Exchange 2016, enable download domain for OWA/ECP

Dylan 1 Reputation point

To mitigate CVE-2021-1730, I'm looking for the right way to enable download domains on Exchange 2016 with claims-based auth for owa/ecp.

Download domain =
Claims-based auth =

I do not want to allow login from https://**download.** since that defies the purpose

Is the following all it takes?:
Set-OrganizationConfig -AdfsAudienceUris "","",""

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,184 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,319 questions
{count} votes