Start the Office 365 setup by syncing your directory to Office 365, then adding the Office 365 and assigning the app to your users.

 

Part 1 – Syncing Directories

Here is the tutorial video for syncing directories with NoPassword.

 

  • To sync your directory with NoPassword, click on “Directories” and then”Main Directory” from th left-side menu.

Office 365 Main Directory

 

  • Click on the blue “Add A New Directory” button on the top right side of the page.

Add New Directory

 

  •  A new window will pop up, enter “Directory Name“, choose “Office 365” for “Directory Type“, and click on “Done“.

Office 365 Directory Name

 

  • Click on the “Setup” button.

Office 365 Directory Setup

 

  • Click on “Continue” and you will be directed to Office 365 login page.

Continue to Office 365 Login

 

  • Enter your Microsoft global admin username and password. 

Microsoft login

 

  • Click on “Accept” next to allow NoPassword to sync and edit your directory.

Office 365 Permission

 

  • You will be redirected back to NoPassword admin dashboard. Click on the green “Sync” button to import users.

Main Directory Sync

Click on “Users” on the left-side menu to see the list of users imported to the NoPassword dashboard. User immutable ID will be automatically transferred. 

Once the directory and users are synced, please follow the instructions in the next part to add the Office 365 app.

 
Part 2 – Office 365 Integration

Here is the tutorial video to set up Office 365.

 

  • Open the NoPassword Admin Dashboard. Select “Applications” from the left side menu and then select “Web App” from the submenu.

Office 365 Application

 

  • Click on “+ Add SSO App” button from the upper right corner.

 

  • A pop-up window will appear. Under the section: “1. Select your app”, click on “Search…” and type“Office 365 to search the NoPassword Catalog. Select “Office 365 Suite from the drop-down menu.

Office 365 Integration catalog

 

  • On One Click Setup section enter Microsoft Global Admin Email, Password, and Domain.

Office 365 Microsoft global admin

Please note that NoPassword will not store your credentials. 

 

  • Click on “One-click setup“.

Office 365 one click setup

 

  • Click on “Save“. 

NoPassword Office 365 save

 

You can alternatively setup Office 365 manually.

To continue manually, click on “Manual Set up”. Identity Provider section will automatically open, download the Certificate to your computer. 
Then, right-click on the PowerShell command template for ADFS to save it to your computer.


Expand the Service Provider section and configure your ACS URL:
https://login.microsoftonline.com/login.srf.
NoPassword ACS SAML
Expand the Advanced Setup section and configure your IDP:
https://nopassword.com/yourworkdomain.com
Select “Employee ID” for Identifier and click on “Save“.

Log into Office 365 administration center as an administrator and then click on Admin.

From the left side menu select “Settings > Domains“.

Add a domain that you are going to use for Single Sign-On and go through the steps to confirm that you own the domain.

DO NOT add any users at this stage.
In the section where you are asked “How do you want to use with Office365?“, uncheck the checked boxes next to “Exchange Online” and “Lync Online“; unless DNS entries are to be updated.

Make sure that the domain is not the “default domain“. If it is set as the default domain, please go ahead and change that setting by configuring the “.onmicrosoft.com” as the “default domain“.

SSO configuration for Office 365 requires Windows Azure Active Directory Module for Windows PowerShell cmdlets. Download and install cmdlets from the following links:
https://technet.microsoft.com/en-us/library/jj151815.aspx

You need to use the PowerShell Command template and the certificate that you downloaded from NoPassword Admin Dashboard.

To configure Office 365 SSO, customize the PowerShell command template as follows:
$domain 
– enter your company domain, in the following format: yourworkdomain.com
$issuer – enter your company domain at the end of the URL, in the following format:
https://nopassword.com/yourworkdomain.com
$certificateFileFull path and filename of the certificate file you’ve just downloaded
template for powershell Office 365
Please open Powershell as an administrator.
$cred=Get-Credential
It will prompt for the administrator’s credentials. Type your administrator login credentials into the dialog that appears on the screen.
Office 365 power1
Copy and paste the second command, to get authenticated on Office 365:
Connect-MsolService -Credential $cred
Office 365 power2
Copy the block of PowerShell commands starting with $domain and ending with $logoffurl.
Paste them into your PowerShell window.
Office 365 power3

Then copy and paste the second block to upload the certificate file.
Office 365 power4

Run the following command to enable SSO for your domain:
Set-MsolDomainAuthentication -FederationBrandName $domain -DomainName $domain -Authentication federated PreferredAuthenticationProtocol SAMLP -IssuerUri $issuer -Signing Certificate $certificate -PassiveLogOnUri $ssoUrl -ActiveLogOnUri $ecpUrl -LogOffUri $logoffUrl –Verbose 
Office 365 power5

You have completed the manual SSO setup for Office 365.

Trouble shooting information for manual setup

See all licenses:
Get-MsolAccountSku
You need your AccountSku number to be able to add users.
Add users:
New-MsolUser -UserPrincipalName -ImmutableId -FirstName -LastName -DisplayName -LicenseAssignment -usageLocation
The immutable id is a unique user identifier on Office 365. Make sure Immutable id is reflected in the user’s info on NoPassword portal, as the user’s IDThe user principal name is the IDPEmail. Both these values must match with the Office 365 configuration for single sign-on to be successful.
immutable id- Office 365
Delete users:
emove-MsolUser -UserPrincipalName <User’s email>
The above command moves the user to the Office 365 recycle bin. To create a user with the same name, make sure to remove the user from the recycle bin.
Retrieve a deleted user:
Get-MsolUser -ReturnDeletedUsers -SearchString <User’s email> | select UserPrincipalName, ObjectId

Remove a deleted user from the recycle bin:
Remove-MsolUser -RemoveFromRecycleBin –ObjectId

Login error:
Some users might experience the following sign-in issue, due to a known bug on Office 365.
Sorry, but we’re having trouble signing you in. Please try again in a few minutes. If this doesn’t work, you might want to contact your admin and report the following error: <error#>.
The solution is simply to restart your browser. Then open a fresh browser tab and try to log in.
off29.21

 

Office 365 is now configured! At this point, you can assign users, groups or organizational units to the Office 365. Please see the Assign Users page for instructions. 

Should you any further questions, do not hesitate to contact us at support@nopass.com or 877-877-5587.