20the%20user%20would%20be%20able%20to%20run%20an%20outlook%20fat%20client%20logging%20in%20using%20%3CSTRONG%3EForest%20B%20%2F%20Tenant%20B%3C%2FSTRONG%3E%20credentials.%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EQuestion%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETeams%20and%20Outlook%20clients%20from%20different%20O365%20tenants%20will%20create%20some%20issues%20and%20wanted%20to%20find%20out%20if%20such%20a%20scenario%20was%20supported%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20pointers%20would%20be%20of%20great%20help.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-908191%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EQuestions%20on%20Office%20365%20Tenants%20integration%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Frequent Contributor

Hi Community,

 

One of our customer has the below environment:

 

Forest A 

 

  • AD
  • Citrix thin clients are installed.
  • Office 365 enabled with Teams licenses (Tenant A)

 

Forest B 

 

  • AD
  • ADFS installed.
  • SSO is enabled.
  • Laptops are provided by vendor and those accounts are hosted in this AD.
  • Office 365 enabled for Exchange mailboxes. (Tenant B)

 

The fact is that the end-users would be using the Citrix Virtual Desktop environment in a full-screen mode. So while Forest B / Tenant B does provide workplace services (like a mailbox) the end-users would not access those directly from their desktop session.

 

Requirement:

 

  • As a Forest B user, the user should be able to log on to their laptop using Forest B’s AD credentials. (As they’ve SSO enabled they can access Tenant B mailboxes without entering the credentials again)
  • Then the user would be able to log on to the Citrix session using Forest A credentials.
  • User would be able to use Teams with Forest A / Tenant A credentials
  • Then the user would be able to run an outlook fat client logging in using Forest B / Tenant B credentials.

 

Question

 

Teams and Outlook clients from different O365 tenants will create some issues and wanted to find out if such a scenario was supported?

 

Any pointers would be of great help.