We have 2 domains. TestCenter.org and TestProject.org.
Server 2012 R2 Running AD and ADFS
We have an Exchange 2010 server running as well
All users have an email address for the TestCenter.org. However the AD Domain is the TestProject.org domain
I have set up exchange offline mail archive through O365. And I am trying to configure it to work with Single Sign on.
When I create a remote email archive for a user it goes through the hybrid exchange setup and creates the mail archive in Office 365. The user is then prompted on their outlook to input credentials for office 365. So the SSO isn't working.
If the user uses the user@TestProject.org username the sign on works and the archive folder appears in their mailbox, everything is fine. But the user is using the TestCenter.org domain for their email.
If I change the users logon domain to TestCenter.org in AD, then they are never prompted in outlook and no archive folder ever shows up. Once I change their logon domain back to TestProject.org the prompt pops up.
If I run the MS connectivity analyzer to test SSO on O365 using the user@testProject.org, it passes. But if I use user@TestCenter.org it fails saying invalid username / password, everything else passes on the test.
So how can I allow the TestCenter.org domain to authenticate to the TestProject.org doamin so SSO will work properly?
Thank you,
Best Answer
Thanks Todd I did need to change the UPN to match, but...
Turns out dirsync or now known as azure AD connectwon't change a UPN. For those that come after me
connect-MSOLService
Set-MsolUserPrincipalName -UserPrincipalName user@TestProject.org -NewUserPrincipalName user@testcenter.onmicrosoft.com
Set-MsolUserPrincipalName -UserPrincipalName user@testcenter.onmicrosoft.com -NewUserPrincipalName user@testcenter.org