Mailbox Management & SSO after Office 365 Hybrid Migration

So you are coming to the end of an Exchange Online Hybrid migration, and are considering decommissioning the on-premise Hybrid Exchange server.  Are there any considerations that need to be taken into account?

By the end of the mailbox migrations, you may have configured Azure AD Sync and made the on-premises Active Directory the source of authority. Therefore, going forward, you must perform any required changes on the objects in the on-premises Active Directory and not in Office 365, as most attributes on  are read only. read more

Can’t login to Office365 using Single Sign-On if UPN uses sub-domain

Scenario:

You have federated your domain with Office 365 to provide Single Sign-On for your users

Problem

Some or all of your users cannot sign into Office 365.  Users are presented with the following error:

SSO1

Looking closer at the description you see the following:

AADSTS50107: Requested federation realm object ‘http://subdomain.domain.com/adfs/services/trust/’ does not exist. read more