In this case, there are 2 things that you would need to keep in mind.
- While federating the second custom domain, you would need to use -SupportMultipleDomain switch in the cmdlet. Convert-MsolDomainToFederated -DomainName your_domain_name -SupportMultipleDomain
- If there are existing cloud users that are using same UPN, there won't be any errors due to Duplicate Attribute Resiliency feature. The UPN for newly synced users will be generated as per below format:
OriginalPrefix + 4DigitNumber @ InitialTenantDomain .onmicrosoft.com
If you want to use the exiting UPN, you would either need to rename or remove the existing cloud accounts before synchronizing the new users with same UPN. Also, the redirection to ADFS will be done on the basis of UPN suffix which means cloud only users will also be redirected to ADFS and won't be able to authenticate in that case. So, the UPN for cloud only users should be either configured to use a custom managed domain or the .onmicrosoft.com domain.
Read more:
Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.