« »

office365 notes (2014 edition)

had an issue with my test ADFS instance and office365, where federated logins were redirecting to the public URL for the production ADFS farm.

to resolve:
Get-MsolFederationProperty -DomainName [federated domain] – this displays the current federation info for ADFS & office365
Update-MsolFederatedDomain -DomainName [federated domain] – run this if the above info is outdated/incorrect
^may need to add “-supportmultipledomains” to this command
sources:
http://www.proexchange.be/blogs/office365/archive/2011/11/06/how-to-change-the-adfs-2-0-url-in-a-deployment-used-with-office-365.aspx
http://support.microsoft.com/kb/2647048

i’ve linked to an article before on how to convert a federated domain back to a standard domain, but here’s the exact command:
Convert-MsolDomainToStandard -DomainName [federated domain] -SkipUserConversion $true -PasswordFile c:\password.txt
(skipuserconversion would be set to false if you had no plans to refederate the domain)

list of *Msol* cmdlets: http://msdn.microsoft.com/en-us/library/azure/jj151815.aspx

customize ADFS 3.0…can now only be done with powershell cmdlets. the web files are evidently embedded inside of a DLL now and cannot be edited directly (like they could w/ ADFS 2.0)
list of commonly used cmdlets: http://technet.microsoft.com/en-us/library/dn280950.aspx

the A2 license SKUs for wave15 are:
<office 365 tenant>:STANDARDWOFFPACK_STUDENT
<office 365 tenant>:STANDARDWOFFPACK_FACULTY

test ADFS signin: https://fs.mydomain.com/adfs/ls/idpinitiatedsignon
ADFS federation metadata URL: https://fs.mydomain.com/federationmetadata/2007-06/federationmetadata.xml

change UPN of office365 user:
Set-MsolUserPrincipalName -UserPrincipalName [current username]@myfederateddomain.com -NewUserPrincipalName [current username]@office365tenant.onmicrosoft.com
then…
Set-MsolUserPrincipalName -UserPrincipalName [current username]@office365tenant.onmicrosoft.com -NewUserPrincipalName [new username]@myfederateddomain.com

at some point update the on-prem AD user to reflect the changes. if done beforehand dirsync will throw a sync error regarding this user.
source: http://community.office365.com/en-us/f/613/t/50201.aspx

This entry was written by resinblade , posted on Friday April 11 2014at 10:04 am , filed under IT . Bookmark the permalink . Post a comment below or leave a trackback: Trackback URL.

Comments are closed.

« »