Emulate the Microsoft 365 Single-Sign-On Experience from Personal Systems

To most of us SSO (Single-Sign-On) means that we only need to enter our username and password one time to access our company’s services and applications. It sounds simple enough but is quite complex. As we have migrated to working remotely many of us have switched to using our personal computing systems for various reasons.

Many organizations have transitioned their server-based services (Web, Email, VoIP, Chat, etc.) to Microsoft’s 365 cloud platform. During this process software is installed on systems in the company datacenter that allow SSO to occur from company computers and accounts to the cloud resources. People expect this seamless process to work from their personal computers as well. Many are disappointed to find that it often does not.

Their thinking is along the lines of, “If I am accessing Outlook, Teams, and SharePoint in the cloud then my username and password aren’t going through the company network anyway.” Unfortunately, that is generally not the case. The confusion is compounded by the “used to work” factor. Cloud computing environments have greatly increased their security postures and as a result, saving a password in your browser, and other “SSO” techniques no longer work as they once did.

There are methods that allow you to emulate the SSO experience from a personal device. Keep in mind that any or all these solutions may be blocked by your company. Also be aware that you are undertaking these methods at your own risk. Your personal computer systems are not usually covered by your employer’s technical support. Some of the methods result in your company gaining access to your equipment.

Microsoft 365 Chrome Browser Plug-In

Microsoft publishes a Google Chrome extension that stores and submits your Microsoft 365 username and password from the Chrome Browser. Follow the instructions below to install and configure the extension.

Please note that installing this extension does not mean that you will never need to enter your password again. It will reduce the frequency of requests, but cloud computing environments like Microsoft 365, Amazon Web Services, or Google Docs will always require re-authentication at various points.

  1. Open Chrome and go to: https://chrome.google.com/webstore/detail/my-apps-secure-sign-in-ex/ggjhpefgjjfobnfoldnjipclpcfbgbhl
  2. Click the “Add to Chrome” button.
  3. Click “Add Extension”.
  4. Find the App’s icon in the Chrome tool bar (sometimes behind the “Manage Extensions Button”), click it once then click the “Sign in to get Started” button.
  5. Enter your Microsoft 365 email address and password when prompted to sign In.
  6. Check the box for “Don’t show this again” and click the “Yes” button.

Add Your Work Account

Windows 10 computers have an included feature that permanently links your personal system to your company’s Microsoft 365 Tenant. It requires a supported version of Windows 10. This method is not always 100% successful depending on several factors of your home computing environment and security policies enforced by your employer.

  1. Use the notifications slide out to access “All Setting” on your computer.
  2. In the Windows Settings screen click on Accounts.
  3. In the window that opens click on Access work or School then click Connect.
  4. Enter your work email address when prompted and click Next. Enter your work account password and click Next. You may be asked to accept various security policies; do so or the account addition process will fail.
  5. Once you have completed this process try accessing your company resources. From time to time you will be prompted to enter your username and password or PIN, but for the most part SSO should function.

Microsoft 365 Sign-In Assistant

The Microsoft 365 Sign-In Assistant is what the name implies, a piece of software that was intended to make signing into Microsoft’s cloud services more seamless. It is not required on Windows 10 computers, but if you are using an older version of Windows this tool can be effective. Download it from Microsoft.

Azure AD Join

The ultimate method to ensure that SSO is possible from your personal systems is to Azure AD Join them. The process is similar to adding a work account. Once completed, SSO is automatic because the system literally becomes a part of your organization’s Microsoft 365 subscription.

Note: Not all Microsoft 365 licenses support Azure AD Domain Joining. This procedure will result in your company’s Microsoft 365 Administrators having control over your personal computers.  

  1. Use the notifications slide out to access “All Setting” on your computer.
  2. In the Windows Settings screen click on Accounts.
  3. In the window that opens click on Access work or School then click Connect.
  4. On the next screen select the Join this device to Azure Active Directory link.
  5. You will be prompted to enter your work email address and your passwords. You will also be prompted to allow your employer’s administrators to have control over your system.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s