{"id":3155,"date":"2018-04-11T02:46:42","date_gmt":"2018-04-11T02:46:42","guid":{"rendered":"http:\/\/pariswells.com\/blog\/?p=3155"},"modified":"2018-04-11T02:46:42","modified_gmt":"2018-04-11T02:46:42","slug":"mimecast-sso-outlook-and-personal-portal-with-azure-ad-2fa","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/random\/mimecast-sso-outlook-and-personal-portal-with-azure-ad-2fa","title":{"rendered":"Mimecast SSO Outlook and Personal Portal with Azure AD 2fa"},"content":{"rendered":"<p><a href=\"https:\/\/community.mimecast.com\/docs\/DOC-1864\">Mimecast Guide<\/a><\/p><p><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/active-directory-saas-mimecast-personal-portal-tutorial\">Azure Microsoft Guide<\/a><\/p><p>Create a Distribution Group in Office 365, this will be to Add the users to you want enable SSO on , add Users\u00a0<\/p><p>Make sure Mimecast is Synced with Office365 AD &#8211; Services -&gt; Directory Synchronization ( Connect to 365 )\u00a0<\/p><p>Perform manual sync in Mimecast to download user and group<\/p><h2><strong>Azure<\/strong><\/h2><p>On Azure &#8211; Got o Azure Active Directory, All Application find:\u00a0\u00a0<strong>Mimecast Personal Portal<\/strong><\/p><p>Next <strong>Single Sign-On<\/strong><\/p><p>Sign on URL :\u00a0<a href=\"https:\/\/au-api.mimecast.com\/login\/saml\">https:\/\/au-api.mimecast.com\/login\/saml<\/a><\/p><p>Identifier : https:\/\/au-api.mimecast.com\/sso\/%Customer ID% per Mimecase User Guide<\/p><p>Reply URL : https:\/\/au-api.mimecast.com\/login\/saml<\/p><p>User Identifier : user.mail<\/p><p>Azure AD Properterties : User assignment\u00a0 required No\u00a0<\/p><h2><strong>Mimecast<\/strong><\/h2><p>Configuring Mimecast-Personal-Portal for single sign-on<\/p><p>1.In a different web browser window, log into your Mimecast Personal Portal as an administrator.<\/p><p>2.Go to Services &gt; Applications.<\/p><p>3.Click Authentication Profiles.<\/p><p>4.Click New Authentication Profile.<\/p><p>5.In the Authentication Profile section, perform the following steps:<\/p><p id=\"hwJRgQR\"><img loading=\"lazy\" decoding=\"async\" width=\"474\" height=\"390\" class=\"alignnone size-full wp-image-3156  img-responsive\" src=\"http:\/\/pariswells.com\/blog\/wp-content\/uploads\/2018\/04\/img_5acd74c731b1e.png\" alt=\"\" srcset=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2018\/04\/img_5acd74c731b1e.png 474w, https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2018\/04\/img_5acd74c731b1e-300x247.png 300w\" sizes=\"auto, (max-width: 474px) 100vw, 474px\" \/><\/p><p>a. In the Description textbox, type a name for your configuration.<\/p><p>b. Select Enforce SAML Authentication for Mimecast Personal<\/p><p>c. As Provider, select Azure Active Directory.<\/p><p>d. In Issuer URL textbox, paste the value of Azure AD SAML Entity ID : https:\/\/sts.windows.net\/434324324342343242323442\/ which you have copied from Azure portal.<\/p><p>e. In Login URL textbox, paste the value of Azure AD Single Sign-On Service URL : https:\/\/login.microsoftonline.com\/434324324342343242323442\/saml2 which you have copied from Azure portal.<\/p><p>f. In Logout URL textbox, paste the value of Sign-Out URL which you have copied from Azure portal.<\/p><p>g. Open your Downloaded Azure AD Signing Certificate (Base64 encoded) in notepad downloaded from Azure portal, copy the content of it into your clipboard, and then paste it to the Identity Provider Certificate (Metadata) textbox.<\/p><p>h. Select Allow Single Sign On.<\/p><p>i. Click Save.<\/p><p>Now Add a New Application Settings to Application and Link the Group you created in the first step to use this New Authentication Profile<\/p><h3>Issues<\/h3><p>reply address &#8216;https:\/\/au-api.mimecast.com\/login\/saml&#8217; does not match the reply addresses configured for the application: &#8216;https:\/\/au-api.mimecast.com\/sso\/&#8217;.<\/p>","protected":false},"excerpt":{"rendered":"<p>Mimecast GuideAzure Microsoft GuideCreate a Distribution Group in Office 365, this will be to Add the users to you want enable SSO on , add Users\u00a0Make sure [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[2375,2373,1797,560,2376,2374],"class_list":["post-3155","post","type-post","status-publish","format-standard","hentry","category-random","tag-azure-ad","tag-does-not-match-the-reply-addresses-configured-for-the-application","tag-mimecast","tag-outlook","tag-saml","tag-single-sign-on"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/3155","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=3155"}],"version-history":[{"count":1,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/3155\/revisions"}],"predecessor-version":[{"id":3157,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/3155\/revisions\/3157"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=3155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=3155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=3155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}