I'm trying to get SSO to work with Office 365 and Sharepoint online and I'm getting really confused. My internal domain is "internal.com" and my external name is "external.com". external.com is added as a domain in O365, but internal.com is not. Should I put internal.com on a external DNS server and add it as a domain in O365? Would that make it so my internal users wouldn't have to sign into external.sharepoint.com?
SnapOverflow
When you sync with Office 365 your internal domain must be a routable address and this should be assigned to users UPN suffix. When you sync users you will then use the same logon as you would internally ([email protected]) to login to Office 365.
it's fine to have your Federated endpoint accessible from external.com (i.e. sts.external.com), as the server will be configured to talk to the internal systems. This won't change the name users will use to login.
You need to add your external domain (email domain) as an alternate UPN suffix for internal Active Directory users.
To add UPN suffixes (from TechNet)
If you need to update the UPN suffix for existing users, this article on the Office 365 support site has related background info with a handy PowerShell script. You may not be using domain.local, but the concepts all still apply.