Forum Discussion
SSO back to Standard Authentication
I already have a Support ticket open, but the Tech is being no help.
Here's what we want to do. We currently use a 3rd party SSO service and we want to go back to Standard authentication.
Using the info from this page (https://social.technet.microsoft.com/wiki/contents/articles/17857.dirsync-how-to-switch-from-single-sign-on-to-password-sync.aspx) here's what I think the steps are:
- Run the PowerShell command
Convert-MSOLDomainToStandard -DomainName contoso.com -SkipUserConversion $False -PasswordFile c:\userpasswords.txt - Turn on Password syncing in Azure AD Sync
- Force an Azure AD Sync so that user's passwords will be in Azure/Office365 so that they'll be able to login
We are not setting up AD FS.
Is there anything I'm missing?
Hi Cary,
Can you run the bellow command to see the result ?
Get-MsolFederationProperty –DomainName domain_name.com
- C_the_SBronze Contributor
How can I run that when I'm not using ADFS?
I get an error when I run that command to run Set-MsolADFSContext, which I can't as I don't have an ADFS server.
- C_the_SBronze Contributor
An update, the Office 365 support tech is refusing to help me setup my Office 365 Tenant to using Standard Authentication. He gave me a phone number for the general Microsoft Customer Support!
I'm now trying to open another ticket.
The cmdlets you pointed above are indeed intended to be used from the On-Prem AD FS server. For other federated providers, use the following
1) Get the domain info
Get-MsolDomainFederationSettings -DomainName sts.domain.com
2) Change the domain auth type
Set-MsolDomainAuthentication -DomainName sts.domain.com -Authentication Managed
3) If you need to configure/change the actual federation settings
Set-MsolDomainFederationSettings -DomainName blabla ....
- C_the_SBronze Contributor
Ok thanks I'll give it a go.