Skip to main content

Single Sign On

​​Single Sign On is a term used to describe any technology which allows a user to sign in one time to many different systems. This is most commonly found with web sites. Examples include products such as SiteMinder and Active Directory Federation Services. Microsoft uses ADFS to implement Single Sign On for Office 365, which allows a user to be automatically logged in without a prompt if they are using a PC, laptop, or tablet that has been joined to a Windows domain.

This optional configuration takes a considerable amount of extra work, and additional servers. We can set things up so that when you log into your local PC you won’t have to log in again to SharePoint Online, Exchange Online, or Skype for Business. Multiple configurations are available, so ask if you think you’d like this option.

When Single Sign On is implemented for Office 365, if only one sign-on server is used, and there's a disruption to the server - or to the internet connection between the server and its users - then sign-on to Office 365 will be impossible. In SSO configurations, Microsoft hands over control of the sign-on process to your organization, but in return they specify that you should utilize 2 servers for fault tolerance.

Recent developments in Azure have made it possible to use Azure Active Directory and an ADFS server hosted in Windows Azure to provide one leg of this 2 server system without the need for SQL Server or a Backup Domain Controller in the cloud. The other leg can be provided by an instance of ADFS running on your local domain controller. New services such as Azure Active Directory Premium enhance this capability even more. This represents a significant cost savings compared to solutions from a few years ago, so ask us about SSO if this would be of benefit to you.