https://technet.microsoft.com/en-us/magazine/jj631606.aspx goes through the steps I remember taking in a windows environment. As you can see step 2 is to install ADFS this is what would need emulated with some web server. So I will try and google ADFS on apache or nginx or linux. I'll let you know if I find anything interesting. On Mon, Jun 6, 2016 at 1:53 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote:> We had set Office 365 to use single sign on at my last place of work. > Microsoft uses a significant part of what is built into IIS on Windows > Servers. I don't see this as being possible any time soon. I could be wrong > for all I know someone may have developed a simple set of apache/nginx > plugin/scripting/page_layout to handle the authentication but I have not > seen it. A little bit about it: Microsoft redirected authentication to ssl > on your server that somehow let Microsoft servers know that your site > trusted that authentication(maybe a cookie). Luckily lots of stuff broke to > show me what was happening with it. Sometimes people on the vpn could not > get in other times people outside the local network could not get in. The > breaking actually helped me understand a little more about what was going > on and if it was an internal or external issue. Testing with multiple > browsers helped trouble shoot this as well. So someone that has Microsoft > servers if they spent the time could develop apache/nginx pages to imitate > the behavior needed by Office 365 as far as I know they don't exist yet. > > On Mon, Jun 6, 2016 at 12:50 PM, lists <lists at merit.unu.edu> wrote: > >> Hi, >> >> Anyone here using office 365 with samba AD? >> >> Tips, ideas..? >> >> Read this: >> >> https://blogs.office.com/2014/04/15/synchronizing-your-directory-with-office-365-is-easy/ >> >> The link says "synchronizing-your-directory-with-office-365-is-easy", but >> I wonder if anyone with an AD on samba has done it? >> >> MJ >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > >
Hi Jeff, But I don't mind to run a windows IIS server for this at all. It's just the AD DCs that are samba, we have a windows server running here (printserver) that I could use for if required. So you problems are because you tried to get this running using apache..? Thanks for your reaction, MJ On 6-6-2016 22:22, Jeff Sadowski wrote:> https://technet.microsoft.com/en-us/magazine/jj631606.aspx > goes through the steps I remember taking in a windows environment. As > you can see step 2 is to install ADFS this is what would need emulated > with some web server. > So I will try and google ADFS on apache or nginx or linux. I'll let you > know if I find anything interesting. > > On Mon, Jun 6, 2016 at 1:53 PM, Jeff Sadowski <jeff.sadowski at gmail.com > <mailto:jeff.sadowski at gmail.com>> wrote: > > We had set Office 365 to use single sign on at my last place of > work. Microsoft uses a significant part of what is built into IIS on > Windows Servers. I don't see this as being possible any time soon. I > could be wrong for all I know someone may have developed a simple > set of apache/nginx plugin/scripting/page_layout to handle the > authentication but I have not seen it. A little bit about it: > Microsoft redirected authentication to ssl on your server that > somehow let Microsoft servers know that your site trusted that > authentication(maybe a cookie). Luckily lots of stuff broke to show > me what was happening with it. Sometimes people on the vpn could not > get in other times people outside the local network could not get > in. The breaking actually helped me understand a little more about > what was going on and if it was an internal or external issue. > Testing with multiple browsers helped trouble shoot this as well. So > someone that has Microsoft servers if they spent the time could > develop apache/nginx pages to imitate the behavior needed by Office > 365 as far as I know they don't exist yet. > > On Mon, Jun 6, 2016 at 12:50 PM, lists <lists at merit.unu.edu > <mailto:lists at merit.unu.edu>> wrote: > > Hi, > > Anyone here using office 365 with samba AD? > > Tips, ideas..? > > Read this: > https://blogs.office.com/2014/04/15/synchronizing-your-directory-with-office-365-is-easy/ > > The link says > "synchronizing-your-directory-with-office-365-is-easy", but I > wonder if anyone with an AD on samba has done it? > > MJ > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > >
I have not tried with samba AD servers. My issues where some dns and routing issues. But you should have no issues setting this up. Verify that ADSF works inside and out, then setting up Office365 to use it should be straight forward. On Tue, Jun 7, 2016 at 1:05 AM, lists <lists at merit.unu.edu> wrote:> Hi Jeff, > > But I don't mind to run a windows IIS server for this at all. It's just > the AD DCs that are samba, we have a windows server running here > (printserver) that I could use for if required. > > So you problems are because you tried to get this running using apache..? > > Thanks for your reaction, > MJ > > On 6-6-2016 22:22, Jeff Sadowski wrote: > >> https://technet.microsoft.com/en-us/magazine/jj631606.aspx >> goes through the steps I remember taking in a windows environment. As >> you can see step 2 is to install ADFS this is what would need emulated >> with some web server. >> So I will try and google ADFS on apache or nginx or linux. I'll let you >> know if I find anything interesting. >> >> On Mon, Jun 6, 2016 at 1:53 PM, Jeff Sadowski <jeff.sadowski at gmail.com >> <mailto:jeff.sadowski at gmail.com>> wrote: >> >> We had set Office 365 to use single sign on at my last place of >> work. Microsoft uses a significant part of what is built into IIS on >> Windows Servers. I don't see this as being possible any time soon. I >> could be wrong for all I know someone may have developed a simple >> set of apache/nginx plugin/scripting/page_layout to handle the >> authentication but I have not seen it. A little bit about it: >> Microsoft redirected authentication to ssl on your server that >> somehow let Microsoft servers know that your site trusted that >> authentication(maybe a cookie). Luckily lots of stuff broke to show >> me what was happening with it. Sometimes people on the vpn could not >> get in other times people outside the local network could not get >> in. The breaking actually helped me understand a little more about >> what was going on and if it was an internal or external issue. >> Testing with multiple browsers helped trouble shoot this as well. So >> someone that has Microsoft servers if they spent the time could >> develop apache/nginx pages to imitate the behavior needed by Office >> 365 as far as I know they don't exist yet. >> >> On Mon, Jun 6, 2016 at 12:50 PM, lists <lists at merit.unu.edu >> <mailto:lists at merit.unu.edu>> wrote: >> >> Hi, >> >> Anyone here using office 365 with samba AD? >> >> Tips, ideas..? >> >> Read this: >> >> https://blogs.office.com/2014/04/15/synchronizing-your-directory-with-office-365-is-easy/ >> >> The link says >> "synchronizing-your-directory-with-office-365-is-easy", but I >> wonder if anyone with an AD on samba has done it? >> >> MJ >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> >> >>