Configuring Multiple UPN SSO with Azure AD and ADFS (4.0) 2016 to enable user login once via browser to all M365 services ?

EnterpriseArchitect 4,826 Reputation points
2020-07-15T06:56:40.91+00:00

People,

I'm currently using Hybrid OnPremise AD-AzureAD Sync and ADFS (4.0) 2016.
AD is single Forest domain.

I have multiple UPN for different users spread across multiple locations. as per https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/AzureADConnect, there are 20+ domains verified with green tick already, those are consists of smaller subsidiaries and sister companies.

  1. User1.Last@keyman .com
  2. User2.Last@company1.net
  3. User3.LastName@Corp.org
  4. ...

I wonder if this is the right steps to follow as per: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-multiple-domains Because when I execute the command:

$Cred = Get-Credential
Connect-MSOLservice -Credential $Cred

Get-MsolDomainFederationSettings -DomainName 'myCompany.com'

There is no result at all? or blank

Thank you in advance.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,201 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,660 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,311 Reputation points
    2020-07-15T07:45:51.66+00:00

    Hi @EnterpriseArchitect

    You will get results for the cmdlet Get-MsolDomainFederationSettings -DomainName myCompany.com only after you run Convert-MsolDomainToFederated -DomainName myCompany.com -SupportMultipleDomain cmdlet and the domain is successfully converted to federated domain. Below is the screenshot of how the output should look like:

    12423-untitled.png

    Could you please confirm that the domain 'myCompany.com' appears as federated domain in Azure Portal. Also, make sure you you are using admin account to run the cmdlet. If the domain is still a managed domain, you will not get any results for the Get-MsolDomainFederationSettings cmdlet.

    12495-untitled1.png

    -----------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.

    1 person found this answer helpful.
    0 comments
  2. EnterpriseArchitect 4,826 Reputation points
    2020-07-18T08:32:50.697+00:00

    @amanpreetsingh-msft where in the Azure portal can I see that screenshot about the domain federated checkboxes?