[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Office 365 Exchange 2013 Hybrid - Federating a second domain Azure AD

Posted on 2016-08-05
2
Medium Priority
?
74 Views
Last Modified: 2016-08-08
Hello,

We have recently added/verified another domain to Office 365 and would like to Federate it. As of this moment Azure AD is reporting:

Domains Verified for Directory Sync: 2
Domains Configured For Single Sign-On: 1

The instructions for "Configuring An Existing Customer Domain For Single Sign-On" gives me the command:

Convert-MsolDomainToFederated –DomainName domainname.com

My concern is Microsoft's statement in their article which states: "It’s best to perform a conversion when there are the fewest users, such as on a weekend, to reduce the impact on your users."

They don't exactly say or describe what that "impact" will be!

My questions

1. Does anyone know what this "impact" will be?
2. Will this at all affect existing users that are currently logged in via the initial federated domain?
3. Does this change require any additional changes with Azure AD Sync or within On-Premise ADFS?

Any insight or help would be greatly appreciated!
0
Comment
Question by:danherbon
2 Comments
 
LVL 44

Accepted Solution

by:
Vasil Michev (MVP) earned 2000 total points
ID: 41744915
Just to clean things up a bit first - Hybrid has nothing to do with AD FS, don't mix them up.

As for federating additional domains, you basically need to recreate the trust with O365. Well, if it's a subdomain, you dont need to do anything. For example, if you have federated domain.com, then uk.domain.com will automatically be federated as well. If you are trying to federate anotherdomain.com however, you need to redo things with using the SupportMultipledomain switch. Details for example here: http://www.msexchange.org/blogs/walther/news/office-365-adfs-support-for-mutiple-upns-724.html

And you need to be careful if you have multiple subdomains: https://blogs.technet.microsoft.com/abizerh/2013/02/05/supportmultipledomain-switch-when-managing-sso-to-office-365/
0
 
LVL 1

Author Closing Comment

by:danherbon
ID: 41747539
Thanks!
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question