Set-MsolDomainAuthentication
Changes the authentication type of the domain.
Syntax
Set-MsolDomainAuthentication
-DomainName <String>
-Authentication <DomainAuthenticationType>
[-SigningCertificate <String>]
[-NextSigningCertificate <String>]
[-LogOffUri <String>]
[-PassiveLogOnUri <String>]
[-ActiveLogOnUri <String>]
[-IssuerUri <String>]
[-FederationBrandName <String>]
[-MetadataExchangeUri <String>]
[-PreferredAuthenticationProtocol <AuthenticationProtocol>]
[-SupportsMfa <Boolean>]
[-DefaultInteractiveAuthenticationMethod <String>]
[-OpenIdConnectDiscoveryEndpoint <String>]
[-SigningCertificate Status <SigningCertificateUpdateStatus>]
[-PromptLoginBehavior <PromptLoginBehavior>]
[-TenantId <Guid>]
[<CommonParameters>] Description
The Set-MsolDomainAuthentication cmdlet changes the domain authentication between standard identity and single-sign on. This cmdlet updates only the settings in Azure Active Directory. Typically, the Convert-MsolDomainToStandard or Convert-MsolDomainToFederated cmdlet should be used instead.
Parameters
Specifies the URL of the end point used by active clients when authenticating with domains set up for single sign-on in Azure Active Directory. Single sign-on is also known as identity federation.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the authentication type of the domain. Valid values are: managed and federated. All users created on this domain have this authentication type.
| Type: | DomainAuthenticationType |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the default authentication method that should be used when an application requires the user to have interactive login.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the fully qualified domain name (FQDN) to update.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the name of the string value shown to users when signing in to Azure Active Directory services. We recommend that customers use something that is familiar to them, like their company name, such as Contoso, Inc.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the URI of the domain in the Azure Active Directory identity platform derived from the federation server.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the URL that clients are redirected to when they sign out of Azure Active Directory services.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the URL of the metadata exchange end point used for authentication from rich client applications such as Lync Online.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the next token signing certificate that is used to sign tokens when the primary signing certificate expires.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the OpenID Connect Discovery Endpoint of the federated IDP STS.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the URL that web-based clients are directed to when signing in to Azure Active Directory services.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the preferred authentication protocol.
| Type: | AuthenticationProtocol |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the prompt log-in behavior.
| Type: | PromptLoginBehavior |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the current certificate used to sign tokens passed to the Azure Active Directory Identity platform.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the update status of the signing certificate.
| Type: | SigningCertificateUpdateStatus |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Indicates whether the IDP STS supports MFA.
Note
We recommend configuring the security setting federatedIdpMfaBehavior to prevent bypassing of Azure MFA.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |