I learnt something today that I thought would be interesting to share in the hope someone else won’t need to do the research.
Say you already have Windows Intune or Azure AD already up and running and now you are ready to give Office 365 a go.
You have a couple of choices:
- Create a new Office 365 tenant
- Extend your existing Azure AD tenant and add Office 365 services.
The correct way to do things is to Extend your existing tenant and add Office 365 services. If you have Azure AD already you are likely DirSync to push all your user accounts from your on-prem AD to Azure AD. It makes sense that those are the same users you want to access Office 365 no doubt.
If you try and create a new tenant and then do DirSync to that tenant you will most likely hit issues with trying to push the same users to two different Azure AD tenants.
Extending is the way to go.
If you sign into the Office 365 management portal using your current credentials you use for Azure AD/Intune you will see a page like this:
You will notice it is saying that you are not currently subscribed to any Office 365 services.
So how do you go about adding those?
Jump over to the “purchase services” tab in the left navigation and you will get a selection of the various plans (aka SKUs) available. In my case I picked the E3 –Trial.
This will then add the services included to your tenant. Once provisioning is complete you can carry on with the other tasks you might like to do like setting up Identity Federation (ADFS) etc…
It seems blatantly obvious now I have tried this and this is possibly hardly worth a blog post, but until now I had always started from the Office 365 side of things and had never looked at starting with Azure AD and adding Office 365.
Turns out to be dead simple 🙂
Have you managed to get ADFS working with WAAD and SharePoint Online ?
I can find lots of blogs about WAAD, ADFS and SharePoint 2013 on-prem, but not WAAD, ADFS and SharePoint Online.
Yes in fact that is what we are setting up on this new tenant. We have ADFS running with a on-prem AD (all running in Azure, just to confuse things) and we DirSync that AD to Azure AD. Then we set up Office 365 by extending that existing Azure AD tenant via the process I show above. Final step is federating Office 365 identity to the corporate ADFS server (in progress). You don’t federate 365 with WAAD.