Problem:
The On Premise users are not able to login in OutLook.com/MailDomain integrated with Federated Environment Such as AD FS or Shibboleth. The actual result is, the user always redirect to outlook.com login page after successfully authenticated against the on premise domain.
Cause:
Federated ID Is Missing in the Exchange Online or Immutable ID Attribute is Missing in the Azure AD.
Solution:
Two Ways to Update the Source Anchor Or Immutabe ID attribute using Windows Azure AD or Microsoft Exchange Online Command Lets.
Pre-Requisit
1. Install the Office 365 Command Lets
2. Install the Windows Power Shell
Process 1: Windows Azure AD Immutable ID Update in Federated Domain.
In my examples I have used federated domain is test.edu and managed domain is test.onmicrosoft.com. You can replace with your own federated and managed domains before executing the command lets. The following tasks needs to be performed to update the Immutable ID in the Federated Domain.
1.1 Move the User from Federated Domain to Managed Domain.
The following command needs to be execute to move the user from federated domain to non federated domain.
Set-MsolUserPrincipalName -UserPrincipalName usrabc@test.edu -NewUserPrincipalName usrabc@testmain.onmicrosoft.com
1.2. Update the Immutable ID in Managed Domain
The following command needs to be execute to update the Immutable ID in non federated domain.
Set-MsolUser -UserPrincipalName usrabc@testmain.onmicrosoft.com -ImmutableId <Immutable ID>
1.3. Move the User from Managed Domain to Federated Domain
The following command needs to be execute to move the user from managed domain to federated domain.
Set-MsolUserPrincipalName -UserPrincipalName usrabc@testmain.onmicrosoft.com -NewUserPrincipalName usrabc@test.edu
Follow the Process 2 link to update the Source Anchor or Federated ID in Microsoft Exchange Online PowerShell
Continuation Process 2
The On Premise users are not able to login in OutLook.com/MailDomain integrated with Federated Environment Such as AD FS or Shibboleth. The actual result is, the user always redirect to outlook.com login page after successfully authenticated against the on premise domain.
Cause:
Federated ID Is Missing in the Exchange Online or Immutable ID Attribute is Missing in the Azure AD.
Solution:
Two Ways to Update the Source Anchor Or Immutabe ID attribute using Windows Azure AD or Microsoft Exchange Online Command Lets.
Pre-Requisit
1. Install the Office 365 Command Lets
2. Install the Windows Power Shell
Process 1: Windows Azure AD Immutable ID Update in Federated Domain.
In my examples I have used federated domain is test.edu and managed domain is test.onmicrosoft.com. You can replace with your own federated and managed domains before executing the command lets. The following tasks needs to be performed to update the Immutable ID in the Federated Domain.
1.1 Move the User from Federated Domain to Managed Domain.
The following command needs to be execute to move the user from federated domain to non federated domain.
Set-MsolUserPrincipalName -UserPrincipalName usrabc@test.edu -NewUserPrincipalName usrabc@testmain.onmicrosoft.com
1.2. Update the Immutable ID in Managed Domain
The following command needs to be execute to update the Immutable ID in non federated domain.
Set-MsolUser -UserPrincipalName usrabc@testmain.onmicrosoft.com -ImmutableId <Immutable ID>
1.3. Move the User from Managed Domain to Federated Domain
The following command needs to be execute to move the user from managed domain to federated domain.
Set-MsolUserPrincipalName -UserPrincipalName usrabc@testmain.onmicrosoft.com -NewUserPrincipalName usrabc@test.edu
Follow the Process 2 link to update the Source Anchor or Federated ID in Microsoft Exchange Online PowerShell
Continuation Process 2
No comments:
Post a Comment