Convert-MsolDomainToFederated in Office365 returns the error Service not available


While configuring ADFS 2.0 for Office365 we experienced an issue converting the domain to federated.

PS C:\> Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain
Convert-MsolDomainToFederated : Service not available
At line:1 char:30
+ Convert-MsolDomainToFederated <<<< -DomainName contoso.com -SupportMultipleDomain
+ CategoryInfo : InvalidOperation: (:) [Convert-MsolDomainToFederated], FederationException
+ FullyQualifiedErrorId : InternalError,Microsoft.Online.Identity.Federation.Powershell.ConvertDomainToFederated

Unfortunately googling (or bing-in) does not give a direct hit, so we have contact MS Support to help us out!

Office365

Reported cause
The Default password policy was modified.
The Default Password policy is “ValidityPeriod 90 -NotificationDays 14”
Customer had the PasswordValidityPeriod set to 730

Issue resolution

Change the password policy back to default by executing the following Powershell command

Start the Windows Azure Active Directory PowerShell module.
To do this, click Start, point to All Programs, click Microsoft Online Services, right-click Windows Azure Active Directory PowerShell module, and then click Run as administrator.

$cred = Get-Credential
Connect-MsolService –Credential $cred
Set-MsolPasswordPolicy -ValidityPeriod 90 -NotificationDays 14 -DomainName contoso.com

#after this, the convert MSOLDomainToFederated works perfectly!
Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain

Hopefully it works for you!

Advertisements

About SharePoint Architect Joran Markx
I have been working on SharePoint projects since 2003. In addition to (lead) developer and software architect, I am certified SharePoint Technology Specialist and active in design and development of Enterprise SharePoint platforms. In 2011 I have achieved a Master of Science in IT Management. This made me capable to solve complex issues from the business in an efficient and structured way. As SharePoint Architect I am working on various challenging projects with a variety of clients. Within my organisation I fullfill a leading role when it comes to internal development and sharing of knowledge. My goal is to provide reliable and predictable services to our clients with a strong focus on the results achieved for the organisations I am working for.

3 Responses to Convert-MsolDomainToFederated in Office365 returns the error Service not available

  1. Jeremy says:

    Thanks for the tip! I had just changed my settings to 730 days and when trying to setup ADFS I kept getting the error. Never would’ve guessed it was related to the password expiration. I will say this though, your command didn’t work for me. Kept saying that the cmdlet didn’t exist (Set-MsolPasswordPolicy). So I’m not sure if I don’t have something installed. But what I did was logged into the Admin portal for 365 and changed it there, back to 90 days instead of 730. It worked after I changed it on the portal. So even though I couldn’t use your powershell command the act of changing the password expiration still fixed my problem and I greatly appreciate it!

    • Hi Jeremy, you need to have the Windows Azure Active DIrectory Powershell module to execute this method. http://go.microsoft.com/fwlink/?linkid=236293

  2. Cyrus says:

    When I run the PowerShell module this error appears:

    Import-Module : Could not load file or assembly ‘file:///C:\Windows\system32\Wi
    ndowsPowerShell\v1.0\Modules\MSOnline\Microsoft.Online.Administration.Automatio
    n.PSModule.dll’ or one of its dependencies. This assembly is built by a runtime
    newer than the currently loaded runtime and cannot be loaded.
    At line:1 char:14
    + Import-Module <<<< MSOnline
    + CategoryInfo : InvalidOperation: (:) [Import-Module], BadImageF
    ormatException
    + FullyQualifiedErrorId : FormatXmlUpateException,Microsoft.PowerShell.Com
    mands.ImportModuleCommand

    How can I fix it?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: