Versions Compared

Old Version 7

changes.mady.by.user Adam Darwin

Saved on

compared with

New Version Current

changes.mady.by.user Adam Darwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can set up Office 365 MFA from either your own PC or from the computer where your DualShield MFA server is running.

Table of Contents

Download PS Script

Download this PowerShell script: setup-o365-sso-v2.ps1, and save it to a local folder.

Download IdP Metadata from DualShield

If you are operating from your own PC, then first check whether or not you have access to your DualShield SSO service. 

Expand

In your web browser, visit https://your-dualshield-fqdn:8074/sso/ping

Replace "your-dualshield-fqdn" with the actual FQDN of your DualShield server

Image Added

If you do not have access to your DualShield SSO service, then you need to download the IdP metadata from your DualShield server. Otherwise, you can skip to the next step.

Expand

In your DualShield admin console, select "SSO | SSO Servers".

Click the context menu of the SSO server, then select "Download IdP Metadata"

Image Modified

Save the IdP Metadata to a file, eg. "dualshield-idp-metadata.xml"

...

Download PS Script

...

, in the same folder where the PowerShell script

...

"setup-o365-sso.ps1

...

" is saved. 

Connect to Office 365 Powershell

...

Connect to Office 365 Powershell as shown below:

Expand
titleConnect to Office 365 Powershell

Include Page
Connect to Office 365 PowerShell
Connect to Office 365 PowerShell

Check Current Federation Settings 

First, check the current settings by run ning the following command:

Code Block
languagepowershell
get-MsolDomainFederationSettings -domain 'domain name'

in which 'domain name' is the domain name of your Office 365.

Enable SSO Federation in Office 365

When you are ready to enable DualShield MFA on your Office 365 domain, take one of the steps below.

a) If you had to download the metadata file, then execute the following command in Run the following command in Office 365 PowerShell 

Code Block
languagepowershell
.\setup-o365-sso.ps1 -protocol WSFED -domain 'o365 domain name' -appname 'application name' -spname 'service provider name' -metadatametafile '.\sso metadata file'

b) Otherwise, execute the following command in PowerShell 

Code Block
languagepowershell
.\setup-o365-sso.ps1 -protocol WSFED -domain 'o365 domain name' -appname 'application name' -spname 'service provider name' -fqdn 'DualShield SSO FQDN' -port 'DualShield SSO Port'


ParameterRemarks
-protocolWSFED
-domainthe domain name of your Office 365
-appnamethe application name in DualShield for Office 365
-spnamethe service provider name in DualShield for Office 365
-metadatametafilethe metadata file name of your DualShield SSO
-fqdnthe FQDN of your DualShield SSO service
-portthe port number of your DualShield SSO service


Image Added

Example 1: Image RemovedUsing FQDN

.\setup-o365-sso.ps1 -protocol WSFED -domain 'opensid.net' -appname 'Office365' -spname 'Office365WSFED' -fqdn 'dualshield.opensid.net' -port '8074' 
Expand

Image AddedImage Added



Example 2: Using Metadata  File

.\setup-o365-sso.ps1 -protocol WSFED -domain 'opensid.net' -appname 'Office365' -spname 'Office365WSFED' -metafile '.\idp.dualshield.opensid.net.xml'
Expand

Image Added

Image Added



Notes:

To verify that the change was successful, run the following command:

...