Re: [cas-user] Re: cas with o365

Hi, I was integrated with o365 but on OPENID on version 5.2.x but this version has poor support for integration with o365. Try too use version 5.3.x or if You can 6.0.x. In version 5.2.x is problem that O365 don't support redirect url with parameter, and CAS generate url with parameter version 5.3

Re: [cas-user] Re: cas with o365

Have you switched office 365 over to use federated login via the Set-MsolDomainAuthentication powershell command? On Monday, July 8, 2019 at 11:28:18 AM UTC-5, Alfonso Veraluz wrote: > > Hello. > > No. I made an advance adding values like to the inmutableId in the 365 > users but after that: >

Re: [cas-user] Re: cas with o365

Hello. No. I made an advance adding values like to the inmutableId in the 365 users but after that: 1) I can login to Cas but it doesn't login on the login.microsoftonline.com 2) I can login in login.microsoftonline.com but doesn't sso with my Cas. It's just both systems are not connected aft

Re: [cas-user] Re: cas with o365

Neat tip for anyone using cas with Office 365. You can have Microsoft automatically redirect to your cas login by using a link like the below: https://login.microsoftonline.com/?whr=example.com A few other options mentioned here: https://www.enowsoftware.com/solutions-engine/using-smart-links-to

Re: [cas-user] Re: cas with o365

Were you able to complete the o365 setup with cas? On Wednesday, July 3, 2019 at 9:26:36 AM UTC-5, Robert Bond wrote: > > If you do not want to use Azure AD Connect you can create a process to > sync via powershell. I have an example on my github: > https://github.com/bondr007/office365UserSync

Re: [cas-user] Re: cas with o365

If you do not want to use Azure AD Connect you can create a process to sync via powershell. I have an example on my github: https://github.com/bondr007/office365UserSync it consumes a csv and does some querys to AD. It could be modified for openldap. The steps to actually enable SSO on office are

[cas-user] Re: cas with o365

Hello Robert Users from the openLdap and from the O365 are not synced at all at the moment. It's supossed to achive this with the Azure AD Connect but this means a new server on Windows and seems the only option it may fit is with the Passthrough option (https://docs.microsoft.com/es-es/azure/

[cas-user] Re: cas with o365

Hi Robert, I am also facing the same issue, I just what to know the steps I need to follow from the office 365 side. I have configured cas for office 365 but not sure about the steps in the office 365 part On Wednesday, July 3, 2019 at 5:41:11 AM UTC+8, Robert Bond wrote: > > > Were you able to

[cas-user] Re: cas with o365

Were you able to complete the setup? Thanks! On Tuesday, July 2, 2019 at 9:38:53 AM UTC-5, Alfonso Veraluz wrote: > > Hello. > > I have a CAS 5.2.3 running fine with a Tomcat 8.0.32, Openjdk 1.8 and > connected to a OpenLdap so my users can login with the uid and the mail. > This CAS is actuall

[cas-user] Re: cas with o365

Yep, you also need to add the uid as the ImmutableId on creation of the accounts in office365. How are you syncing users to office365? To set the ImmutableId on a user via powershell: Set-MsolUser -UserPrincipalName a...@example.com L -ImmutableId 71cfd66c-2c72-43ee-a88e-8e29458eb3b0 On Tuesday

[cas-user] Re: cas with o365

Thanks for the reply Robert Bond! So if I understand this: 1) I have to add an objectclass like the uidObject to have a uid parameter at the OpenLdap for each user in the ldap. This parameter doesn't have to change for the user never. 2) Configure the cas.properties like yours with the parame

[cas-user] Re: cas with o365

Let me know if the below makes since. For the integration you need to pass the attributes as follows: cas.samlSP.office365.metadata= https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml

[cas-user] Re: cas with o365

You need to have an immutableId that is shared with Office365 through your import process. This can be almost anything just cannot be changed on the o365 side. Typically people use the account guid from their directory server. You can use the integration like how you are currently or below is