Microsoft Internet Explorer Configuration Settings
When the Microsoft Online Sign In Client is installed, it configures several Internet Explorer 7 settings, for the Single Sign On (SSO) services to work as expected. Amoung these configuration changes are the following:
Internet Explorer Configuration Settings
- Adds the https://*.microsoftonline.com in the Security --> Trusted Sites --> Sites section
- Sets Custom User Authentication settings in the Security --> Trusted Sites section, by enabling: "Automatic Logon with Current User Name and Password"
#2 is required for Single Sign On to work. When a user accesses an Online Resource that requires Windows Authentication, the client receives a 401 - "Access Denied" or "Unauthorized", which instructs the requesting client to send credentials. With the user typically logged into their Company Active Directory AND the Sign In Client, authenticated to the Online Active Directory, the client will pass the user's Online credentials automatically based on the above step #2.