Office 365 Exchange 2013 Hybrid - Federating a second domain Azure AD

Hello,

We have recently added/verified another domain to Office 365 and would like to Federate it. As of this moment Azure AD is reporting:

Domains Verified for Directory Sync: 2
Domains Configured For Single Sign-On: 1

The instructions for "Configuring An Existing Customer Domain For Single Sign-On" gives me the command:

Convert-MsolDomainToFederated –DomainName domainname.com

My concern is Microsoft's statement in their article which states: "It’s best to perform a conversion when there are the fewest users, such as on a weekend, to reduce the impact on your users."

They don't exactly say or describe what that "impact" will be!

My questions

1. Does anyone know what this "impact" will be?
2. Will this at all affect existing users that are currently logged in via the initial federated domain?
3. Does this change require any additional changes with Azure AD Sync or within On-Premise ADFS?

Any insight or help would be greatly appreciated!
LVL 1
danherbonAsked:
Who is Participating?
 
Vasil Michev (MVP)Connect With a Mentor Commented:
Just to clean things up a bit first - Hybrid has nothing to do with AD FS, don't mix them up.

As for federating additional domains, you basically need to recreate the trust with O365. Well, if it's a subdomain, you dont need to do anything. For example, if you have federated domain.com, then uk.domain.com will automatically be federated as well. If you are trying to federate anotherdomain.com however, you need to redo things with using the SupportMultipledomain switch. Details for example here: http://www.msexchange.org/blogs/walther/news/office-365-adfs-support-for-mutiple-upns-724.html

And you need to be careful if you have multiple subdomains: https://blogs.technet.microsoft.com/abizerh/2013/02/05/supportmultipledomain-switch-when-managing-sso-to-office-365/
0
 
danherbonAuthor Commented:
Thanks!
0
All Courses

From novice to tech pro — start learning today.