Forum Discussion
ADFS SSO sign-in as different user
You should be able to start PowerShell as a different user (shift+right-click or use the runas cmd). For other programs, you can disable WIA/autologin by removing the AD FS URL from the local zone.
Vasil,
You state "you can disable WIA/autologin by removing the AD FS URL from the local zone" I assume you mean using settings in the IE11 browser, and the local Intranet zone? These are set by group policy and blocked. So going back to Gurdev's question, that implies a non-domain workgroup computer which has no group policy. Is there no other method?
For example, our situation, we have many ADFS federated partner websites besides Office365. We want the locally loggedin non-privileged user to continue to have single signon to all those sites, including Office365. But also have the ability, as in Gurdev's question, to occasionally specify alternative credentials. One of the ADFS partner's allows, this, namely ServiceNow. They offer an alternate URL called side_door. That URL allows the user to specify a different user and password. Does Office 365 have a "side door" alternative URL?
gperkins We have developed a solution to this issue. Please see my answer on the TechNet forums here: ADFS TechNet Forum
I hope that is useful.
Our organization was able to solve this problem and I documented the solution over on TechNet ("https://social.technet.microsoft.com/Forums/en-US/79c2050b-9977-4524-83a5-eb47d86e2f96/bypass-adfs-sso-url-side-door-into-portalofficecom?forum=ADFS") gperkins
