Office 365 ADFS SSO Problem
I have got a case open with Microsoft about this but I thought I'd put it to the Edugeek hive mind to see if anyone has had a similar issue and solved it.
We're setting up Office 365 for our staff and students. I'm not sure what exactly we're going to do with it but you know, it's cloud so it must be good. We want to set it up for SSO so our users don't have to remember yet another username and password. To that end, I've set up a pair of W2012 servers with the ADFS role on one and the ADFS proxy role on the other and set up a relying party trust between it and Azure. I've made the lutonsfc.ac.uk domain a federated one.
Users can sign onto O365 on external PCs, i.e. over the internet. Users can sign onto O365 using the ADFS server itself. However, when someone tries to sign onto O365 from inside the network, they get a what looks like a Windows authentication prompt asking for credentials. You put in your network username and password and it pops up again. The connectivity tests at https://www.testexchangeconnectivity.com/ all pass so it looks like federation is working OK and that my certificates are correct.
I'm at a loss and I don't know what to try next! It has to be some stupid little IIS setting because otherwise you wouldn't be able to sign on from the outside or on the ADFS server. Any suggestions?
Just tried it in Firefox, it works! Firefox doesn't support a lot of the Windows authentication methods that IE and Chrome do so maybe it isn't IIS, maybe it's a security setting in IE.
Turning off integrated authentication in IE allows you to sign in. And it doesn't even ask for authentication. WTF?