I have ADFS and office 365 completely set up and configured for SSO, using an ADFS server and ADFS proxy.
For internal users, I have IIS configured on the adfs server to redirect companynamemail.com to http://Outlook.com/owa/companyname.com so that the users, instead of having to go through portal.microsoftonline.com, type in thier user name, click the link, and then login, they just go to companynamemail.com, and it performs the SSO
I'm trying to find a way for external users to have a similar expeirence, I know that they will have to login because they arent authenticated through the domain, but I want thier portal to be companynamemail.com. I tried using the adfs proxy to do the http redirect, but it forwards without allowing them to login and gives an error.
I'm thinking about writing the redirect into the default website, but I'm wondering if I can do it with a redirect or a/cname record.
Best Answer
This is pretty simple...
If your public DNS host provides forwarding you can simply create the base A record and have it forward to
portal.microsoftonline.com.If you don't have this ability just setup a simple new website on your public facing web servers or even proxy servers that hosts that domain name. Once you have that you can setup the IIS Rewrite Module to redirect requests to the Microsoft portal and it should do what you want.
We did this as well to provide a "customized" URL for users to access, not to mention any laptops could store the URL and it would work internally and externally, just with different authentication mechanisms.
Sample Rewrite: