Forum Discussion
Yes, this solution is fully supported using Office 365 thick client apps and APM as SAML IdP, so it's not necessary to transmit your AD user passwords to Microsoft.
This post has more information:
https://devcentral.f5.com/questions/office-365s-new-quotmodern-auth-quot
I'm also in te proces of setting up an BIG-IP to fully replace an ADFS server. And it seems to work fine (SSO). But we have an issue with the Office365 thick client. It prompts every time for 'license activation'. Then the user has to enter his e-mail address and the activation is completed. But since this is a VDI environment, the shared license information is not persistent.
We tried to validate our configuration using the office365 SSO connectivity tester (https://testconnectivity.microsoft.com/) , but I don't know how reliable this test is. It fails with the following message:
The Metadata Exchange URL in the domain registration isn't valid. URL:
It is set within Azure (metadataExchangeUri) and points to the BIG-IP, but it seems the MEXURL isn't send by Azure. It shows .
So any hints on this one? What can you tell me about the connectivity checker?