How to disable Access Control (Office365)

for Office 365

 

<<Precautions>>
******************************************************************************
1. It may take some time to disable the federation after the commands are executed.
  *For your reference, it may take from 30 minutes to 1 hour to disable the federation.
2. Please reset Office365 passwords after disabling the federation.
(This is unnecessary if a password synchronization tool between AD and Office365 is installed.)
3. After the federation is disabled, please login to Office 365 at https://login.microsoftonline.com/.
******************************************************************************

1. How to disable the single sign on

1.1. Connect to Office365

Launch PowerShell on your PC and execute the following command.
(A PowerShell prompt is hereinafter referred to as "PS >".)

SnapCrab_NoName_2018-4-26_11-47-39_No-00.png

After the login dialog is displayed, login as an administrator user.

SnapCrab_NoName_2018-4-26_11-39-21_No-00.png

1.2. Confirm the domain information

Confirm the domain information using the following command.

 SnapCrab_NoName_2018-4-26_11-40-51_No-00.png

Confirm that the "Authentication" for the domain in use is displayed as "Federated".

1.3. Disable the single sign on settings

The following is a command to disable the settings.
*It may behave with single sign on settings even after executing the command, since it may take time to reflect on Office365. Please try again after some time.

SnapCrab_NoName_2018-4-26_11-42-20_No-00.png

Specify the domain where you want to disable the single sign on.

1.4. Confirm the domain information

Confirm the domain information using the following command.

SnapCrab_NoName_2018-4-26_11-43-48_No-00.png

After this step, "sample.co.jp" should be a non-single sign on domain.
Please confirm that the "Authentication" is displayed as "Managed" for all domains displayed.

 

2.How to delete the synchronization service

* This step is not necessary if you do not use our synchronization service. (HDE One Directory Sync)

[How to uninstall the HDE One synchronization service]
Please proceed with the following steps on a Windows server where the HDE One synchronization service is installed.

2-1. Go to [Control Panel] > [Programs and Features] and uninstall the following programs.
HDE One Directory Sync 1.2.1

2-2. Manually delete the folder "The C:\Program Files\HDE One Directory Sync" and all files under that folder.

2-3. In the case that the "C:\HDEOne" folder exists, manually delete the folder and all files under that folder.


3. Office365 password reset

This step is unnecessary if a password synchronization tool between AD and Office365 is installed.
* Please make sure to execute each command on one line each.

2-1. Create "C:\temp" folder

2-2. Login to PowerShell

SnapCrab_NoName_2018-4-26_11-47-39_No-00.png

* Please login with "onmicrosoft.com".

2-3. Get a user list

SnapCrab_NoName_2018-4-26_11-48-49_No-00.png

2-4.Manually delete meeting room accounts, etc. from the CSV user list.
* The CSV file is exported to "c:\temp".
* Please make sure to execute each command on one line each.

2-5. Password batch change

SnapCrab_NoName_2018-4-26_11-50-22_No-00.png

* Each user has to change their password after logging in to Office365.
* The password for all users will be the same. The 'XXXXXX' in the above command should be changed to an initial login password.
* Depending on the client's application, such as Outlook, the credential dialog may not be displayed in a prompt manner due to the Office 365 credential cache retention function.

 

 

          
Was this article helpful?

Frequently Asked Questions (FAQs)