Converting an Office 365 Federated domain to Managed

My existing azure lab has an Exchange 2010 Hybrid set up with ADFS for single sign-on. I am planning to remove ADFS from the environment and use password sync instead.

First I should check if password sync is already enabled or not. I can check and confirm this from the Azure AD Connect application. Launch AAD Connect tool and check the current configuration :

To check the status of the domain you can use the following commands, once connected to Exchange Online using powershell:

Connect-MsolService -Credential $cred

Get-MsolDomain

The output will be similar to the below screenshot:

new1

As you can see above, the domain ‘anishjohnes.ga‘ is ‘Federated’.

If you go to ADFS management -> Relaying Party Trust, you will notice a trust already set up with MS Office 365.

dom1

Now to convert the domain to ‘Managed’ execute the below command :

Convert-MsolDomainToStandard -DomainName <String> -PasswordFile <String>              -SkipUserConversion <Boolean>  [-Confirm] [-WhatIf] [<CommonParameters>]

dom

Once the domain is converted to ‘Managed’ single sign-on will be no longer applicable, instead same sign-on will be applied. The trust with Microsoft Office 365 will be removed from Relaying Party Trust as well.

Advertisements