Autologin to Sharepoint Online (Office 365)

Hi !

I have a technical design question.

A client would like to use Sharepoint online as part of Office 365. But on one condition. The users first login to their local computers with AD accounts, and want to be able to open Internet Explorer and Sharepoint should login automatically. Sure, we can run AD FS or some other tools to sync passwords, but is there a way to autologon the Windows session with AD account to login to Sharepoint Online?

Perhaps a tool:)

THanks,
josef
LVL 1
joebilekAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

vaderjCommented:
SAML -
 O365 uses Microsofts authentication protocol so you could make an attempt to associate each of your users domain accounts with their associated MS login.  I dont think NTLM is an option in O365 (and for good reason!)
0
Adam BrownSr Solutions ArchitectCommented:
Realistically, your only two choices are ADFS and dirsync or Dirsync with Password syncing enabled (No ADFS). The more recent releases of Dirsync allow you to sync password hashes up to the cloud, so if you enable that when installing and configuring Dirsync, you can very easily do automatic login with your AD credentials. You just have to add the office 365 sharepoint domains as Intranet sites in Internet Options. You'll also need to make sure your users' UPN matches what is used in Office 365.
0
joebilekAuthor Commented:
According to Microsoft yes ADFS/Dirsync is there, but its not possible to make Sharepoint autologin this way. We spoke to our Account manager and partner service. Dont know for sure they know their stuff, so my idea was if someone has built som tool or used any other method?
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Vasil Michev (MVP)Commented:
What acbrown2010 said is true, it is possible with AD FS, you just need to adjust the browser settings as well. And by browser settings we mean IE, other 'superior' browsers dont really support all the needed functionality.
0
Adam BrownSr Solutions ArchitectCommented:
Open IE or Control Panel and open Internet Options. Go to the Security tab. Select Local Intranet, Click Sites, then Advanced. Enter *.sharepoint.com or whatever domain you are using for your sharepoint access domain in Office 365. Click Add. Click Close. This will ensure the appropriate permissions are granted to automatically pass username and password when prompted. Note that this will not affect browsers other than IE. Other browsers will require a login no matter what because they can't pass NTLM information. Also, you'll need to make sure the users that are synced to Office 365 with Dirsync have the necessary permissions.
0
joebilekAuthor Commented:
Hi, So the login into the computer has to be the mailadress? which is the login to sharepoint online?

Thanks
joe
0
joebilekAuthor Commented:
The AD domain xyz.local is not the Sharepoint online emailadress.. so how can we configure these to match?
0
Adam BrownSr Solutions ArchitectCommented:
Add a new UPN suffix in Active directory Domains and Trusts that matches a validated domain in your Office 365 tenant, change the UPN suffix for your users to be the new UPN suffix, then wait for Dirsync.
0
joebilekAuthor Commented:
Sounds promising. Is this a supported solution in terms of enabling all Sharepoint functionality using Internet Explorer? Its strange Microsoft didnt mention this.
0
Adam BrownSr Solutions ArchitectCommented:
Yes, it is. I have several clients working with that kind of set up right now.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
joebilekAuthor Commented:
Hello,

ok I added a UPN x.y@domain.xxx to UPN suffixes, changed to this on the specific user I am testing and rebooted my PC. Added the Sharepoint URL to Local intranet zones and still I need to logon.

Is there something I am missing ?

thanks a lot,
josef
0
Jonathan YergoCommented:
I'm very interested in setting this up. What kind of issues will I run into if the domain username differs from our Office 365 logins?

I'm not sure how it happened as this was not originally configured by me, but our environment utilizes Azure AD Connect (migrated from DirSync), and out logins are [first-initial][last-name]@domain.com, while our Office 365 usernames are that of our emails [first-name].[last-name]@domain.com. Mind, out local domain is "domain.lan".
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.