Verify single sign-on with Shibboleth
Updated: June 25, 2015
Applies To: Azure, Office 365, Power BI, Windows Intune
As the administrator, before you verify and manage single sign-on (also called identity federation), review the information and perform the steps in the following articles to set up single sign-on with Shibboleth Identity Provider:
Follow the detailed instructions in Directory synchronization roadmap to prepare for, activate, install a tool, and verify directory synchronization.
After setting up single sign-on with Shibboleth, you should verify that it is working correctly.
Verify that single sign-on has been set up correctly
To verify that single sign-on has been set up correctly, you can perform the following procedure to confirm that you are able to sign in to the cloud service with your corporate credentials, Test single sign-on for different usage scenarios.
- If you converted a domain, rather than adding one, it may take up to 24 hours to set up single sign-on.
- Before you verify single sign-on, you should finish setting up Active Directory synchronization, synchronize your directories, and activate your synced users. For more information, see Directory synchronization roadmap.
To verify that single sign-on has been set up correctly, complete the following steps.
On a domain-joined computer, sign in to your cloud service using the same logon name that you use for your corporate credentials.
Click inside the password box. If single sign-on is set up, the password box will be shaded, and you will see the following message: “You are now required to sign in at <your company>.”
Click the Sign in at <your company> link.
If you are able to sign in, then single sign-on has been set up.
Test single sign-on for different usage scenarios
After you have verified that single sign-on is complete, test the following sign-in scenarios to ensure that single sign-on using Shibboleth Identity Provider is correctly configured. Ask a group of your users to test their access to the cloud service services from browsers as well as rich client applications, such as Microsoft Office 2010, in the following environments:
From a domain-joined computer
From a non-domain-joined computer inside the corporate network
From a roaming domain-joined computer outside the corporate network
From the different operating systems that you use in your company
From a home computer
From an Internet kiosk (test access to the cloud service through a browser only)
From a smart phone (for example, a smart phone that uses Microsoft Exchange ActiveSync)