MCSMLab

View Original

Updated PowerShell script: Activate-SyncedPasswords

A couple of weeks ago I published a script that assists with switching your Office 365 authentication method from federated to managed and back again. After playing with the script for a while, I have realized that I had made a couple of incorrect assumptions about the rep-requisites for this script.

First of all, this script requires the Azure AD PowerShell module be installed on the machine running the script. This should not be a problem if the script is running from either your DirSync or ADFS server. Running this script from an administrative computer would have failed without this module being installed. I have added a test to ensure the Azure AD module is installed to prevent this problem.

Secondly, the easiest way to switch back from managed to federated authentication is to do so from the ADFS server. I have added a test in that section of the script to ensure that it is being run from your ADFS server. The switch from federated to managed part of the script can still be run from your DirSync server or admin console.

If you have another other suggests for improvements to this script, please let me know.

V2.0 of Active-SyncedPasswords can be downloaded from the TechNet script gallery.