In this article i’ll describe how to successfully set up Seamless Single Sign-on with Azure AD Connect and Office 365.
What is Azure AD Seamless SSO?
Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don’t need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components.
This articles assumes you have an active Azure Ad Subscription and a Administrator account which can access your Office365 admin centre.
Before we get started
In order to configure Seamless SSO you will need to install Azure Ad Connect on Windows Server 2012 R2 or later, you cannot configure SSO on Server 2008R2.
If like myself you already have Azure AD Connect set up to synchronise email addresses with Office 365 you can configure your current setup to enable SSO. In my case i am using Azure AD Connect on WS 2008r2, so i will need to install it on a newer Windows 2012 R2 instead, for more information on how to do this, follow my article on Migrating Azure AD connect from Windows Server 2008 to Server 2012 R2.
Install Azure Ad Connect Tool from Microsoft via the following link: https://www.microsoft.com/en-us/download/details.aspx?id=47594.
*If you already have Azure Ad Connect installed, run the program and choose configure – This will temporarily disable synchronisation to office 365 so is best to do out of hours.