Convert-MsolDomainToFederated in Office365 returns the error Service not available

While configuring ADFS 2.0 for Office365 we experienced an issue converting the domain to federated.

PS C:\> Convert-MsolDomainToFederated -DomainName -SupportMultipleDomain
Convert-MsolDomainToFederated : Service not available
At line:1 char:30
+ Convert-MsolDomainToFederated <<<< -DomainName -SupportMultipleDomain
+ CategoryInfo : InvalidOperation: (:) [Convert-MsolDomainToFederated], FederationException
+ FullyQualifiedErrorId : InternalError,Microsoft.Online.Identity.Federation.Powershell.ConvertDomainToFederated

Unfortunately googling (or bing-in) does not give a direct hit, so we have contact MS Support to help us out!


Reported cause
The Default password policy was modified.
The Default Password policy is “ValidityPeriod 90 -NotificationDays 14”
Customer had the PasswordValidityPeriod set to 730

Issue resolution

Change the password policy back to default by executing the following Powershell command

Start the Windows Azure Active Directory PowerShell module.
To do this, click Start, point to All Programs, click Microsoft Online Services, right-click Windows Azure Active Directory PowerShell module, and then click Run as administrator.

$cred = Get-Credential
Connect-MsolService –Credential $cred
Set-MsolPasswordPolicy -ValidityPeriod 90 -NotificationDays 14 -DomainName

#after this, the convert MSOLDomainToFederated works perfectly!
Convert-MsolDomainToFederated -DomainName -SupportMultipleDomain

Hopefully it works for you!


About Cloud Architect Joran Markx
I have been working on Microsoft Technology since 2003. In addition to (lead) developer and software architect, I am certified Microsoft Specialist and active in design and implementation of Hybrid Cloud platforms. In 2011 I have achieved a Master of Science in IT Management. This made me capable to solve complex issues from the business in an efficient and structured way. As Cloud Architect I am working on various challenging projects with a variety of clients. Within my organisation I fullfill a leading role when it comes to internal development and sharing of knowledge. My goal is to provide reliable and predictable services to our clients with a strong focus on the results achieved for the organisations I am working for.

3 Responses to Convert-MsolDomainToFederated in Office365 returns the error Service not available

  1. Jeremy says:

    Thanks for the tip! I had just changed my settings to 730 days and when trying to setup ADFS I kept getting the error. Never would’ve guessed it was related to the password expiration. I will say this though, your command didn’t work for me. Kept saying that the cmdlet didn’t exist (Set-MsolPasswordPolicy). So I’m not sure if I don’t have something installed. But what I did was logged into the Admin portal for 365 and changed it there, back to 90 days instead of 730. It worked after I changed it on the portal. So even though I couldn’t use your powershell command the act of changing the password expiration still fixed my problem and I greatly appreciate it!

    • Hi Jeremy, you need to have the Windows Azure Active DIrectory Powershell module to execute this method.

  2. Cyrus says:

    When I run the PowerShell module this error appears:

    Import-Module : Could not load file or assembly ‘file:///C:\Windows\system32\Wi
    n.PSModule.dll’ or one of its dependencies. This assembly is built by a runtime
    newer than the currently loaded runtime and cannot be loaded.
    At line:1 char:14
    + Import-Module <<<< MSOnline
    + CategoryInfo : InvalidOperation: (:) [Import-Module], BadImageF
    + FullyQualifiedErrorId : FormatXmlUpateException,Microsoft.PowerShell.Com

    How can I fix it?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: