Microsoft Office Tutorials and References
In Depth Information
Converting the domain from standard authentication to identity federation
5. Return to the remote server or workstation on which you installed the Windows
Azure Active Directory Module and start the module.
6. Enter the following command, which will produce a logon prompt for a user name
and a password:
$cred = Get-Credential
The credentials you provide will be stored in a variable called $cred . When you see
the logon prompt, enter your Office 365 Global Administrator account name.
Note Why save a credential in a variable?
Technically, when managing identity with Windows PowerShell you can simply
use the command Connect-MsolService . You do not need to save the credential
in a variable first. However, we saved the credential in a variable in our example
because we will need it when we use Windows PowerShell for Exchange Online, so
we are just keeping it consistent throughout the book.
7. Enter the following command, which will attempt to connect and authenticate to an
Office 365 tenant using the logon credentials that you stored in $cred :
Connect-MsolService -Credential $cred
8. Enter the following command to set the context to that of the AD FS server:
Set-MsolAdfscontext -Computer <FQDN of federation server>
9. Lastly, enter the following command to convert the domain from standard
authentication to identity federation in Office 365:
Convert-MsolDomainToFederated -DomainName <domain name> -SupportMultipleDomain
Note that the -SupportMultipleDomain parameter is optional. Use it only if you will
be federating other top-level domains (TLDs) with this Office 365 tenant.
If you do not receive any Windows PowerShell error messages, which are usually red
in color, then your domain is now a federated domain. We will verify this in the “Veri-
fying a successful conversion of a domain” section.
Verifying a successful conversion of a domain
There are two main ways you can verify that federation has been successfully accomplished:
● Using Windows PowerShell
● Using the AD FS 2.0 Management snap-in