"Each identifier for a relying party trust must be unique" error when you run the Update-MsolFederatedDomain command

Applies to: Office 365 Identity ManagementCloud Services (Web roles/Worker roles)Microsoft Intune

PROBLEM


When you run the Update-MsolFederatedDomain command in your Active Directory Federation Services (AD FS) environment from a server that's configured for a non-English language, you receive an error message that resembles the following. 
Update-MsolFederatedDomain : MSIS7612: Each identifier for a relying party trust must be unique across all relying party trusts in AD FS 2.0 configuration.

発生場所 行:1 文字:27

+ Update-MsolFederatedDomain <<<< -DomainName contoso.com

+ CategoryInfo : NotSpecified: (:) [Update-MsolFederatedDomain]、CmdletInvocationException

+ FullyQualifiedErrorId : MSIS7612: Each identifier for a relying party trust must be unique across all relying party trusts in AD FS 2.0 configuration.,Microsoft.Online.Identity.Federation.Powershell.UpdateFederatedDomainCommand

CAUSE


This issue occurs if the following conditions are true: 
  • The trust relationship was created by using a version of the Microsoft Online Services Module for Windows PowerShell that was released before July 2012. Versions that were released earlier than July 2012 use localized identifiers to set the relying party trust name.
  • A later version of Azure Active Directory Module for Windows PowerShell (previously known as the Microsoft Online Services Module for Windows PowerShell) was installed after the trust relationship was created. Versions of the Azure Active Directory Module for Windows PowerShell that were released after July 2012 use only an English language name for the relying party trust. 

SOLUTION


To resolve this issue, use the AD FS Management Console to change the display name of the relying party trust to an English language name. To do this, follow these steps:
  1. Open the AD FS console.
  2. Expand the left tree, select Trust Relationships, and then select Relying Party Trusts.
  3. Open the properties of the relying party trust, and then click the Identifiers tab.
  4. In the Display name box, change the display name to Microsoft Office 365 Identity Platform, and then click OK.

    For example, if the display name is in Japanese and appears as Microsoft Office 365 ID プラットフォーム, change it to Microsoft Office 365 Identity Platform.

    Screen shot of the properties dialog box for the relying party trust, showing the display name as Microsoft Office 365 Identity Platform
  5. Connect to Azure AD by using the Azure Active Directory Module for Windows PowerShell, and then run the Update-MsolFederatedDomain command.  

MORE INFORMATION


For more information, see Manage Azure AD using Windows PowerShell.