Log in to the domain-joined computer where you have installed the following components:
Microsoft Online Services Sign-in Assistant
Microsoft Azure Active Directory Module for Windows PowerShell
Azure AD Connect tool
Launch Windows Powershell and then run the following command to connect to your Office 365 tenant:
Connect-MsolService
Run the following command to verify whether your Office 365 domain is federated:
get-msoldomain -domain samplecompany.com
In case the authentication type of your Office 365 domain is set to Federated, you must convert the authentication type to Managed using the following command:
Set-MsolDomainAuthentication –DomainName samplecompany.com -Authentication Managed
Set the identity provider details in the PowerShell variables as follows:
$dom="fully_qualified_domain_name"
For example, $dom="samplecompany.com"
$uri="https://AdvancedAuthenticationServerAddress/osp/a/TOP/auth/saml2/metadata"
$url="https://AdvancedAuthenticationServerAddress/osp/a/TOP/auth/saml2/sso"
$logoutUrl="https://AdvancedAuthenticationServerAddress/osp/a/TOP/auth/saml2/slo"
$protocol="SAMLP"
$cert="paste the signing certificate that you have saved in a notepad file"
Run the following command to convert your Office 365 domain to Federated authentication:
Set-MsolDomainAuthentication –DomainName $dom -Authentication Federated -PassiveLogOnUri $url -IssuerUri $uri -LogOffUri $logoutUrl -PreferredAuthenticationProtocol SAMLP -SigningCertificate $cert
Run the following command to verify the federation settings of your Office 365 domain:
Get-MsolDomainFederationSettings -domain samplecompany.com