ADFS and Azure AD Connect Part II
So after my earlier issues missing the Customised settings for configuring AD Connect, I stumbled across another awesome “feature”.
Everything was working as planned until the 3rd to last step, then I got the below error:
“We cannot federate an Azure AD domain while signed in to Azure AD as a user in the same domain. Please choose a different domain to federate or restart this wizard and provide different Azure AD global administrator credentials”
Well, thank you very much, that’s confusing.
So, I re-ran the wizard after creating a different global admin account.
Nope, same error.
After much angst and retries, it turns out that MS wants you to use their domain for the Azure connect account.
This involved logging into the Azure Portal and manually updating the global admin user account to have the sign in <username>@<yourdomaincomhere>.onmicrosoft.com
After configuring this in the Azure Portal, I went back to the Connect to Azure AD setting and changed the user account to use @<yourdomaincomhere>.onmicrosoft.com and the wizard completed successfully.
Onward to the next unexpected issue that needs to be resolved!