Skip to main content

ADFS Office 365

Configure Federation Trust with Office 365

Now that we have our side of the federation setup, we can complete the federation with Office 365
  • Open the Desktop on the AD FS server

  • Windows Azure Active Directory Module for Windows PowerShell

  • Right Click and Run As Administrator

  • Set the credential variable
    • $cred=Get-Credential

  • Enter a Global Administrator account from Office 365. I have a dedicated tenant ( service account setup for AD FS and Directory Syncronization.

  • Connect to Microsoft Online Services with the credential variable set previously
    • Connect-MsolService –Credential $cred

  • Set the MSOL ADFS Context server, to the ADFS server
    • Set-MsolADFSContext –Computer

  • Convert the domain to a federated domain
    • Convert-MsolDomainToFederated –DomainName

  • Successful Federation
    • Successfully updated ‘‘ domain.

  • Verify federation
    • Get-MsolFederationProperty –DomainName
This completes the setup for federation to Office 365. Keep in mind that before you can successfully use single sign-on with Office 365, you will need to setup and configure Directory Synchronization. After Directory Synchronization is setup, you will have to license the synchronized user in Office 365. This will provision the services for the user. If they want to access Office 365 from outside the internal network, the AD FS Proxy server needs to be setup and configured.