Quote Originally Posted by edmaa View Post
rtruscot wrote:

>
> Yer thats what im thinking too.
>
> Ill reach out to MS to get some clarity on why its not using SAML


I reckon its trying to obtain a SAML token in order to communicate with
O365. It doing this by submitting a username token. The challenge is
tho that the SAML token returned probably wouldn't be suitable to be
placed into a SAMLP:Response doc....let us know how you go. Curious to
know

--
Cheers,
Edward

Thanks to some great help from NetIQ I have been able to make this work in our test environment. Unfortunately it requires NAM 4.0.1 (we have a beta build) which wont be out for a little while (the next few months I believe). 4.0.1 has a few changes to the way that WS-Trust is implemented.

The working configuration also required us to move from SAML to WS-Fed for passive clients. I have confirmed that Office Activation, OneDrive and a few other things work on a variety of different devices. Yah!

Look out for a TID/Cool Solution from Neil once 4.0.1 has been released.