AzureAD Connect Single sign-on

Brass Contributor

We currently have multiple domains in 365.

Only the user UPNs are set as federated with ADFS.


We would like to test password hash with SSO on a non ADFS domain.


Currently AzureAD Connect is set to "Do not configure"


If I turn on "Password Hash Sync" and "Enable SSO" will that unset my Domains that are set to Federated in Office365 Admin?


If so, how do I enable this only for non-federated domains?




2 Replies

@Steve Berkholz 


Please take a look at this, you can keep ADFS but backup only, and password hash sync will be applied to ALL users once enabled:


What is password hash synchronization with Azure AD? - Microsoft Entra | Microsoft Learn


Picture to clarify.  Anyone know how to do this?