LAB 2: Identity Management



Similar documents
LAB 1: Installing Active Directory Federation Services

SPHOL300 Synchronizing Profile Pictures from On-Premises AD to SharePoint Online

Migrating Exchange Server to Office 365

Office 365 DirSync, ADFS, Single Sign On and Exchange Federation

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Lync Online Deployment Guide. Version 1.0

Test Lab Guide: Creating a Windows Azure AD and Windows Server AD Environment using Azure AD Sync

Special thanks to the following people for reviewing and providing invaluable feedback for this document: Joe Davies, Bill Mathers, Andreas Kjellman

Table of Contents Introduction... 2 Azure ADSync Requirements/Prerequisites:... 2 Software Requirements... 2 Hardware Requirements...

Mod 2: User Management

AVG Business SSO Connecting to Active Directory

Before you begin with an Exchange 2010 hybrid deployment Sign up for Office 365 for an Exchange 2010 hybrid deployment... 10

How to install and use the File Sharing Outlook Plugin

User Management Tool 1.5

Office 365 deployment checklists

Office 365 deploym. ployment checklists. Chapter 27

Cloud Services ADM. Agent Deployment Guide

Lotus Notes 6.x Client Installation Guide for Windows. Information Technology Services. CSULB

Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2

Team Foundation Server 2012 Installation Guide

ExecProtect Armored Office AD FS 2012 R2 with O365 Demo Guide

Introduction to Unified Device Management with Intune and System Center Configuration Manager

Configuration Guide. BES12 Cloud

Bill Fiddes Learning and Development Specialist Rob Latino Program Manager in Office 365 Support

AUTOMATED DISASTER RECOVERY SOLUTION USING AZURE SITE RECOVERY FOR FILE SHARES HOSTED ON STORSIMPLE

Toll Free: International:

Important Notes for WinConnect Server VS Software Installation:

Installation Guide v3.0

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Virtual Office Remote Installation Guide

Managing Office 365 Identities and Services 20346C; 5 Days, Instructor-led

Course 20346: Managing Office 365 Identities and Services

WhatsUp Gold v16.1 Installation and Configuration Guide

Managing Office 365 Identities and Services

Managing Office 365 Identities and Services

Migration guide. Business

SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Backup and Restore

DEP S REMOTE ACCESS USER GUIDE

Hosting Users Guide 2011

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

Trial environment setup. Exchange Server Archiver - 3.0

Dial-up Installation for CWOPA Users (Windows Operating System)

Secret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2

AvePoint CallAssist for Microsoft Dynamics CRM. Installation and Configuration Guide

WhatsUp Gold v16.3 Installation and Configuration Guide

Cloud-Accelerated Hybrid Scenarios with SharePoint and Office 365

LAB: Enterprise Single Sign-On Services. Last Saved: 7/17/ :48:00 PM

RoomWizard Synchronization Software Manual Installation Instructions

HOTPin Integration Guide: DirectAccess

Sage 200 Web Time & Expenses Guide

SJRWMD Cloud-Based Quick-Start Guide

SAML based Single Sign-on integration for:

Before you begin with an Exchange 2010 hybrid deployment Sign up for Office 365 for an Exchange 2010 hybrid deployment... 10

Ascend Interface Service Installation

Converting Prospects to Purchasers.

Sage Intelligence Financial Reporting for Sage ERP X3 Version 6.5 Installation Guide

ADFS Integration Guidelines

3 Setting up Databases on a Microsoft SQL 7.0 Server

What you need to know about DirSync - our experiences with DirSync and Office 365, by David Parizek and Henry Verlander.

WhatsUp Gold v16.2 Installation and Configuration Guide

Active Directory Management. Agent Deployment Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Installing Policy Patrol on a separate machine

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Protected Trust Directory Sync Guide

User guide. Business

LepideAuditor Suite for File Server. Installation and Configuration Guide

Active Directory Management. Agent Deployment Guide

Customizing Remote Desktop Web Access by Using Windows SharePoint Services Stepby-Step

8.10. Migrating to Microsoft Office 365

Azure AD Connect with Single Sign-on on Azure Tenant

Security Assertion Markup Language (SAML) Site Manager Setup

OneLogin Integration User Guide

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

FaxCore Ev5 -To-Fax Setup Guide

During your session you will have access to the following lab configuration.

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Lepide Software. LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software

4cast Client Specification and Installation

Deploy the client as an Azure RemoteApp program

IIS, FTP Server and Windows

Active Directory Management. User Interface Guide

E2E Complete 4.1. Installation and Configuration Guide

Windows Azure Pack Installation and Initial Configuration

Guide to Setting up Docs2Manage using Cloud Services

360 Online authentication

How schedule AccuTRConsole to run every hour

NotifyMDM Device Application User Guide Installation and Configuration for Windows Mobile 6 Devices

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Setting up Office 365 1: Tenancy, domain and licences

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide

Integrating LANGuardian with Active Directory

BUILDER 3.0 Installation Guide with Microsoft SQL Server 2005 Express Edition January 2008

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

TIGERPAW EXCHANGE INTEGRATOR SETUP GUIDE V3.6.0 August 26, 2015

Managing users. Account sources. Chapter 1

Transcription:

LAB 2: Identity Management Contents Lab 2: Identity Management... 2 Exercise 1: install and configure prerequisites for configuring AD FS... 3 Tasks... 3 Exercise 2: adding and verifying a standard domain to Office 365... 4 Tasks... 4 Exercise 3: download and install Windows Azure AD Synchronization... 7 Tasks... 7 Exercise 4: create a new organizational unit, users, contacts and distribution groups... 8 Tasks... 8 Exercise 5: configure and review Windows Azure AD Password Sync... 9 Tasks... 9 Exercise 6: adding a federated domain...12 Tasks...12

Lab 2: Identity Management Before you begin... This lab depends on the completion of the previous exercises, more specifically the registration of an Office 365 tenant. What you will learn After completing the exercises, you will be able to: Scenario Install the Microsoft Online Services module for Windows PowerShell Install the Microsoft Online Services Sign-in Assistant. Add and verify federated domains Connect to the Microsoft Online Services portal Your organization is preparing to move some of its on-premises user accounts to Microsoft Office 365. The power of a local client and on-premises server software, combined with the reach and always up-todate nature of services in the cloud, offers the flexibility that you need. A software-plus-services approach will provide seamless experiences for individuals and information workers. Transition for the online users will be seamless because the users will be able to continue using their regular domain logon accounts and the client software that they are already familiar with. This, allows the company s IT teams to stay focused on their daily activities with little downtime for information worker retraining. Your organization expects to integrate its on-premises Microsoft Exchange Server 2010 organization with its Exchange Online services, providing a staged migration at first and then moving toward a hybrid deployment.

Exercise 1: install and configure prerequisites for configuring AD FS In this exercise, you will install the Microsoft Online Services Module for Windows PowerShell as well as the Microsoft Online Services Sign-in Assistant. Tasks 1. Install the Microsoft Online Services Sign-in Assistant. User credentials are managed by Microsoft Online Services ID. To sign in to the services, users must install the Microsoft Online Services Sign-In Assistant. The Single Sign-in Assistant is required by the Microsoft Online Services Module for Windows PowerShell. a. Switch to HYBRID-DC01 and log on as ONPREM\Admin with a password of pass@word1 b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type http://download.microsoft.com and then press Enter. d. On the Download Center page, in the search box, type Online Services Sign-in Assistant and then press Enter. e. On the results page, click Microsoft Online Services Sign-In Assistant for IT Professionals RTW (version of 02/17/2014) f. Click Download. g. On the Choose the download you want page, click en\msoidcli_64.msi and click Next. h. Click Run. Wait for the download to complete. The setup will start automatically when finished downloading. i. In the Microsoft Online Services Sign-In Assistant setup, make sure that the checkbox next to I accept the terms in the License... is selected and then click Install. j. If a User Account Control window pops up, click Yes. k. After the installation completes, click Finish. 2. Install the Microsoft Online Services Module for Windows PowerShell After you have deployed Active Directory Federation Services, the next step to set up single sign-on (also called identity federation) is to download, install, and configure the Microsoft Online Services Module for Windows PowerShell. This doesn t necessarily have to happen from the AD FS server, but makes things a little easier. a. Switch back to Internet Explorer. b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type https://portal.microsoftonline.com and then press Enter. d. On the Microsoft Online Services page, in the top input box (someone@example.com), type your Microsoft Online Services ID. This should be the ID you used when signing up for the trial account.

e. In the Password box, type your password and verify that the Keep me signed in check box is selected, and then click Sign in. f. Once signed in, click Admin > Office 365 g. On the Office 365 admin center page, in the left side navigation, click USERS and then click Active Users h. On the Active Users page, click Set up next to Single Sign On at the top of the page. i. On the Set up and manage single sign-on page, under step 3, click Windows 64-bit version and then click Download. j. Click Run k. On the Welcome to the Windows Azure Active Directory Module for Windows PowerShell Setup page, click Next. l. On the License Terms page, select the I accept the terms in the License Terms radio button and then click Next. m. On the Install Location page, review the default values, and then click Next. n. On the Ready to Install page, click Install. o. If a User Account Control window pops up, click Yes. p. On the Completing the Windows Azure Active Directory Module for Windows PowerShell Setup page, click Finish. Exercise 2: adding and verifying a standard domain to Office 365 In this exercise, you will add a standard domain to Office 365. When using a standard domain, Windows Azure AD remains the identity provider for your cloud users. This means that your users will use a different set of credentials on-premises and in Office 365. In the next exercise, you will setup Password Synchronization which should make the difference between both identities as transparent as possible. Tasks 1. Add and verify a standard domain a. On HYBRID-DC01, double-click the Windows Azure Active Directory Module for Windows PowerShell shortcut on the desktop. b. At the PS prompt, type in the following command and then press Enter: $cred = Get-Credential c. In the Windows PowerShell Credential Request window, in the User name box, type the account name you use to sign in the Microsoft Online Services. This is the user you created while registering for a trial account, earlier in the exercises. d. In the Password box, type your password and click OK e. At the PS prompt, type in the following command and then press Enter: Connect-MSOLService Credential $cred f. At the PS prompt, type in the following command and then press Enter: Set-MSOLADFSContext Computer Hybrid-DC01

Note this step is only required if you run the Azure AD Module for PowerShell from another computer which is not the AD FS server. g. At the PS prompt, type in the following command and then press Enter: New-MSOLDomain Name studentprefix.hybridexchangeworkshop.com The domain name you enter here should match the domain name, which is also used as UPN in your on-premises Active Directory. h. At the PS prompt, type in the following command and then press Enter: Get-MSOLDomainVerificationDns DomainName studentprefix.hybridexchangeworkshop.com This command should return information, similar to this: CanonicalName : ps.microsoftonline.com ExtensionData : System.Runtime.Serialization.ExtensionDataObject Capability : None IsOptional : Label : ms23567999.std12.hybridexchangeworkshop.com ObjectId : fe8b277b-6665-477a-82a5-13d12093c912 Ttl : 3600 The relevant portion of the output is highlighted in bold and red. i. Logon to the GoDaddy DNS panel as described in the first chapter of this workshop. Create a new TXT record in the public DNS zone of your child domain name. The value of the TXT record should match MS=, plus the first part of the Label attribute (highlighted in red, above). i. click Quick Add (1) ii. enter your student prefix in the host field (2) iii. enter the value as described above (3) iv. click Save Zone File (black button) To add a record to the Public DNS zone, please follow the instruction provided in the introduction of the LAB guide. Please note that the value in the textbox is just an example. Please use the value returned after having run the command above. j. Once you have configured the DNS records in the public DNS zone, continue with the following steps. k. At the PS prompt, type in the following command and then press Enter: Confirm-MSOLDomain DomainName studentprefix.hybridexchangeworkshop.com l. At the PS prompt, type in the following command and then press Enter:

Get-MSOLDomain DomainName studentprefix.hybridexchangeworkshop.com Verify that the Status now shows Verified. m. Close the Windows Azure Active Directory Module for Windows PowerShell. Note the process of adding and verifying a domain through PowerShell can be a little cumbersome if you have to do it for a single domain; the web portal would be a better choice here. However, when adding multiple domains at once (such as when setting up a new tenant), PowerShell can potentially save some time. Hence why we are going for the more difficult route here.

Exercise 3: download and install Windows Azure AD Synchronization In this exercise, you will install the Windows Azure AD Synchronization tool which will be used to synchronize on-premises accounts to Windows Azure AD (and thus also Office 365). Tasks 1. Download and install Windows Azure AD Sync a. Switch to HYBRID-SRV01 and log on as ONPREM\Admin with a password of pass@word1 b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type https://portal.microsoftonline.com and then press Enter. d. On the Microsoft Online Services page, in the top input box (someone@example.com), type your Microsoft Online Services ID. This should be the ID you used when signing up for the trial account. e. In the Password box, type your password and verify that the Keep me signed in check box is selected, and then click Sign in. f. Once signed in, click Admin > Office 365 g. On the Office 365 admin center page, in the left side navigation, click USERS and then Active Users h. On the Active Users page, click Manage next to Active Directory synchronization at the top of the page. i. Under step 4 Install and configure the Directory Sync tool, click Download. j. Click Save. k. After the download completes, navigate to the folder in which you stored the dirsync.exe program. Right-click the file and select Run as administrator. l. As you will notice, the DirSync program requires.net 3.5.1. be installed. To do so, open up PowerShell as Administrator and run the following command: Install-WindowsFeature Net-Framework-Core Wait for the process to complete (this might take a few moments) and then try running the DirSync setup again. m. In the User Account Control windows, click Yes. n. On the Windows Azure Active Directory Sync Setup Welcome page, click Next. o. On the Microsoft Software License Terms page, select I accept and then click Next. p. On the Select Installation Folder page, accept the default location and click Next. Wait for the setup to complete. This might take a few moments. q. After the setup completes, on the Installation page, click Next. r. Un-check Start Configuration Wizard and click Finish s. Log-off from HYBRID-SRV01. t. You should definitely log off from Hybrid-SRV01. Really. No kidding! Note the reason why you should log off from the server is because during the installation local administration groups are created for DirSync. Because the currently logged on user account is automatically added to the FimSyncAdmins group, these changes are only reflected after a log off/log on.

Exercise 4: create a new organizational unit, users, contacts and distribution groups In this exercise, you will create a new Organization Unit and add new users and groups to Active Directory. Tasks 1. Create a new contact and distribution group. a. Switch to HYBRID-DC01 and log in as ONPREM\Admin with password pass@word1 b. Open the Start Menu and then click Active Directory Users and Computers. c. In Active Directory Users and Computers, in the Navigation pane, expand ONPREM.LOCAL and then click Accounts. d. Right-click Accounts, click New and then click Organizational Unit. e. In the New Object Organizational Unit window, in the Name box, type Online and then click OK. f. Right-click Online, click New, and then click User. g. In the First name box, type Eli h. In the Last name box, type Bowen i. In the User logon name box, type Ebowen j. Click the UPN suffix menu and then click @studentprefix.hybridexchangeworkshop.com k. Click Next. l. In the Password and Confirm password boxes, type pass@word1. m. Clear the User must change password at next logon check box, click Next, and then click Finish. n. Perform steps f through m to create accounts for the following users, using the first name as the logon name. First name Todd Hao Wendy Last name Rowe Chen Wheeler o. Highlight all user accounts in the Online organizational unit. p. Right-click the selected accounts and then click Properties. q. In the Properties of Multiple Items window, click the Organization tab. r. Select the Job Title check box. s. In the Job Title box, type Online and then click OK. 2. Create a new contact a. Open the Start Menu and then click Internet Explorer. b. In the Address box, type https://mail.studentprefix.hybridexchangeworkshop.com/ecp and then press Enter. c. On the Exchange Admin Center logon page, in the Domain\User name box, enter your on-premises Administrator account credentials. d. In the Password box, enter the password and then press Enter. e. In the Exchange Admin Center, click recipients and then click contacts. f. Click the plus-sign and then click Mail contact. g. On the new mail contact page, enter the following details: i. First Name: Jeff

ii. Last name: Phillips iii. Alias: JeffP iv. External email address: JeffP@fabrikam.com h. Under Organizational unit, click browse. i. In the select an organizational unit, expand accounts, click Online and then click OK. j. Click save. 3. Create a new distribution group a. In the Exchange Admin Center, click recipients and then click groups. b. Click the plus-sign and then click Distribution group c. On the new distribution group page, enter the following details: i. Display name: All Online Users ii. Alias: AllOnlineUsers d. Under Organizational unit, click browse. e. In the select an organizational unit, expand accounts, click Online and then click OK. f. Click save. Exercise 5: configure and review Windows Azure AD Password Sync In this exercise, you will install the Microsoft Online Services Module for Windows PowerShell as well as the Microsoft Online Services Sign-in Assistant. Tasks 1. Configure Windows Azure AD Synchronization and enable Password Sync a. Log on to HYBRID-SRV01 as ONPREM\Admin with a password of pass@word1 Note the log-off/log-on is required to reflect the changes in group membership during the installation of DirSync. b. Right-click the Directory Sync Configuration shortcut on the desktop and select Run as administrator. c. In the User Account Control windows, click Yes. d. On the Windows Azure Active Directory Sync tool Configuration Wizard Welcome page, click Next. e. On the Windows Azure Active Directory Credentials page, in the User name box, enter the admin credentials of your Office 365 trial tenant. f. In the Password box, enter the password and then click Next. g. On the Active Directory Credentials page, in the User name box, enter the admin credentials of your on-premises Active Directory (ONPREM\Admin). h. In the Password box, enter the password and then click Next. i. On the Hybrid Deployment page, select Enable Hybrid Deployment and then click Next. j. On the Password Synchronization page, select Enable Password Sync and then click Next. Wait for the configuration to complete. This might take a few moments. k. On the Configuration page, click Next.

l. On the Finished page, make sure Synchronize your directories now is selected and click Finish. m. On the Windows Azure Active Directory Sync Tool Configuration Wizard popup window, click OK. 2. Verify DirSync synchronized successfully in the Office 365 portal a. On HYBRID-SRV01, open Windows Explorer and navigate to C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronization Service\UIShell b. Double-click miisclient.exe c. In the Synchronization Service Manager on HYBRID-SRV01 window, on the Operations tab, verify that the Directory Synchronization completed successfully. The Status of all three operations should state success. d. Open the Start Menu and then click Internet Explorer. e. In the Address box, type https://portal.microsoftonline.com and then press Enter. f. On the Microsoft Online Services page, in the top input box (someone@example.com), type your Microsoft Online Services ID. This should be the ID you used when signing up for the trial account. g. In the Password box, type your password and verify that the Keep me signed in check box is selected, and then click Sign in. h. Once signed in, click Admin > Office 365 i. On the Office 365 admin center page, in the left side navigation, click USERS and then Active Users. j. In the users list, verify that the user name for Billy Weaver is set to BWeaver@studentprefix.hybridexchangeworkshop.com 3. Verify that Password Sync works as expected a. Switch to HYBRID-SRV01 and log on as ONPREM\BWeaver with a password of pass@word1 b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type https://portal.microsoftonline.com and then press Enter. d. On the Microsoft Online Services page, in the top input box (someone@example.com), type bweaver@studentprefix.hybridexchangeworkshop.com e. In the password box, enter pass@word1 f. Verify that Billy can log in successfully. g. Log out from the portal. h. Log off from HYBRID-SRV01. i. Switch to HYBRID-DC01 and log on as ONPREM\Admin with a password of pass@word1 j. Open the Start Menu and then click Active Directory Users and Computers. k. In Active Directory Users and Computers, in the Navigation pane, expand ONPREM.LOCAL and then click Accounts. l. Right-click Billy Weaver and then click Reset Password. m. In the Reset Password window, in the New password box enter pass@word2. n. In the Confirm password box, enter pass@word2. o. Click OK. p. Switch to HYBRID-SRV01 and log on as ONPREM\BWeaver with a password of pass@word2 q. Open the Start Menu and then click Internet Explorer. r. In the Address box, type https://portal.microsoftonline.com and then press Enter.

s. On the Microsoft Online Services page, in the top input box (someone@example.com), type bweaver@studentprefix.hybridexchangeworkshop.com t. In the password box, enter pass@word2 u. Verify that Billy can log in successfully. v. Log out from the portal. 4. Change attributes and force a directory synchronization a. Switch to HYBRID-DC01 and log on as ONPREM\Admin with a password of pass@word1 b. Open the Start Menu and then click Active Directory Users and Computers. c. In Active Directory Users and Computers, in the Navigation pane, expand ONPREM.LOCAL, click Accounts and then click Online. d. Double-click Eli Bowen. e. Click the Organization tab f. On the Organization tab, for the Job Title, type Online Manager and click OK. g. Switch to HYBRID-SRV01 and log on as ONPREM\Admin with a password of pass@word1 h. Open PowerShell as Administrator from the task bar and click on Yes when prompted by UAC. i. In PowerShell, type the following command: Cd c:\program Files\Windows Azure Active Directory Sync\DirSync j. After the command completes successfully, run the following command:.\importmodules.ps1 k. Next, run the following command: Start-OnlineCoexistenceSync l. Close Windows PowerShell. 5. Verify the updated information a. Open HYBRID-SRV01 and log on as ONPREM\Admin with a password of pass@word1 b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type https://portal.microsoftonline.com and then press Enter. d. On the Microsoft Online Services page, in the top input box (someone@example.com), type your Microsoft Online Services ID. This should be the ID you used when signing up for the trial account. e. Once signed in, click Admin > Office 365 f. On the Office 365 admin center page, in the left side navigation, click USERS and then click Active Users g. In the user list, verify that the Eli s information was updated successfully. h. Log of from HYBRID-SRV01.

Exercise 6: adding a federated domain In this exercise, you will convert the domain that was previously added as a standard domain to a federated domain. Tasks 1. Convert a standard domain to a federated domain a. Switch to HYBRID-DC01 and log on as ONPREM\Admin with a password of pass@word1 b. Right-click the Windows Azure Active Directory Module for Windows PowerShell shortcut on the desktop and select Run as Administrator. When prompted by UAC, click Yes. c. At the PS prompt, type in the following command and then press Enter: $cred = get-credential d. In the Windows PowerShell Credential Request window, in the User name box, type the account name you use to sign in the Microsoft Online Services. This is the user you created while registering for a trial account, earlier in the exercises. e. In the Password box, type your password and click OK f. At the PS prompt, type in the following command and then press Enter: Connect-MSOLService Credential $cred g. At the PS prompt, type in the following command and then press Enter: Set-MSOLADFSContext Computer Hybrid-DC01 h. At the PS prompt, type in the following command and then press Enter: Convert-MSOLDomainToFederated DomainName studentprefix.hybridexchangeworkshop.com i. At the PS prompt, type in the following command and then press Enter: Get-MSOLDomain DomainName studentprefix.hybridexchangeworkshop.com Verify that the domain was successfully converted to a Federated domain and that the domain Authentication now shows Federated. j. At the PS prompt, type in the following command and then press Enter: Get-MSOLDomainFederationSettings DomainName studentprefix.hybridexchangeworkshop.com Verify that the details are correct and reflect the ADFS settings that were previously configured. The ActiveLogOnUri, IssuerUri, LogOffUri, MetadataExchangeUri and PassiveLogonUri should all match adfs.studentprefix.hybridexchangeworkshop.com k. Close the Windows Azure Active Directory Module for Windows PowerShell.

2. Verify identity federation is working as expected a. Switch to HYBRID-SRV01 and log on as ONPREM\Bweaver with a password of pass@word2 b. Open the Start Menu and then click Internet Explorer. c. In the Address box, type https://portal.microsoftonline.com and then press Enter. d. On the Microsoft Online Services page, in the top input box (someone@example.com), type bweaver@studentprefix.hybridexchangeworkshop.com Note your login request should now be redirected to adfs.studentprefix.hybridexchangeworkshop.com e. In the Windows Security basic authentication prompt, in User name, type bweaver@studentprefix.hybridexchangeworkshop.com f. In the Password box, type the password (pass@word2) and then click OK. g. Verify that Billy can successfully sign in to the portal. h. Log off from the portal. i. In Internet Explorer, click the cog-wheel to open the options menu and select Internet options. j. Click the Security tab and then click Local intranet. k. Click Sites and in the Local Intranet window, click Advanced. l. In the Add this website to the zone box, type https://adfs.studentprefix.hybridexchangeworkshop.com, click Add and then click Close. m. In the Local Intranet window, click OK. n. In the Internet Options window, click OK. o. Close Internet Explorer. p. Repeat steps b. to h. Verify that now you are no longer required to enter your credentials manually. q. Log off from HYBRID-SRV01.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information