To start with I had to login to Office 365. For that I started Powershell as administrator and used the following commands.
Import-Module SkypeOnlineConnector
$UserCredential = Get-Credential
$sfbSession = New-CsOnlineSession -Credential $UserCredential
Import-PSSession $sfbSession
Next I verified that the "Allowed domains" list were empty, just like I could also see in the GUI.
PS C:\WINDOWS\system32> Get-CsTenantFederationConfiguration
Identity : Global
AllowedDomains : AllowAllKnownDomains
BlockedDomains : {}
AllowFederatedUsers : True
AllowPublicUsers : True
TreatDiscoveredPartnersAsUnverified : False
SharedSipAddressSpace : False
An empty "Allowed Domains" list.
Then I started to have some issues since the documentation around the following commands is not entierly correct. To add an allowed domain the command Set-CsTenantFederationConfiguration should be used. However, the AllowedDomains parameter is not listed in the examples on how to use the command, and the handy AllowedDomainsAsAList parameter is not documented at all. Set-CsTenantFederationConfiguration should be used in conjuction with New-CsEdgeDomainPattern so the working syntax for these two commands are as follows:
$x = New-CsEdgeDomainPattern -Domain "microsoft.com"
Set-CsTenantFederationConfiguration -AllowedDomainsAsAList @{Add=$x}
using these commands we can build a "list" or script with powershell commands.
$x = New-CsEdgeDomainPattern -Domain "cellip.se"
Set-CsTenantFederationConfiguration -AllowedDomainsAsAList @{Add=$x}
$x = New-CsEdgeDomainPattern -Domain "relevo.se"
Set-CsTenantFederationConfiguration -AllowedDomainsAsAList @{Add=$x}
And now Powershell, as well as the GUI is showing what I want.
PS C:\WINDOWS\system32> Get-CsTenantFederationConfiguration
Identity : Global
AllowedDomains : Domain=microsoft.com,Domain=cellip.se,Domain=relevo.se
BlockedDomains : {}
AllowFederatedUsers : True
AllowPublicUsers : True
TreatDiscoveredPartnersAsUnverified : False
SharedSipAddressSpace : False
Don't hate - Federate!
No comments:
Post a Comment