Read the document, it should be very simple and follow below steps.
- Windows Azure Active Directory Module for Windows PowerShell
Right Click and Run As Administrator
- Set the credential variable
- $cred=Get-Credential Enter a Global Administrator account from Office 365. I have a dedicated tenant (@domain.onmicrosoft.com) service account setup for AD FS and Directory Syncronization.
- Connect to Microsoft Online Services with the credential variable set previously
Connect-MsolService –Credential $cred
Convert-msoldomaintostandard
- Set the MSOL ADFS Context server, to the ADFS server
Set-MsolADFSContext –Computer adfs_servername.domain_name.com
- Convert the domain to a federated domain
Convert-MsolDomainToFederated –DomainName domain_name.com
- Verify federation
Get-MsolFederationProperty –DomainName domain_name.com
We had some issues:
1: Connect-MsolService Throw exception, "may be proxy server error"
The case is we already configuration ADFS behide the load balance server, and the weigh is same, Fix it is turn off load balance, or set the Primary ADFS server as primary,
2: SSL Exception. Server TLS1.1 client is disabled. Should enable TLS1.1 TLS1.2 ssl client.
3: Everything good, but federation server did not get redirect.
Check the certification, grant the permission to service account , redo all steps.
4: Can not connect to ADFS server may be the remote power shell on ADFS server not enabled.
set up Windows PowerShell for remoting, type the following command, and then press Enter:
4: Can not connect to ADFS server may be the remote power shell on ADFS server not enabled.
set up Windows PowerShell for remoting, type the following command, and then press Enter:
Enable-PSRemoting –force
No comments:
Post a Comment