Change Error Report Email Destination for DirSync


For several customers we have configured the Directory Synchronization for Offcice365.

In most situations DirSync reports some Active Directory issues during synchronization, which is delivered by e-mail.

Although most error report and notification are sent to the Global Administrators, the DirSync error will only be delivered to the Technical Contact email address. To configure the technical contact for your tenant you can perform the following steps.

1. Open the Office365 Management Portal

2. Click on the name of your Company (in the upper right for O365 new-style, in the upper left for O365 old-style)

3. Update the technical contant e-mail address and press Save

Advertisements

Convert-MsolDomainToFederated in Office365 returns the error Service not available


While configuring ADFS 2.0 for Office365 we experienced an issue converting the domain to federated.

PS C:\> Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain
Convert-MsolDomainToFederated : Service not available
At line:1 char:30
+ Convert-MsolDomainToFederated <<<< -DomainName contoso.com -SupportMultipleDomain
+ CategoryInfo : InvalidOperation: (:) [Convert-MsolDomainToFederated], FederationException
+ FullyQualifiedErrorId : InternalError,Microsoft.Online.Identity.Federation.Powershell.ConvertDomainToFederated

Unfortunately googling (or bing-in) does not give a direct hit, so we have contact MS Support to help us out!

Office365

Reported cause
The Default password policy was modified.
The Default Password policy is “ValidityPeriod 90 -NotificationDays 14”
Customer had the PasswordValidityPeriod set to 730

Issue resolution

Change the password policy back to default by executing the following Powershell command

Start the Windows Azure Active Directory PowerShell module.
To do this, click Start, point to All Programs, click Microsoft Online Services, right-click Windows Azure Active Directory PowerShell module, and then click Run as administrator.

$cred = Get-Credential
Connect-MsolService –Credential $cred
Set-MsolPasswordPolicy -ValidityPeriod 90 -NotificationDays 14 -DomainName contoso.com

#after this, the convert MSOLDomainToFederated works perfectly!
Convert-MsolDomainToFederated -DomainName contoso.com -SupportMultipleDomain

Hopefully it works for you!