Getting source anchor error while creating a user

Question

Getting source anchor error while creating a user

Lavanya Poreddy 0

Hi

I am trying to create a user ( internal engineer) with the domain name same as the organization name( asksheldon.ai) and not able to create the user because of source anchor error.

Screenshot 2025-04-23 at 11.55.01 AM.png

Additionally, I am not able to make my domain primary as well.

1 answer

Your answer

Answer 1

Vigneshwar Duvva 2,300 Microsoft External Staff Moderator

Hello @Lavanya Poreddy

As per error we have identified you are using federated domain to create a user which throws the above error. Federated domain does not allow creating direct user unless it has a source instance.

As I understand you have changed the domain from managed to be federated. Now all users are experiencing issues with authentication. You want to move the domain back from federated to managed.

There is no way to perform this via GUI. You will have to run PowerShell commands to convert domain from federated to managed.

To perform this all you need is access to federation server and global admin account which has ".onmicrosoft.com" suffix.

You can run below commands in PowerShell from the device which is a federation server.

Open Windows PowerShell as administrator.

Run command "Install-Module MSOnline"

Connect to Entra AD using below commands.

Connect-MgGraph (Enter global admin credentials which has ".onmicrosoft.com" suffix.) Remove-MgDomainFederationConfiguration -DomainName <DomainName> (You will have to run this command if you are using ADFS for federation)

If you are using any other identity provider for federation then you can replace above last command with below command,

New-MgDomainFederationConfiguration -DomainName <DomainName> -Authentication Managed

Let me know if you have any further questions.

If you want to create user with the domain name as the organization name, you need to have the Onmicrosoft.com domain suffix. or create the user in on-premises and run the sync

Reference: https://learn.microsoft.com/en-us/microsoft-365/troubleshoot/domain-management/cannot-assign-federated-domain-to-user

If this answers your query, do click `Accept Answer` and `Yes`

Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-04-24T17:13:56.3733333+00:00

Hello @Lavanya Poreddy

Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back
Lavanya Poreddy 0 Reputation points

2025-04-24T18:05:32.45+00:00

Actually it didn't because it asked me to check on my email exchange and my email exchange is through godaddy.
Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-04-24T22:44:33.55+00:00

Hello Lavanya Poreddy

If you have configured federated domain from, Go daddy and the have mail exchange this is also considered the domain is federated. This comes under the same issue

Federated domain does not allow creating direct user unless it has a source instance.

If you want to create user with the domain name as the organization name, you need to have the Onmicrosoft.com domain suffix. or create the user in on-premises and run the sync
Lavanya Poreddy 0 Reputation points

2025-04-24T23:28:43.7633333+00:00

I am not sure I follow the instructions. I am a non technical founder so you really have to dummy it down for me unfortunately. My team has been waiting for access to Azure cloud to build their code and I have not been able to do that. This is really a high priority
Lavanya Poreddy 0 Reputation points

2025-04-25T17:46:49.48+00:00

Hi Vigneshwar

Can we get on a call to resolve this? I would like to make my domain to be primary. But I am getting the source anchor error.
Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-04-25T19:32:02.2166667+00:00

Hello Lavanya Poreddy

Yeah sure.
Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-04-28T22:58:08.44+00:00
Hello Lavanya Poreddy

As I understand you have changed the domain from managed to be federated. Now all users are experiencing issues with authentication. You want to move the domain back from federated to managed.

There is no way to perform this via GUI. You will have to run PowerShell commands to convert domain from federated to managed.

To perform this all you need is access to federation server and global admin account which has ".onmicrosoft.com" suffix.

You can run below commands in PowerShell from the device which is a federation server.

Open Windows PowerShell as administrator.

Run command "Install-Module MSOnline"

Connect to Azure AD using below commands.

Connect-Msolservice (Enter global admin credentials which has ".onmicrosoft.com" suffix.)

Convert-MsolDomainToStandard -DomainName <DomainName> (You will have to run this command if you are using ADFS for federation)

If you are using any other identity provider for federation then you can replace above last command with below command,

Set-MsolDomainAuthentication -DomainName <DomainName> -Authentication Managed

Let me know if you have any further questions.
Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-05-05T05:23:43.2666667+00:00

Hello Lavanya Poreddy

Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back

Hope this helps. Do let us know if you have any further queries
Vigneshwar Duvva 2,300 Reputation points Microsoft External Staff Moderator

2025-05-06T08:58:41.4133333+00:00

Hello Lavanya Poreddy

Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back

Hope this helps. Do let us know if you have any further queries

Share via

Getting source anchor error while creating a user

1 answer

Your answer