Revert from federated to standard authentication

Revert from federated to standard authentication

Q. How can I switch a federated Azure AD instance back to standard authentication?

A. If an Azure AD instance has been switched to using federation for authentication and you wish to switch it back to standard authentication ensure you have configured connections to Azure AD as documented at Q. What is required to use federation with an Azure AD instance? then run the command below (changing the domain name to your domain) to revert back to standard. Note you need to specify a password file which will be used to store the newly generated random password for any users that don't have a password in Azure AD (this would happen if you enabled synchronization but did not replicate the password hashes from on-premises AD so a new password is required). Additionally you configure if users should also be converted (which would be required at some point).

Convert-MsolDomainToStandard –DomainName 'savilltech.net' -PasswordFile userpass.txt -SkipUserConversion $false
#which uses: Set-MSOLDomainAuthentication -Authentication Managed -DomainName 'savilltech.net'

Each week, John Savill answers all of your toughest tech questions about the worlds of Windows Server, Azure, and beyond. Read his past IT advice here, and email your questions to john@savilltech.com.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish