Hi - hopefully someone can advise on what I think may be an internal DNS issue.
I have set up Office 365 with ADFS 2.0, SSO and Active Directory Sync. Since associated our domain name with Office 365 we can no longer access our website internally in school. The site can be viewed outside our LAN. Our website name is the same as the domain name that I registered and verified with Office 365.
We have another issue at the moment that I am also trying to sort out, I don't think it is linked, but it may be worth mentioning it in case it helps with diagnosis:
We are unable to connect an Outlook client to the Microsoft Online Exchange servers. We are receiving an authentication error when trying to auto-connect. This is from different PCs inside school and outside of school.
I was wondering if there has to be a trust set up internally on our domain to trust the domain that we have registered with Office 365?
If I'm following you, this really feels like a DNS issue, especially as it's only an issue from within your network. Just looking at the website problem:
what if you do nslookup for the website from internal? What IP do you get returned? Same from an external source (though I'm sure that would be the external 365 IP)
The auth error with Exchange is troubling. For testing, are you able to disable the SSO/Sync and configure a client manually with a user/password to connect? Does it work? If not then of course those settings aren't the issue. I assume you are able to access it via the web portal for email with 365?
We're in process of implementing / migrating to 365 here and haven't yet gotten to the point of being able to log into 365 yet. We're consulting the process out to MicroExcel so maybe we'll be spared some of this. Let me know how it's going and I'll try to help.
I will try out your advice tomorrow and let you know. Office 365 is definitely the way to go, but there are so many processes to get right to get the SSO and AD sync working properly. Won't be giving up on it though