IDP configuration in O365

By: Mohammed Farhan Urvakonda named 09 Oct 2017 at 5:42 a.m. CDT

16 Responses
Mohammed Farhan Urvakonda gravatar
Hi, Gluu Docs says we can directly input IDP details in Admin Panel in O365 (if we don't want to run through Connect-MsolService). Can you please guide how can we do that...
CentOS 6.5
closed

Answers

By Mohib Zico staff 09 Oct 2017 at 5:52 a.m. CDT

Copy
Mohib Zico gravatar
Hi, I don't have any O365 testing environment to provide the exact guide from SP side. If you can share your SP credential ( O365 admin panel credential ); we will try.

By Mohammed Farhan Urvakonda named 09 Oct 2017 at 6:08 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
Can we talk on call regarding the issue...

By Mohib Zico staff 09 Oct 2017 at 6:09 a.m. CDT

Copy
Mohib Zico gravatar
I think it's better to continue here, first. That will suffice.

By Mohammed Farhan Urvakonda named 11 Oct 2017 at 1:17 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
Hi, Sorry for delaying. I have created a dummy O365 admin account. I can give you the credentials of that...

By Mohib Zico staff 11 Oct 2017 at 2:06 a.m. CDT

Copy
Mohib Zico gravatar
Hi, Thanks. Please share credential and login link.

By Mohammed Farhan Urvakonda named 11 Oct 2017 at 2:44 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
https://login.microsoftonline.com/ login id: mohammedfarhan@testself.onmicrosoft.com password: Admintest@123

By Mohammed Farhan Urvakonda named 11 Oct 2017 at 2:52 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
I guess this is enough..right?

By Mohib Zico staff 11 Oct 2017 at 2:59 a.m. CDT

Copy
Mohib Zico gravatar
That will do. Thanks. Will that domain work? As far as I know... O365 require exactly same domain from organization.

By Mohammed Farhan Urvakonda named 11 Oct 2017 at 3:01 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
You can give a try... If it doesn't work please let me know.

By Mohib Zico staff 11 Oct 2017 at 2:33 p.m. CDT

Copy
Mohib Zico gravatar
Ok, I just checked and your Office365 is not connected with any ADFS. Without ADFS, you can't do SSO with any identity provider. Also.. I am sorry that I didn't read your initial comment properly... can you please tell where do you see this in our doc: >> Gluu Docs says we can directly input IDP details in Admin Panel in O365 (if we don't want to run through Connect-MsolService).

By Mohammed Farhan Urvakonda named 12 Oct 2017 at 2:46 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
Hi... Any update on O365...

By Mohib Zico staff 12 Oct 2017 at 2:53 a.m. CDT

Copy
Mohib Zico gravatar
We can't move forward without ADFS; please setup ADFS + connect O365 with ADFS and create a trust relationship from Gluu server with ADFS metadata. Also... please let us know where you saw below statement in our doc; we have to change that there. >> Gluu Docs says we can directly input IDP details in Admin Panel in O365 (if we don't want to run through Connect-MsolService).

By Mohammed Farhan Urvakonda named 12 Oct 2017 at 8:03 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
It's mentioned in the 3rd point under Register Gluu Server in O365 in the link https://gluu.org/docs/ce/3.1.1/integration/saas/office/

By Mohib Zico staff 12 Oct 2017 at 8:06 a.m. CDT

Copy
Mohib Zico gravatar
Where? I don't see anything like that.. it's clearing saying you need to use 'Powershell cmdlets'. ``` 3. Register Gluu Server in O365 - Install/Use Windows Server 2012 R2 - Install and Configure Windows Powershell cmdlets - Create a script and run through Connect-MsolService or you can provide values inside O365 admin panel. - For Gluu Server, values would be something like these: ActiveLogOnUri : https://<hostname>/idp/profile/SAML2/SOAP/ECP PassiveLogonUri : https://<hostname>/idp/profile/SAML2/POST/SSO DefaultInteractiveAuthenticationMethod : FederationBrandName : Gluu Inc. IssuerUri : https://<hostname>/idp/shibboleth LogOffUri : https://<hostname>/identity/logout MetadataExchangeUri : https://<hostname>/idp/shibboleth NextSigningCertificate : OpenIdConnectDiscoveryEndpoint : ```

By Mohammed Farhan Urvakonda named 12 Oct 2017 at 8:07 a.m. CDT

Copy
Mohammed Farhan Urvakonda gravatar
Create a script and run through Connect-MsolService or you can provide values inside O365 admin panel.

By Mohib Zico staff 12 Oct 2017 at 8:09 a.m. CDT

Copy
Mohib Zico gravatar
Ah!! this is totally wrong. There is no way we can do that... we definitely need ADFS. ADFS is 'the SP'. I am going to change the doc. Apologies for wrong info in the doc.

Post an answer