Change User Sign In method from Password hash Synchronization to ADFS Authentication
Hi All, We have a requirement, users in the environment is currently using the primary Authentication method as Password hash synchronization, which has to be changed to ADFS authentication. In the current environment we have existing ADFS infrastructure in place, We wanted to have the federation between on premises active directory and Azure AD, then we want the users primary authentication method to be changed from Password hash synchronization to ADFS authentication. In addition, there are multiple custom domains added as verified domains in Azure AD, which are currently set as with the domain type as "Managed" Below is the plan we have Created to change the Authentication Mechanism 1. Convert all the domains type from Managed to federated using the commands Convert-MsolDomainToFederated -DomainName abc.com -SupportMultipleDomain Followed by the above command, We will execute the below commands for all other domains. Convert-MsolDomainToFederated -DomainName xyz.com Convert-MsolDomainToFederated -DomainName test.com 2. Then change the user sign in method present in Azure AD connect server from Password hash synchronization to Federation with ADFS We would like to clarify the following queries Is there a way to go with the staged approach, Say for example, change any single domain at a time from Managed to Federated, then change user sign in on the Azure AD connect server from Password hash synchronization to Federation ? If your answer is yes, the other managed domains would continue to use Password Hash synchronization as the primary authentication method ? What would be the end user experience and Impact , when we convert the domain type from managed to federated and set the primary authentication method as ADFS ? Should users need to sign out and sign in back to office 365 services ? What would be the default time taken configured by Microsoft to switch all the users authentication completely from PHS to ADFS authentication ? Any other important considerations which is not captured and that has to be taken care for this activity ? Appreciate your view and inputs on this query.