Skip to content

Commit 7a143f1

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #223892 from MarkMorow/patch-1
Update migrate-from-federation-to-cloud-authentication.md
2 parents 5153a0b + ac4a884 commit 7a143f1

File tree

1 file changed

+11
-4
lines changed

1 file changed

+11
-4
lines changed

articles/active-directory/hybrid/migrate-from-federation-to-cloud-authentication.md

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -355,21 +355,24 @@ On your Azure AD Connect server, follow the steps 1- 5 in [Option A](#option-a).
355355
>[!IMPORTANT]
356356
> You don't have to convert all domains at the same time. You might choose to start with a test domain on your production tenant or start with your domain that has the lowest number of users.
357357
358-
**Complete the conversion by using the Azure AD PowerShell module:**
358+
**Complete the conversion by using the Microsoft Graph PowerShell SDK:**
359359

360360
1. In PowerShell, sign in to Azure AD by using a Global Administrator account.
361+
```powershell
362+
Connect-MGGraph -Scopes "Domain.ReadWrite.All", "Directory.AccessAsUser.All"
363+
```
361364
362365
2. To convert the first domain, run the following command:
363366
```powershell
364-
Set-MsolDomainAuthentication -Authentication Managed -DomainName <domain name>
367+
Update-MgDomain -DomainId <domain name> -AuthenticationType "Managed"
365368
```
366-
See [Set-MsolDomainAuthentication](/powershell/module/msonline/set-msoldomainauthentication)
369+
See [Update-MgDomain](https://learn.microsoft.com/powershell/module/microsoft.graph.identity.directorymanagement/update-mgdomain?view=graph-powershell-1.0)
367370
368371
3. In the Azure AD portal, select **Azure Active Directory > Azure AD Connect**.
369372
370373
4. Verify that the domain has been converted to managed by running the following command:
371374
```powershell
372-
Get-MsolDomain -DomainName <domain name>
375+
Get-MgDomainFederationConfiguration -DomainId yourdomain.com
373376
```
374377
## Complete your migration
375378
@@ -443,6 +446,10 @@ If you have Azure AD Connect Health, you can [monitor usage](how-to-connect-heal
443446
444447
If you don't use AD FS for other purposes (that is, for other relying party trusts), you can decommission AD FS at this point.
445448
449+
### Remove AD FS
450+
451+
For a full list of steps to take to completely remove AD FS from the environment follow the [Active Directory Federation Services (AD FS) decommision guide](https://learn.microsoft.com/windows-server/identity/ad-fs/decommission/adfs-decommission-guide).
452+
446453
## Next steps
447454
448455
- [Learn about migrating applications](../manage-apps/migration-resources.md)

0 commit comments

Comments
 (0)