Consider a scenario where you already have users as part of namtest.com and namnetiq.in. You now need to create a child domain support.namnetiq.in under namnetiq.in. In this case no federation settings are available in Office 365 for the child domain. The federation setting for the parent domain is used. So, it is important that the Issuer URI is not automatically changed to the User Principal Name of the user. The Issuer URI must be set to the parent domain Issuer URI. For the child domain support.namnetiq.in, the Issuer URI will be https://namnetiq.in/nidp/wsfed/
Click Devices > Identity Servers > Edit > Options > New.
|
Property Type |
Property Value |
|---|---|
|
STS CHANGE ISSUER |
Specify the value in this format: SPentityID:UPNDomain -> new IssuerID. The values of SPentityID:UPNDomain are case-sensitive. For example, urn:federation:MicrosoftOnline:support.namnetiq.in -> https://namnetiq.in/nidp/wsfed/ For example, urn:federation:MicrosoftOnline:support.namnetiq.in -> https://namnetiq.in/nidp/wsfed/ In case of multiple child domains, add each parent domain and child domain separated by comma. For example, if namnetiq.in is the parent domain and support.namnetiq.in and engineering.namnetiq.in are the child domains, specify the following entries: urn:federation:MicrosoftOnline:namnetiq.in -> https://namnetiq.in/nidp/wsfed/, urn:federation:MicrosoftOnline:support.namnetiq.in -> https://namnetiq.in/nidp/wsfed/, urn:federation:MicrosoftOnline:engineering.namnetiq.in -> https://namnetiq.com/nidp/wsfed/ |
|
STS OFFICE365 MULTI DOMAIN SUPPORT AUTO |
Select false. This ensures that the Issuer URI is formed based on the UPN of the parent domain. |
Click OK > Apply.