Hello There,

We have Windows 2008 R2 based AD and we have deployed ADFS in our network for integration with Office365.

We are using Exchange & CRM services from Office365, all the users from OnPrem AD are synced to Office365 for provisioning service.

There is an ADFS Server in the Internal Network joined to Domain and ADFS Proxy in DMZ.

We also have DirectAccess deployed for Laptop users.

We have a requirement to enable Single Sign-On for Office365 services to achieve this i configured pinpoint record for ADFS (fs.xyz.com) in DNS to point to Internal ADFS Server so when users access Office365 Portal it doesnt prompt for login credentials this means Single Sing-On is working fine.

But the problem is for DirectAccess users when they are out of corporate network because the PinPoint record is IPv4 based so it doesnt work for them.

Please suggest what needs to be changed on ADFS Servers, DNS, Direct Access Servers to make this work.

Thanks,

Maqsood

Hi Maqsood,

The DirectAccess relies on NRPT, if we want to access internal resources with DirectAccess, just put the FQDN in the NRPT.

Besides, for ADFS questions, to get better help, please post your question on the following forum:

https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva

Best Regards.

Thanks,

I can do this with NRPT.

Regards,

Maqsood