Azure AD (IDP proxy) and ADFS/PingFederate IDP

To verify a domain in AAD, first remove it from office 365! Sigh!

My advice is NOT to use the console ā€“ which has a particular verification procedure (based on adding a TXT record). In powershell create a federated class domain, get the (other particular style of ) validation information done, and then and only then verify the site. At the same time, one gets to setup the endpoint that allows Azure AD to talk back to ADFS for passive and active reasons.

Using the managed account to login to the AAD via the powershell tool, now add a user (and their unique immutableid/UPN).


About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in SSO. Bookmark the permalink.