Hello Community.
Please your help on this: My customer has an Office365 tenant with several domains and we need to be sure if we integrate that tenant as the RP with Siteminder as IDP are we going to impact all users in the tenant? Or it depends just on the domain we integrate? I mean, are we going to impact just the users inside one domain (the one which we use in the commands to Set Up Federation) and the other domains won't be affected?
For example, inside Siteminder document (Office 365 Runbook) there's a section called "Set Up Federation Domain on a Microsoft Office 365 Tenant" and it shows the command below:
Set-MsolDomainAuthentication -Authentication Federated -DomainName <domain name> ...
From the command above we think this federation is just for the domain we put in there. Is it right? At the end what my customer whants is just include one domain from their o365 tenant and the other domains inside the same tenant must remain transparent, as the integration doesn't exist, and the users must login outside Siteminder with no issues.
Please help me to understand this situation and it would be great if you can share some workaround or updated document for this integration.
Thanks in advance.
Best,
Mauricio.
Hi Mauricio,
Your understanding is correct that SSO is enabled on a per-domain basis and only affects the one domain you specify in the Set-MsolDomainAuthentication command.
Regards,
Richard