Can’t convert domain to federated

I ran into an interesting problem setting up ADFS 2.1 on Windows Server 2012 for Office 365 federation. It is now a supported server OS for ADFS and Office 365 as long as you run the Azure Active Directory PowerShell. 

ADFS setup worked flawlessly and I setup the web certificate, etc. You can follow the ADFS 2.1 on Windows Server 2012 for Office 365 steps here now.

I went to convert my domain to federated in Azure Active Directory Powershell (steps here) to setup a Trust with Office 365 and it failed when I used the convert-msoldomaintofederated cmdlet.  I received an this error:

Convert-MsolDomainToFederated : Microsoft.Online.Administration.Automation.Iden
tityInternalServiceException
At line:1 char:30
+ Convert-MsolDomainToFederated <<<< -DomainName domain.edu
+ CategoryInfo : NotSpecified: (:) [Convert-MsolDomainToFederated
], FederationException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.Ident
ityInternalServiceException,Microsoft.Online.Identity.Federation.Powershel l.ConvertDomainToFederated

I found a fix that resolved this. You must run this PowerShell cmdlet first:

Set-MSOLpasswordpolicy validityperiod 90 –notificationdays 10 –domainname domain.edu

After I ran that – waited about 20 minutes – then ran:

convert-msoldomaintofederated –domainname domain.edu   - went through without issue.

It would appear that your password policy must be set to 270 days or less or you cannot convert your domain to a federated domain.

Finally, you should run get-msoldomain to check that you are indeed federated for that domain.