?
Solved

Office 365 Exchange 2013 Hybrid - Federating a second domain Azure AD

Posted on 2016-08-05
2
Medium Priority
?
65 Views
Last Modified: 2016-08-08
Hello,

We have recently added/verified another domain to Office 365 and would like to Federate it. As of this moment Azure AD is reporting:

Domains Verified for Directory Sync: 2
Domains Configured For Single Sign-On: 1

The instructions for "Configuring An Existing Customer Domain For Single Sign-On" gives me the command:

Convert-MsolDomainToFederated –DomainName domainname.com

My concern is Microsoft's statement in their article which states: "It’s best to perform a conversion when there are the fewest users, such as on a weekend, to reduce the impact on your users."

They don't exactly say or describe what that "impact" will be!

My questions

1. Does anyone know what this "impact" will be?
2. Will this at all affect existing users that are currently logged in via the initial federated domain?
3. Does this change require any additional changes with Azure AD Sync or within On-Premise ADFS?

Any insight or help would be greatly appreciated!
0
Comment
Question by:danherbon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 42

Accepted Solution

by:
Vasil Michev (MVP) earned 2000 total points
ID: 41744915
Just to clean things up a bit first - Hybrid has nothing to do with AD FS, don't mix them up.

As for federating additional domains, you basically need to recreate the trust with O365. Well, if it's a subdomain, you dont need to do anything. For example, if you have federated domain.com, then uk.domain.com will automatically be federated as well. If you are trying to federate anotherdomain.com however, you need to redo things with using the SupportMultipledomain switch. Details for example here: http://www.msexchange.org/blogs/walther/news/office-365-adfs-support-for-mutiple-upns-724.html

And you need to be careful if you have multiple subdomains: https://blogs.technet.microsoft.com/abizerh/2013/02/05/supportmultipledomain-switch-when-managing-sso-to-office-365/
0
 
LVL 1

Author Closing Comment

by:danherbon
ID: 41747539
Thanks!
0

Featured Post

What is a Denial of Service (DoS)?

A DoS is a malicious attempt to prevent the normal operation of a computer system. You may frequently see the terms 'DDoS' (Distributed Denial of Service) and 'DoS' used interchangeably, but there are some subtle differences.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question