Back up and restore Office 365 settings

Back up Office 365 settings

•Open the PowerShell command window and enter the following command to connect to the Office 365 tenant:

PS c:\>Connect-MsolService

•Enter the following command to back up the current domain federation settings into a file:

PS C:\Users\Administrator>Get-MsolDomainFederationSettings -DomainName <federated-domain> | Export-Clixml <xml-file-path>

For example:

Enter the following command to back up the current domain federation setting for the federated domain orange.com to an xml file c:\orange.com-original-settings.xml.

 

PS C:\Users\Administrator>Get-MsolDomainFederationSettings -DomainName orange.com | Export-Clixml c:\orange.com-original-settings.xml

Restore Office 365 settings

Perform the following tasks to restore Office 365 settings from an existing saved file:

1.

Load the configuration into a variable.

 

PS C:\Users\Administrator>$original = Import-Clixml <xml-file-path>

 

For example:

load config from file c:\orange.com-original-settings.xml into variable $original

 

PS C:\Users\Administrator>$original = Import-Clixml c:\orange.com-original-settings.xml

 

2.

Enter the following command to unfederate the domain if the domain is federated.

 

PS C:\Users\Administrator>Set-MsolDomainAuthentication -DomainName <federated-domain> -Authentication Managed

 

For example:

unfederate the orange.com domain

 

PS C:\Users\Administrator>Set-MsolDomainAuthentication -DomainName <federated-domain> -Authentication Managed

 

3.

Enter the following command to restore the configuration from the variable.

 

PS C:\Users\Administrator>Set-MsolDomainAuthentication -DomainName <federated-domain> -FederationBrandName $original.FederationBrandName -Authentication Federated -PassiveLogOnUri $original.PassiveLogOnUri -ActiveLogOnUri $original.ActiveLogonUri -SigningCertificate $original.SigningCertificate -IssuerUri $original.IssuerUri -LogOffUri $original.LogOffUri -PreferredAuthenticationProtocol <federation-protocol>

For example:

The restore federation settings for orange.com domain using WsFed protocol:

 

PS C:\Users\Administrator>Set-MsolDomainAuthentication -DomainName misentry.com -FederationBrandName $original.FederationBrandName -Authentication Federated -PassiveLogOnUri $original.PassiveLogOnUri -ActiveLogOnUri $original.ActiveLogonUri -SigningCertificate $original.SigningCertificate -IssuerUri $original.IssuerUri -LogOffUri $original.LogOffUri -PreferredAuthenticationProtocol "WSFED"

The value of the federation-protocol depends if you used SAML or WS-Federation earlier. The acceptable values are SAMLP or WSFED.