Azure AD Connect, ADFS and M365 domains

Frequent Contributor

Does each domain verified in M365 needs to be federated and setup in ADFS for authentication?  Scenario, Company A has one domain that is verified in M365. Azure AD Connect and ADFS is in place and all users with based UPNs/emails are authenticated using ADFS.


Company A has purchased another domain and now requires this domain to be verified in M365 and to be used for subset of company A users. This means steps for onboarding the domain are:

1. Add to M365 and verify it,

2. Add as a domain suffix to on-premises AD,

3. Change UPN and primary SMTP address of subset of users and let these users sync,

4. Users with domain based UPNs will be authenticated by Azure AD


Are the above steps all that would be required to get the subset of users to use the domain and keep logging-in to M365 workloads without ADFS?


0 Replies