Authenticating users in multi-forest environments is just a bit more complex than doing it in a typical single-forest deployment. You should already be aware of the basics of the different authentication protocols and the AD FS thanks to previous chapters. The configuration of the integration with Office 365 is a straightforward process; with the Convert-MsolDomainToFederated command, you create everything needed in your ADFS configuration. With the switch SupportMultipleDomain, you can define if you are using a multi-forest scenario.

Next, we will start with the supported and possible scenarios in the case of using multiple forests and Office 365. We will focus on the AD FS server deployment. ...