Microsoft O365 with Shib IDP

Rob Gorrell rwgorrel at
Tue Nov 3 17:10:35 UTC 2020

UW captured a pretty good comparison:
2FA options analysis for O365/AAD - Microsoft Infrastructure - UW-IT Wiki
but the short of it is, yes, there will be certain things you give up
(especially in the endpoint device arena) available to local auth/ADFS that
aren't possible with SAML federation. This is one of the reasons we moved
from Shibboleth federation with Azure to password hash sync.


On Tue, Nov 3, 2020 at 11:04 AM Hong Ye <hy93 at> wrote:

> Hello,
> We are considering switching O365 login from ADFS to Shibboleth IDP. We
> don’t know if this change will break authentication to Microsoft Intune and
> Microsoft Mobile device management. Does anyone have experience with that?
> Thanks,
> Hong Ye
> Identity Management
> Cornell University
> --
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at

Robert W. Gorrell
IT Manager, Identity and Access Management
University of NC at Greensboro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list