Garry Shape
asked on
O365 Portal login still redirecting to Organization sign in after changing domain from Federated to Managed
I'm trying to get our O365 login working by authenticating a pilot group that's been sync'd to O365 via the Azure Sync Tool I downloaded from the portal when I logged in as Admin and setup on a 2012 R2 server.
The pilot group, which is just one user, sync'd fine.
However, when I go to sign in at portal.office.com with my username@domain.com, it still gives the message "We're taking you to your organization's sign-in page".
It then redirects to an https://ADFS.domain.com (where domain is our actual company's domain name that's online).
So I connected via Powershell per online instructions, and ran the following command to convert the domain in question from "Federated" to "Managed":
Set-MsolDomainAuthenticati on -DomainName domain.com –Authentication Managed
And now it shows as Managed instead of Federated.
However every time I try to sign in in the browser, I still continue to get the "We're taking you to your organization's sign-in page" message, which lands on the dead/unavailable adfs.domain.com site.
The ADFS server it's trying to direct to is not even around anymore. It was deleted my a terminated team member from before my time.
I can't run Set-MsolADFSContext because the ADFS server doesn't exist.
Are we stuck with this forever? Do I need to contact a Microsoft tech support and is there a free line of support to fix stuff like this?
The pilot group, which is just one user, sync'd fine.
However, when I go to sign in at portal.office.com with my username@domain.com, it still gives the message "We're taking you to your organization's sign-in page".
It then redirects to an https://ADFS.domain.com (where domain is our actual company's domain name that's online).
So I connected via Powershell per online instructions, and ran the following command to convert the domain in question from "Federated" to "Managed":
Set-MsolDomainAuthenticati
And now it shows as Managed instead of Federated.
However every time I try to sign in in the browser, I still continue to get the "We're taking you to your organization's sign-in page" message, which lands on the dead/unavailable adfs.domain.com site.
The ADFS server it's trying to direct to is not even around anymore. It was deleted my a terminated team member from before my time.
I can't run Set-MsolADFSContext because the ADFS server doesn't exist.
Are we stuck with this forever? Do I need to contact a Microsoft tech support and is there a free line of support to fix stuff like this?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Ok cool. Well that helped. I'm now able to login to the Portal with my on-premise AD account (after it Sync'd).
I guess that's all there is to it?
Other things like Skype, Exchange, etc. will require DNS changes?
I guess that's all there is to it?
Other things like Skype, Exchange, etc. will require DNS changes?
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
The AD account was sync'ed when domain was still federated.
After switching Domain to Managed, I ran command for my account:
Convert-MsolFederatedUser -UserPrincipalName user@domain.com
and can sign into portal without being redirected now....
now I'll need to see if next sync works properly