Good Afternoon,
We have a setup where we have two groups of users - Staff and students. We are using the email address (via the Synchronization Service Manager) with Office 365. Staff have emails like user@district.domain.edu, while students have email addresses like user@student.org. However, the UPN for BOTH follows the staff email domain.
Now, using DirSync, EVERYONE can login to Office365 with their organizational email and password.
However, now we are implementing ADFS for single-sign on. For staff, we have it working without a hitch. However, for students it is not working. I'm thinking that this has something to do with the userID that Office365 is sending back to our ADFS server? For staff it is sending a value that corresponds to a users UPN, but for students that's not the case...
Is there a way (perhaps using Claims Rules?) that I can convert the email to the UPN before it attempts authentication with our ADFS?
Thanks
Chad