Shulou(Shulou.com)06/03 Report--

Normal removal of domain names in office365 is very simple, divided into two cases:

One: The standard domain name in Office365, directly in the management center-installation-domain select the domain name to be removed and then click Unbind.

Second: For federated domain names in Office365, you first need to use the Convert-MsolDomainToStandard command on the local ADFS server to convert the federated domain name to a standard domain name, and then remove the standard domain name.

So it seems that the above two are more conventional operations. But my test environment recently suffered a server failure, and both AD and ADFS virtual machines were gone. That is to say, it is impossible to do standard domain name conversion on ADFS server normally. The problem with this is that if I have to do Office365 later, then there will be cases where the domain name cannot be bound, and it is necessary to unbind the domain name that has been bound before.

For instructions on how to convert federated domains to standard domains, see my previous article Office365 Exchange Hybrid No. 25, Multiple Federated Domain Name Configuration.

Executing the conversion command on my PC gives an error as shown below:

Based on the above information, how do we remove this domain name?

There is a command like this in Microsoft Docs that you can refer to.

Set-MsolDomainAuthentication

https://docs.microsoft.com/en-us/powershell/module/MSOnline/Set-MsolDomainAuthentication? view=azureadps-1.0

Next we will look at how to force domain name conversion to standard domain name.

Premise:

The login assistant and AAD Powershell module download links are as follows:

https://www.microsoft.com/zh-cn/download/details.aspx? id=39267

http://g.microsoftonline.com/0BX20zh-CHS/423

Then use the following command to convert the federated domain to a standard domain

Set-MsolDomainAuthentication -Authentication Managed -DomainName ucssi.cn

Then use get-msoldomain to see that we have converted ucssi.cn to a standard domain name, leaving only and-sc.com or federated status

Next, we continue to use the above command to force and-sc.com to a standard domain name

Next, take a look at the information in Office365

OK, there is no information about the joint domain name here. Under normal circumstances, after ADFS joint domain name is done, several domain names will be displayed here, as shown in the following figure.

Next use Set-MsolDirSyncEnabled -EnableDirSync $false to disable directory synchronization

Then you can delete the domain name in Office365 smoothly

The whole process was over.

This operation method is a very extreme case, my local AD and ADFS do not exist (PS test Office365 subscription has expired for half a year, all the data in it is gone). Again, it's better to be careful in the production environment ~~~

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.