How to set up Office 365 / Azure AD SSO IIS server?

Securly supports single sign-on using Azure AD and authentication via G Suite and Microsoft AD. This gives schools a wider array of authentication options depending on their devices and environments.

Securly Azure AD Prerequisites:

  1. Securly accounts must be set to Azure school type.
  2. Windows Server 2008 or greater is available for Securly to install IIS. 
  3. Server 2008 and 2008R2 need to preinstall Microsoft .NET 4.5.  Server 2012,2012r2, 2016, and 2019 have this version built into the OS. Download from Microsoft at .NET Framework 4.5.2 (Offline Installer) 
  4. Azure AD Connect should be set up to upload users from local Active Directory to Azure Active Directory. 
  5. All Windows and Mac computers are joined to the domain. This will prevent pop-ups on workstations asking for usernames and passwords each time. 

Note that Securly does not recommend installing Securly Azure AD on a server already running an IIS. 

Hardware Requirements:

  Small Medium Large
User Count 0 - 10,000  10,000 - 40,000 40,000 +
CPU 4 6 8
RAM 8 GB 12 GB 16 GB
Hard Drive 40GB 40 GB 40 GB


Install Steps:

  1. Download and unzip the Securly Azure ADSSO Install 
  2. At the Elevated/Administrative PowerShell, enter: "Set-Execution Policy Unrestricted "
  3. Then run AzureInstall.ps1.
  4. The script will install IIS, copy files, and set permissions.
  5. When the script is done, it will open the C:\inetpub\wwwroot\securlysso\ folder. If you are using email as your primary identifying field. Copy the 2 files from C:\inetpub\wwwroot\securlysso\mail to C:\inetpub\wwwroot\securlysso\ and replace. 
  6. The script will also open the file c:\inetpub\wwwroot\securlysso\ServerInfo.txt. This will also have additional information needed for testing. 
  7. Once deployed, verify that the site and file are accessible from clients on your network in the format - Authentication URL: http://<servername>/securlysso/securlysso.aspx

Securly setup:

  1. You will now be able to log into Securly Filter at
  2. Anyone that is a Global Administrator in Azure can log in to Securly. 
  3. In the Securly Admin User Interface, go to Policy Editor - > Global Settings 
  4. You will find the intranet address field. intranet_address_new.png
  5. Once the Intranet Address is set correctly, it is best to do an OU import.  

OU Import:

  1. Click on the Policy map and then click on the cloud to import. This will initiate a call to the IIS server to query the domain and upload users and OUs to Securly.  This must be done from inside the network to communicate to the Securly IIS server and Domain Controller.
  2. You can now go ahead and assign policies to any new OUs that you may have imported.

Was this article helpful?
15 out of 24 found this helpful
Have more questions?
Submit a request



Article is closed for comments.

Articles in this section

See more