I have changed user sign in from ADFS to PHS in Azure AD Connect but Federation is still in use

Question

I have enabled the PHS sync several months ago and that works fine.
Today was the plan to change from ADFS to PHS for user sign ins.
Everything seemed to go as planned, but in Azure AD the federation is still visible:

Also when logging in the federation server is still in use.
I read that there could be about 2h delay when doing this, but now it's been something like 5h.
Should I wait of somehow manually try to solve this?

Answer 1

How did you convert the domain from federated to managed?

In order to use PHS, you must convert your Azure AD domain or use Azure AD Staged rollout. Enabling PHS or disabling the ADFS option in ADConnect will not convert your domain.

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/migrate-from-federation-to-cloud-authentication

Use the following cmdlet to see what the status is of your domain:
Get-MsolDomain -Domainname domain

If the domain shows federated, this means that you did not convert the domain properly, unless you are using Azure AD staged rollout. Also, to minimize impact on end-user, the recommendation is to use Azure AD staged rollout.

Answer 2

Thanks for the help, the solution was to run set-msoldomainauthentication powershell domain with attribute -Authentication Managed.
I somehow thought that the Azure AD Connect GUI would have taken care of this step, but that was not the case.

Now everything is working! Cheers!