diff --git a/education/windows/configure-aad-google-trust.md b/education/windows/configure-aad-google-trust.md
index b6d4229e8f..d96b7414ca 100644
--- a/education/windows/configure-aad-google-trust.md
+++ b/education/windows/configure-aad-google-trust.md
@@ -1,7 +1,7 @@
 ---
 title: Configure federation between Google Workspace and Azure AD
 description: Configuration of a federated trust between Google Workspace and Azure AD, with Google Workspace acting as an identity provider (IdP) for Azure AD.
-ms.date: 02/24/2023
+ms.date: 04/04/2023
 ms.topic: how-to
 appliesto:
 ---
@@ -72,51 +72,56 @@ The configuration of Azure AD consists of changing the authentication method for
 Using the **IdP metadata** XML file downloaded from Google Workspace, modify the *$DomainName* variable of the following script to match your environment, and then run it in an elevated PowerShell session. When prompted to authenticate to Azure AD, use the credentials of an account with the *Global Administrator* role.
 
 ```powershell
-Install-Module -Name MSOnline
-Import-Module MSOnline
+Install-Module Microsoft.Graph
+Import-Module Microsoft.Graph
 
-$DomainName = "<your domain name>"
+$domainId = "<your domain name>"
 
 $xml = [Xml](Get-Content GoogleIDPMetadata.xml)
 
 $cert = -join $xml.EntityDescriptor.IDPSSODescriptor.KeyDescriptor.KeyInfo.X509Data.X509Certificate.Split()
 $issuerUri = $xml.EntityDescriptor.entityID
-$logOnUri = $xml.EntityDescriptor.IDPSSODescriptor.SingleSignOnService | ? { $_.Binding.Contains('Redirect') } | % { $_.Location }
-$LogOffUri = "https://accounts.google.com/logout"
-$brand = "Google Workspace Identity"
-Connect-MsolService
-$DomainAuthParams = @{
-    DomainName = $DomainName
-    Authentication = "Federated"
-    IssuerUri = $issuerUri
-    FederationBrandName = $brand
-    ActiveLogOnUri = $logOnUri
-    PassiveLogOnUri = $logOnUri
-    LogOffUri = $LogOffUri
-    SigningCertificate = $cert
-    PreferredAuthenticationProtocol = "SAMLP"
+$signinUri = $xml.EntityDescriptor.IDPSSODescriptor.SingleSignOnService | ? { $_.Binding.Contains('Redirect') } | % { $_.Location }
+$signoutUri = "https://accounts.google.com/logout"
+$displayName = "Google Workspace Identity"
+Connect-MGGraph -Scopes "Domain.ReadWrite.All", "Directory.AccessAsUser.All"
+
+$domainAuthParams = @{
+  DomainId = $domainId
+  IssuerUri = $issuerUri
+  DisplayName = $displayName
+  ActiveSignInUri = $signinUri
+  PassiveSignInUri = $signinUri
+  SignOutUri = $signoutUri
+  SigningCertificate = $cert
+  PreferredAuthenticationProtocol = "saml"
+  federatedIdpMfaBehavior = "acceptIfMfaDoneByFederatedIdp"
 }
-Set-MsolDomainAuthentication @DomainAuthParams
+
+New-MgDomainFederationConfiguration @domainAuthParams
 ```
 
 To verify that the configuration is correct, you can use the following PowerShell command:
 
 ```powershell
-Get-MsolDomainFederationSettings -DomainName $DomainName
+Get-MgDomainFederationConfiguration -DomainId $domainId |fl
 ```
 
 ```output
-ActiveLogOnUri                         : https://accounts.google.com/o/saml2/idp?<GUID>
-DefaultInteractiveAuthenticationMethod : 
-FederationBrandName                    : Google Workspace Identity
-IssuerUri                              : https://accounts.google.com/o/saml2?idpid=<GUID>
-LogOffUri                              : https://accounts.google.com/logout
-MetadataExchangeUri                    : 
-NextSigningCertificate                 : 
-OpenIdConnectDiscoveryEndpoint         : 
-PassiveLogOnUri                        : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
-SigningCertificate                     : <BASE64 encoded certificate>
-SupportsMfa                            : 
+ActiveSignInUri                       : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
+DisplayName                           : Google Workspace Identity
+FederatedIdpMfaBehavior               : acceptIfMfaDoneByFederatedIdp
+Id                                    : 3f600dce-ab37-4798-9341-ffd34b147f70
+IsSignedAuthenticationRequestRequired :
+IssuerUri                             : https://accounts.google.com/o/saml2?idpid=<GUID>
+MetadataExchangeUri                   :
+NextSigningCertificate                :
+PassiveSignInUri                      : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
+PreferredAuthenticationProtocol       : saml
+PromptLoginBehavior                   :
+SignOutUri                            : https://accounts.google.com/logout
+SigningCertificate                    : <BASE64 encoded certificate>
+AdditionalProperties                  : {}
 ```
 
 ## Verify federated authentication between Google Workspace and Azure AD
diff --git a/education/windows/federated-sign-in.md b/education/windows/federated-sign-in.md
index 28ba477eec..7eccc722a0 100644
--- a/education/windows/federated-sign-in.md
+++ b/education/windows/federated-sign-in.md
@@ -1,7 +1,7 @@
 ---
 title: Configure federated sign-in for Windows devices
 description: Description of federated sign-in feature for the Education SKUs of Windows 11 and how to configure it via Intune or provisioning packages.
-ms.date: 03/15/2023
+ms.date: 04/04/2023
 ms.topic: how-to
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>