Purpose
This shows the step by step guide on how to completely disable Office365 Federation or called as Email Integration in Practice Protect.
Disabling this should reverted their login through Office365. Basically, users will have to re-authenticate using their Office365 credentials. We do advise to setup MultiFactor-Authentication (MFA) to users for added security.
Prerequisites
- Admin Access to Practice Protect Tenant along with its custom Login URL (i.e. tenantname.practiceprotect.app/my)
- Office365 Service Account with Global Admin Rights
- Powershell app on a computer with installed Azure AD module/MS Online
Instructions
1. Login to Practice Protect using the customized login URL and switch on the Admin Portal.
2. Go to Apps & Widgets section > Web Apps. Find and click Office 365 (type: Web – SAML + Provisioning). Note: App name may be different.
3. In the Application Settings, find the Office 365 Domains. select and tick the box of the Federated domain. On the Actions dropdown, select “Download Powershell Script“
This will download the script on your local computer.
4. Locate the downloaded file then right click on it and select “Run with Powershell” If there’s a warning, click on “open“
5. This will prompt to login and authenticate. Please use the Office365 Global Admin account credentials.
6. Once authenticated, a prompt will appear “What Action Would You Like To Do? Federate (F), UnFederate (U), or View Federation Settings (V)?:” Press U on the keyboard and hit Enter. Note: wait for few seconds to finish the execution.
7. To confirm it is disabled or unfederated, go back to the Office365 Application Settings in Practice Protect and check the domain. The “Type” should now set to Managed
Note: Refresh the page if the Type is not updating or re-run the PowerShell script from the Step 4
Remove Azure AD Registered App
1. Login to the Azure AD Portal and go to the Applications section and select App Registrations
2. Click All applications tab and select the app created by Practice Protect by clicking through it. Usually name as “PracticeProtect‘ or “PPAzureAD“.
3. Delete the app by clicking on the Delete button.
4. To confirm deletion, tick “I understand the implications of deleting this app registration” and click “Delete“
5. App is now deleted from the App Registrations. You’ll receive a notification pop up.
Note: This completes the steps of disabling Office365 Federation or Email Integration. Be aware that users should use their Office365 credentials to logon to any of their Office365 apps (Outlook, Teams, Onedrive and etc).
If end user/s doesn’t remember their Office365 credential, person (i.e. IT Personnel) who has admin access in Office365 should assist on resetting their passwords.