Open the ADFS management console.
Click Claims Provider Trusts > Add Claims Provider trust.
Click Start in the Add Claims Provider Trust Wizard.
Click Import data about the claims provider from a file in the Select Data Source tab.
Browse the Federation metadata file.
You can download the Federation metadata from the Advanced Authentication metadata URL: https://<aaf-server>/osp/a/TOP/auth/saml2/metadata.
Click Next.
Specify the Display name.
Click Next.
Select Open the Edit Claim Rules dialog for this claims provider when the wizard closes.
Click Close.
Right-click the Display name and click Edit Claim Rules.
Click Add Rule.
Select Send Claims Using a Custom Rule from Claim rule template in the Add Transform Claim Rule Wizard.
Click Next.
Specify the Claim rule name.
Paste the following in Custom rule:
c:[Type == "netbiosName"] => issue(Type = "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType);
Click OK.
Launch Windows Powershell and run the following command to connect to your Office 365 tenant:
Connect-MsolService
Run the following command to disable the PromptLoginBehavior parameter and to send wfresh=0 to AD FS for fresh authentication of federated users.
Set-MsolDomainFederationSettings -DomainName <domain_name> -PromptLoginBehavior Disabled