May 21, 2013 Leave a comment
While configuring ADFS 2.0 for Office365 we experienced an issue converting the domain to federated.
PS C:\> Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain
Convert-MsolDomainToFederated : Service not available
At line:1 char:30
+ Convert-MsolDomainToFederated <<<< -DomainName contoso.com -SupportMultipleDomain
+ CategoryInfo : InvalidOperation: (:) [Convert-MsolDomainToFederated], FederationException
+ FullyQualifiedErrorId : InternalError,Microsoft.Online.Identity.Federation.Powershell.ConvertDomainToFederated
Unfortunately googling (or bing-in) does not give a direct hit, so we have contact MS Support to help us out!
The Default password policy was modified.
The Default Password policy is “ValidityPeriod 90 -NotificationDays 14″
Customer had the PasswordValidityPeriod set to 730
Change the password policy back to default by executing the following Powershell command
Start the Windows Azure Active Directory PowerShell module.
To do this, click Start, point to All Programs, click Microsoft Online Services, right-click Windows Azure Active Directory PowerShell module, and then click Run as administrator.
$cred = Get-Credential
Connect-MsolService –Credential $cred
Set-MsolPasswordPolicy -ValidityPeriod 90 -NotificationDays 14 -DomainName contoso.com
#after this, the convert MSOLDomainToFederated works perfectly!
Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain
Hopefully it works for you!