Hello,
We are trying to use Azure Access Control Service to authenticate our SharePoint Server 2013 hosted on Azure users with Azure Active Directory. The Azure Ad and the SharePoint Server 2013 farm are in different domains.
Followed steps from below TechNet article to configure this.
https://technet.microsoft.com/en-us/library/dn635311.aspx
- Create a new Azure AD tenant and namespace.
- Add a WS-Federation identity provider.
- Add SharePoint as a relying party application.
- Create a self-signed certificate to use for SSL.
- Create a rule group for claims-based authentication.
- Configure the X.509 certificate.
- Create a claim mapping.
- Configure SharePoint for the new identity provider.
- Set the permissions.
- Verify the new provider.
In Step 3 while adding SharePoint as a relying party application we have given URL of the SharePoint application in Realm and Return URL fields.
Then in step 5 created a Rule group to pass name as upn
After all configuration, we changed the Authentication Provider for our SharePoint Web application to ACS provider and granted user (Azure AD user) permission to web application.
When we try to login to our SharePoint site using Azure AD accounts, it does not recognize it. Any idea how to troubleshoot and find out the possible cause of error?