Office 365 does not expose any web interface for setting up Single Sign-On, you must issue a few Powershell commands.
The following command require a Windows computer with Powershell ≥ 5.0 installed.
Setup Powershell environment
- Start Powershell as administrator and enter the following command:
Connect to Azure AD
- In Powershell, enter the following command and enter your Office 365 administrator credentials:
Change Office federation settings
- Issue the following command to load the certificate:
$cert = "MIIDXXX...XXXZWCxicZzKAgV"
The contents of the certificat is available on the setup page of your Trustelem application
- Choose a federation brand name for your organization, for instance:
$FederationBrandName = "mydomain.com"
- Execute the following commands (adapt the DomainName, the URLs and keep the backquotes characters ` ):
Set-MsolDomainAuthentication -DomainName mydomain.com -Authentication managed Set-MsolDomainAuthentication -DomainName mydomain.com ` -FederationBrandName $FederationBrandName ` -Authentication Federated ` -PassiveLogOnUri https://mydomain.trustelem.com/app/34XXX/sso ` -SigningCertificate $cert ` -IssuerUri https://mydomain.trustelem.com/app/34XXX/mydomain.com ` -LogOffUri https://mydomain.trustelem.com/app/34XXX/slo ` -PreferredAuthenticationProtocol SAMLP