O365 Federation Error while trying Enabling External Identity Provider : “Set-MsolDomainAuthentication : Unable to complete this action”

The Error:

If you try to federate the O365 with an external authentication source you might come across the following Error.

Set-MsolDomainAuthentication : Unable to complete this action. Try again later.
At line:1 char:1

  • Set-MsolDomainAuthentication -DomainName $dom -Authentication Federat …
  • ~~~~~~~~~~~~~~~~~
  • CategoryInfo : OperationStopped: (:) [Set-MsolDomainAuthentication], MicrosoftOnlineException
  • FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InternalServiceException,Microsoft.
    Online.Administration.Automation.SetDomainAuthentication

The Cause and the Solution:

What it happens basically is that federation provider’s URLs should be unique for O365, even if it is used on another Tenant this will cause an issue! The detailed reasons when you get this message that you should check for solving the issue:

  • The federation URLs have a spelling error.
  • The federation provider URLs are already used on another domain on that tenant.
  • The federation provider URLs are already used in general in any Tenant!

$dom = “mydomain.com”
$url = “https://remote.mydomain.com/Lag/saml2/idp/SSOService.php”
$uri = “https://remote.mydomain.com/Lag/saml2/idp/metadata.php”
$logoutUrl = “https://remote.mydomain.com/Lag/saml2/idp/SingleLogoutService.php?
$cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(“C:\Scripts\Certificate.crt”)
$certData = [system.convert]::tobase64string($cert.rawdata)

Set-MsolDomainAuthentication –DomainName $dom -Authentication Federated -PassiveLogOnUri $url -ActiveLogOnUri $url -IssuerUri $uri -LogOffUri $logoutUrl -PreferredAuthenticationProtocol SAMLP -SigningCertificate $certData

If the above sounds confusing, very technical, or just time consuming for you current capacity, we are here to help Contact us by Clicking Here. We are helping businesses to stabilizing and optimizing their environments. We also offer monitoring as a service if you just want us to keep an eye and alert you if something has indications of the will stop working soon. Here is an article related to monitoring

About Alexios Pappas – Alexios Pappas has worked internally in IT Departments in multi-role technical and management positions for many years. In parallel, Alexios led IT multinational projects across several countries globally as an IT Freelancer. He repeatedly got Top Rated Plus distinction and also 100% satisfaction rate for over one and a half-decade, resulting from the Client’s feedback. Since 2015 he has been focused on informing and helping Businesses that want to improve and excel in their IT Section.