question

AchyutPatil-4219 avatar image
0 Votes"
AchyutPatil-4219 asked AchyutPatil-4219 answered

Authentication user experience after moving O365 relying party trust to another forest

At a current client, we have a multi-forest single-tenant scenario. There are 2 federated domains - one for each of the forests and both have their O365 Relying Party trusts going to one ADFS farm in Forest A(domaina.com) and authenticating users in Forest B (domainb.com) over the AD trust. We are now moving domainb.com RTP over to ADFS farm in Domain B. The process to do that is fine.

My question is what will the user experience be after the RTP has been moved. Will all users in Forest B be prompted for authentication once the change is made or is it only for new authentication requests? Will it be seamless especially on Win10 devices and Office apps on internal networks where the ADFS farm is?
If you can share any experiences, much appreciated. Thanks.

adfsazure-ad-domain-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

AchyutPatil-4219 avatar image
0 Votes"
AchyutPatil-4219 answered

We moved the O365 RTP to Forest B. User experience was seamless. desktop applications like Outlook didn't prompt for any reauthentication. The browser sessions were fine too. User had to enter login name first time when they accessed O365 portal or Azure. The move went smoothly..

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.