This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 27%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Hi
We have configured SSO for Office 365 through ADFS (Farm behavior level 3). Azure AD connect is installed with a separate server. We have configured a new UPN (newupn.com) with all users and will remove the old UPN (oldupn.com) soon in the future. With AD connect server below is the current status
Get-MsolDomain
Name Status Authentication
newupn.com Verified Managed
oldupn.com Verified Federated
mycompanyhub.onmicrosoft.com Verified Managed
mycompanyhub.mail.onmicrosoft.com Verified Managed
mycompanyhub.sa Verified Managed
Since all the configuration was managed by a previous engineer we don't have exact idea on configuration changes. We plan to run below commands with new upn, please let us know whether they correct the SSO with new upn
Convert-MsolDomainToFederated -DomainName newupn.com -SupportMultipleDomain
Should we run the -SupportMultipleDomain with existing UPN? Also in case of any issues, to revert the newupn.com as Managed, shall we run the command Convert-MsolDomainToStandard? What else we need to check with ADFS once we run above commands?
Thanks in advance
If you are not sure what the ADFS claim rules should look like for your environment, you can use the following online tool: Azure AD RPT Claim Rules.