Do you mean you run the below commands to enable 'SSO' for your OWA and ECP?
Set-OwaVirtualDirectory -Identity "EXCH\owa (Default Web Site)" -FormsAuthentication $false -WindowsAuthentication $true
Set-EcpVirtualDirectory -Identity "EXCH\ECP (Default Web Site)" -FormsAuthentication $false -WindowsAuthentication $true
If we want to have single sign on Exchange Server by owa. We could enable Window Integrated Authentication. Integrated Authentication allows domain users who are logged on to domain computers to automatically logon to OWA.
However, Integrated Authentication is not suitable for remote access by people using non-domain member computers, or people who are connecting via proxy servers.
This is a similar thread discussed the similar question: How to configure Exchange 2013 OWA with Single Sign On
And another choice to meet this requirement: Enable SSO (Single Sign On) to On-Premises Exchange OWA (Outlook Web Access) via Azure AD Application Proxy
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
- Enable Kerberos Authentication for Outlook Web Access On-Premises
- Enable Exchange On-Premises to use Integrated Windows Authentication
- Login to the Azure Portal to add your own on-premise application, Once your application is created, you should be redirected to Azure Active Directory -> Enterprise Applications -> Outlook Web Access. On this blade, select Single sign-on and then select the Windows Integrated Authentication button.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.