You must install the connector for Office 365 on a Windows Management Server. Before you install the connector, ensure that your environment meets all requirements stated in Section 10.2, Connector Requirements.
NOTE:The connector for Office 365 that is available in the Application Connector Catalog is not designed to be used with CloudAccess. That connector supports only SAML 2.0 and is very limited in functionality. Instead, ensure that you obtain the full WS-Federation connector that works with CloudAccess from the Downloads site.
To configure the server and install the connector:
Obtain the credentials for an Office 365 administrative account. For more information, see the Office 365 website.
Add the federated domain name to Office 365 that will be used for single sign-on with CloudAccess and Office 365, and then validate the ownership. Use the instructions at the following web page: Add your users and domain to Office 365.
NOTE: Microsoft requires that each Office 365 federated domain be configured with a unique issuer ID. Thus, each instance of the connector for Office 365 connects to only one unique Office 365 federated domain.
Verify that the Windows server where you plan to install the connector meets the prerequisites. For more information, see Section 10.2, Connector Requirements.
As an administrator on the Windows server, perform the following steps. For more information, see the IIS Manager help.
Install the Web Server (IIS) role and verify that the Application Development ASP and .Net features are installed.
Create a self-signed certificate in IIS Manager. Alternatively, you can use an imported server certificate. For more information, see Importing a Server Certificate.
Add an HTTPS binding for the Default Web Site using the certificate you created.
Test HTTPS by accessing the server through a browser using HTTPS. You should see the IIS server page after a certificate error (if you are using a self-signed certificate).
In the Application Pool Settings in IIS Manager, verify that the DefaultAppPool version is .NET v4.0.
Restart the IIS service.
Install Microsoft Online Services Sign-In Assistant 7.x. For more information, see Section 10.2, Connector Requirements.
Install Windows Azure AD Module for Windows. For more information, see Section 10.2, Connector Requirements.
As an administrator on the Windows server, download the connector for Office 365 .zip file from NetIQ Downloads. Unzip the file and run the Windows netiq-office365-connector-x.x.x.msi installer. You will need the following information:
DNS name of the CloudAccess appliance.
Administrator name and password of the CloudAccess appliance.
User name and password for the Office 365 Global administrator account.
The federated domain name specified in Step 2. If you get an error during installation, ensure that you selected the correct domain name.
Alternatively, you can run the connector installer in “silent mode” from the command line as follows:
msiexec /i netiq-office365-connector-x.x.x.msi /qb /L*v install-log.txt AG4CHOSTNAME="Appliance_Admin_DNS" AG4CADMIN="Appliance_Admin_Name" AG4CADMINPASS="Appliance_Admin_Password" O365ADMIN="O365_Admin" O365ADMINPASS="O365_Password" O365FEDDOMAIN="Domain_DNS" O365USAGELOCATION="US" LOCALIP="Windows_Server_IP_Address" APPPOOLNAME_NT=".NET v4.5"
By default, CloudAccess does not generate an installation log when you install the connector for Office 365. If you want a log of the installation, you must launch the installer from the command line using the following command:
msiexec /i netiq-office365-connector-x.x.x.msi /L*V "C:\log\example.log"
IMPORTANT:The connector for Office 365 installation location is c:\NetIQ\Office365Connector. You cannot change this location.
Continue with configuration of the connector in CloudAccess. For more information, see Section 10.4, Configuring the Connector for Office 365.