Adding and Verifying a Federated Domain



Launch Microsoft Online Services Identity Federation Management tool

At the PowerShell command prompt type

Type $cred = Get-Credential

In the pop up window specify the username used for online account management (your Office 365 administrator credentials)


Connect ADFS 2.0 and Office 365

Type Set-MSOLContextCredential -MSOLAdminCredentials $cred


Add a federated Domain


This creates a domain in Office 365 and marks it for federated authentication. You will need to verify domain ownership by performing the step indicated in the warning message.

For example:

WARNING: Please verify domain ownership by adding a DNS CNAME record targeting at your domain registrar. More information can be found

Add-MSOLFederatedDomain -DomainName

Verify a federated domain

Run the following command again

Add-MSOLFederatedDomain -DomainName (because the domain has already been created (as this commad was run in the previous step) the link will be created between the Microsoft Federation Gateway and your local ADFS 2.0 server. Office 365 will verify the CNAME record you created matches the information you were given to verify ownership of the domain.


Then run Get-MSOLFederationProperty -DomainName

Sign into Office 365 using you corporate credentials (you need to have AD synchronisation running). If you are successfully logged in then federation has been successfully verified

View the Active Domain in the Microsoft Online Services portal.

Sign into


On the home page, select Admin


Select domains


Select you federated domain and notice to says domain type ‘federated’


Written by Daniel Kenyon-Smith