Preauthenticate Office 365 (SharePoint and Exchange) for Internal Users


Using ADFS for Single Sign On does not leverage a full Single Sign On Experience for the users. People will often see the Office 365 and need to fill in their email/upn, before Single Sign On will happen.

Thanks to a very nice OneDrive CodePlex project (http://office365drivemap.codeplex.com/), which you should visit too, I was able to write the following PowerShell script which you can use to preauthenticate Office 365 when you use ADFS.

Run the following powershell script after login (see http://msdn.microsoft.com/en-us/library/jj130675.aspx to configure the script to run after login)


$domain = "contoso.com"; # your Federated domain
$ie = new-object -com InternetExplorer.Application
$ie.navigate("https://login.microsoftonline.com/login.srf")
$ie.visible = $true #Uncomment this for debugging

# Wait for the page to finish loading
do {sleep 1} until (-not ($ie.Busy))
# We have to click the remember me checkbox before logging in, we also have to have IE be automated for this to work
try {
  $ie.document.GetElementById("_link").click()
  do {sleep 1} until (-not ($ie.Busy))
} catch {$null}

try {
  $ie.document.GetElementById("cred_userid_inputtext").value = "dummy@"+$domain
  $ie.document.GetElementById("cred_keep_me_signed_in_checkbox").click()
  do {sleep 1} until (-not ($ie.Busy))
  $ie.document.GetElementById("cred_sign_in_button").click()
  do {sleep 1} until (-not ($ie.Busy))
}catch {$null}

sleep -seconds 15 # give plenty of time to redirect
$ie.Quit()

For exchange it is quite easy to create a auto-login just with some DNS modification. You just need to create a CNAME to outlook.com.

e.g. webmail.contoso.com => outlook.com

Advertisements

About Cloud Architect Joran Markx
I have been working on Microsoft Technology since 2003. In addition to (lead) developer and software architect, I am certified Microsoft Specialist and active in design and implementation of Hybrid Cloud platforms. In 2011 I have achieved a Master of Science in IT Management. This made me capable to solve complex issues from the business in an efficient and structured way. As Cloud Architect I am working on various challenging projects with a variety of clients. Within my organisation I fullfill a leading role when it comes to internal development and sharing of knowledge. My goal is to provide reliable and predictable services to our clients with a strong focus on the results achieved for the organisations I am working for.

4 Responses to Preauthenticate Office 365 (SharePoint and Exchange) for Internal Users

  1. Jason O says:

    I am using your script and then creating a shortcut to ODFB on the desktop. It works fine for someone who is an Admin on the computer but a standard user account it does not Pre-authenticate. Any ideas?
    Thank you!

    • I have only tested it as part of the windows login script. Do You know which like is problematic?

  2. Jason O. says:

    It opens IE but it doesn’t click in any of the boxes to enter the credentials and then move on.

    • Unfortunately, if UAC is enabled the scripts does not work 😦

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: