How to setup Google Workspace for Single Sign-on Login from Office 365

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22.3″ custom_padding=”2px|||||”][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_padding=”10px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″]

In this blog we’ll use the following steps to configure G Suite to allow single sign-on from Office 365 accounts.

  1. Add the domain to both Office 365 and G Suite
  2. Configure Azure Active Directory single sign-on for G Suite integration
  3. Configure G Suite single sign-on to use Azure Active Directory
  4. Add automatic user provisioning so Azure Active Directory will create accounts in G Suite

Many organisations use both G Suite and Office 365 and create and delete user accounts for each system independently. This is not only more work for the administrator but also confusing for users who have to manage separate passwords. Single sign-on allows G Suite and Office 365 users to log in to both with the same account. Once they log in (or sign in) to one system, they are automatically logged in to the other system. Can you now guess where the name single sign-on comes from? In this post you’ll learn how to configure G Suite so that users can log in using their Office 365 account. We won’t be covering how to do it in the reverse direction, that is allowing Office 365 users to log in using a G Suite account.

 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”0px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_code _builder_version=”4.7.4″][bctt tweet=”You can manage your #GSuite users from Office 365 using Single Sign-on”][/et_pb_code][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-8px|||||” custom_padding=”0px|||||”]

Office 365 uses a product called Azure Active Directory for user management. You may never have used it (or even heard of it before as Office 365 hides it in the background), but we’ll be using it to set up single sign-on. You can activate the free Azure Active Directory subscription that comes with Office 365 by following these instructions from Microsoft

In the following video we’ll walk you through the steps to configure single sign-on and automatic user provisioning. Before you do this you’ll need active subscriptions to both Office 365 and G Suite and have added your organisation’s domain name to both of these if they’re not already added. There are links in the Resources section to add a domain to G Suite and Office 365 if you haven’t already done this.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_video src=”https://youtu.be/1UyevdX09hY” _builder_version=”4.7.4″][/et_pb_video][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”42px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-29px|||||” custom_padding=”2px|||||”]

Click this link for complete video transcription!

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-2px|||||” custom_padding=”0px|||||”]

Once you have implemented single sign-on with automatic user provisioning, all normal user management will be done in Office 365. You won’t need to manage them separately in G Suite, and users will only need one password for both systems. 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text module_id=”where-does-an-email-go-when-I-archive-it” _builder_version=”4.7.4″ custom_margin=”-25px|||||” custom_padding=”2px|||||”]

Resources

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_margin=”-12px|auto||auto||” custom_padding=”19px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″ custom_margin=”-43px|||||” custom_padding=”25px|||||”]

Here’s some additional resources to help you learn more about this process.

 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”0px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text module_id=”where-does-an-email-go-when-I-archive-it” _builder_version=”3.27.4″ custom_margin=”-18px|||||” custom_padding=”2px|||||”]

Terms

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_margin=”-20px|auto|-19px|auto||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″ custom_margin=”-3px|||||”]

There’s a bunch of terms used that may not make a lot of sense. Here’s what they mean.

Authentication – Verifying that a person is who they claim to be (in other words, verifying their identity). Typically this is done by successfully entering a username/email address and password and possibly an additional verification code.

Authorisation – Verifying that a person is entitled to access a system or resources. Even if you’re authenticated (you’ve verified your identity), you may not be authorised to access a particular system. For example, you might have an account on Office 365 and you have logged in and authenticated your identity, but you may not be authorised to log in to G Suite using that identity. 

Identity – This is commonly a digital representation of a person (although it might also be an organisation, an application, or a device). 

SAML – This is the standard that computer systems use for exchanging authentication and authorisation data and is what single sign-on uses so you can log in to G Suite using your Office 365 account.

Single Sign-on – A way for different computer systems to rely on another system for user authentication. From a user’s perspective, once they’ve signed on to a system, any other systems that use that single sign-on won’t require them to sign in again.

Azure Active Directory – Also known as Azure AD, this is a product from Microsoft that is available within Office 365. It is a sophisticated system for managing user’s identities and their access to systems and resources.

 

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Related Post

How well do you use the
Apple Apps Google Workspace Microsoft 365
tools in your workplace?

Find out if you’re working with the tools OR if you’ve got the
tools working for you.

What Industry Are You In?

Using Apple Apps, Google Workspace or Microsoft 365?

What Type of user are you?

🫣 Entry User | 🤹 Skilled User | 👑 Elite User

Take the quiz to find out. 

Privacy Policy

Using Technology Better Privacy Commitment

Introduction

We hold the privacy of your personal information in the highest regard.

Using Technology Better regards customer privacy as an important part of our relationship with our customers. The following privacy policy applies to all Using Technology Better users, and conforms to Internet privacy standards.

This policy will be continuously assessed against new technologies, business practices and our customers’ needs.

If you have questions or concerns regarding this statement, you should first contact the support team on our Contact Us Page.

Collection of Information

In order to use the Using Technology Better website, we may require information from you in order to provide the best service possible.

All correspondence may also be collected and stored, particularly in regard to sales, support and accounts, including Email.

Any information collected by Using Technology Better is collected via correspondence from you or your company. This may be via the telephone, Email, mail, fax or directly through our website.

Visitors and customers of japan.usingtechnologybetter.com will have their information shared back to DAIWABO INFORMATION SYSTEM CO., LTD. and DIS Service & Solution Co., Ltd.

Use of Collection Information

Any details collected from Using Technology Better customers is required in order to provide you with our

products and/or services, and a high level of customer service.

Correspondence is recorded in order to provide service references, and to assist in our staff development.

Web Site Use Information

Similar to other commercial Web sites, our Web sites utilize a standard technology called “cookies” (see explanation below, “What Are Cookies?”) and web server log files to collect information about how our Web site is used.

Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Web site, and the Web sites visited just before and just after our Web site.

Storage of Collected Information

The security of your personal information is important to us. When you enter sensitive information (such as credit card numbers) on our website, we encrypt that information using secure socket layer technology (SSL).

When Credit Card details are collected, we simply pass them on in order to be processed as required. We never permanently store complete Credit Card details.

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.

If you have any questions about security on our Website, you can email us at <ContactEmail>.

Access to Collected Information

If your personally identifiable information changes, or if you no longer desire our service, you may correct, update, delete or deactivate it by emailing us at <ContactEmail>.

Orders

If you purchase a product or service from us, we may request certain personally identifiable information from you.

You may be required to provide contact information such as:

Name

Email

Postal address

Your school or organisation

Financial information (such as credit card number, expiration date, name on card, card billing address).

We use this information for billing purposes and to fill your orders. If we have trouble processing an order, we will use this information to contact you.

Communications

Using Technology Better uses personally identifiable information for essential communications, such as

Emails

Accounts information

Critical service details.

We may also use this information for other purposes, including some promotional Emails.

If at any time a customer wishes not to receive such correspondence, they can request to be removed from any mailing lists by contacting support.

You will be notified when your personal information is collected by any third party that is not our agent/service provider, so you can make an informed choice as to whether or not to share your information with that party.

Third Parties

Using Technology Better may at its discretion use other third parties to provide essential services on our site or for our business processes.

We may share your details as necessary for the third party to provide that service.

These third parties are prohibited from using your personally identifiable information for any other purpose.

Using Technology Better does not share any information with third parties for any unknown or unrelated uses.

What Are Cookies?

A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a Web site, that site’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies.

Each Web site can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a Web site to access the cookies it has already sent to you, not the cookies sent to you by other sites.

Browsers are usually set to accept cookies. However, if you would prefer not to receive cookies, you may alter the configuration of your browser to refuse cookies.

If you choose to have your browser refuse cookies, it is possible that some areas of our site will not function as effectively when viewed by the users.

A cookie cannot retrieve any other data from your hard drive or pass on computer viruses.

How Do We Use Information We Collect from Cookies?

As you visit and browse our Web site, the site uses cookies to differentiate you from other users. In some cases, we also use cookies to prevent you from having to log in more than is necessary for security.

Cookies, in conjunction with our Web server’s log files, allow us to calculate the aggregate number of people visiting our Web site and which parts of the site are most popular. This helps us gather feedback to constantly improve our Web site and better serve our clients.

Cookies do not allow us to gather any personal information about you and we do not intentionally store any personal information that your browser provided to us in your cookies.

Legal

We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Website.

Links

Links on the Using Technology Better site to external entities are not covered within this policy. The terms and conditions set out in this privacy statement only cover the domain name of usingtechnologybetter.com

Changes to Privacy Policy

If we decide to change our privacy policy, we will post those changes to this privacy statement, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this privacy statement at any time, so please review it periodically. If we make material changes to this policy, we will not use the personal information you have submitted to us under this Privacy Policy in a manner that is materially inconsistent with this Privacy Policy, without your prior consent

Delivery Policy

Most goods are digitally delivered instantly via email.  Our services may be delivered either via an online medium or live in person.

For our online delivery see below.  For services delivered live onsite, please refer to our speaker agreement form which is emailed to you on confirmation of booking.

Refund Policy

We do not offer refunds or returns unless we cannot supply goods or services or the goods or services are not delivered as promised.

Australian law is the governing body for all work, goods and services supplied by Using Technology Better.

Marketing Release

Using Technology Better (UTB) may film, record, and photograph me (the results of which are the “Recordings”). UTB may also incorporate into any production(s) any separate content (e.g., quotes, testimonials, biographical information, profiles, photos, videos, sound recordings, artwork, etc.) I provide to UTB or approve in writing (“Materials”).

1.License

I grant to UTB an irrevocable, perpetual, worldwide, royalty-free license to, in its sole discretion, (i) edit, translate, and modify the Recordings and the Materials, (ii) attribute the Recordings and Materials to me by my name, age, and city and state of residence, (iii) incorporate the Recordings and the Materials into content to promote UTB, its programs, or products (“Content”), and (iv) publicly use, distribute, reproduce, create derivative works from, and perform/display the Content, and any excerpts thereof, in any language.

2. No Compensation.

I grant this permission without any financial or other obligation of any nature.

 

For any issues or concerns please contact us