SharePoint Online security tokens

Hi all,

The company I work for runs an on premise 2008 AD. We also have an Office 365 E3 license with user account information from the AD synced to O365 using Azure AD Connect service. We want to migrate our on premise file services to Sharepoint Online, but one requirement is that we are able to map the sites in Widows file explorer on the local workstations (either as a library or mapped network drive). Whilst we can map the sites as drives (by opening the site in IE and viewing in Explorer etc), it appears that the security association times out after a week. The only way we have found to re-establish the security association, is to repeat the afore mentioned steps of logging in via IE (far from ideal).

I’m aware that Microsoft have recently made changes so that the life time of security tokens for Sharepoint Online can now be extended (which will negate the need to re-authenticator every week), but I have seen conflicting information as to whether this can be achieved without an additional Azure AD license. Can anyone shed light on a solution, or point me to a well documented KB on how to extend the security tokens lifetime. At the moment, it’s delaying our adoption of Sharepoint Online (much to the irritation of my users).

Thanks,

Rob
RoadstoneUKAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
The method currently used for customizing token lifetimes will be deprecated soon, I would advise against going this route. An easy way to make sure the SPO token auto-refreshes is to simply put the SPO URL as a start page in the browser, you can populate this via GPO. If using AD FS, you can also take advantage of smart links and the LoginOptions paramter. If not using AD FS, advise the users to always enable the Keep me signed in option when prompted.
0
RoadstoneUKAuthor Commented:
Hi Vasil,

Many thanks for the feedback. After a fair amount of research, we have decided to use the OneDrive client functionality to make the Sharepoint document libraries available via windows explorer (rather than map them as drives / libraries). We're a fairly small organisation, so this should work well for us. For anyone interested, I thought this video here was rather informative.

Rob
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.