Forum Discussion
Solved
Not Able to enable DKIM in Office365 - Online Exchange server
I have been trying to enable DKIM on office365 since a couple of days. I have entered all the require CNAME entry in the DNS. But when I try to run the below command via Powershell
Ran Powershell as an administrator then ran the following command
Set-ExecutionPolicy RemoteSigned
(kindly select yes to all option if asked)
$UserCredential = Get-Credential
(enter your Global admin account)
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Once connected to Exchange online ran the below command
Set-DkimSigningConfig -Identity "MYDOMAIN" -Enabled $true
I am getting an below error saying
The operation couldn't be performed because object 'MYDOMAIN' couldn't be found on 'MAXPR01A05DC004.INDPR01A005.PROD.OUTLOOK.COM'.
Can someone help me here
Hey Sumesh1980 ,
Okay, Just tested it, it appears you did not run the command :
New-DkimSigningConfig -DomainName <domain> -Enabled $false before updating the CNAME records.
So here are the steps that you need to complete in order to get this working:
1. New-DkimSigningConfig -DomainName <domain> -Enabled $false
2. Get-DkimSigningConfig -Identity <domain> | Format-List Selector1CNAME, Selector2CNAMEGrab the CNAMES and update them in DNS.
Then run the command:
Set-DkimSigningConfig -Identity <domain> -Enabled $true
After running the command in Step 1, it should not give you the domain not found error.
Thanks
Hey Sumesh1980 ,
Run Get-Accepteddomain from exchange powershell, check if you are able to see the domain listed here.
Verify exchange services are selected while adding the domain, step 5 in the following article : https://support.microsoft.com/en-us/office/connect-your-domain-to-office-365-cd74b4fa-6d34-4669-9937-ed178ac84515
If you don't see the domain listed in get-accepteddomain , and the services are selected that would mean a sync did not happen AADS and EXO; you will have to get a ticket going with MS to run the sync. Also, check if you are able to set the domain as SMTP for one of the users and try sending out a test email.
Thanks
Get-Accepteddomain is showing my domain. And also I am able to send emails that were configured on my mobile.
Hey Sumesh1980 ,
Okay, Just tested it, it appears you did not run the command :
New-DkimSigningConfig -DomainName <domain> -Enabled $false before updating the CNAME records.
So here are the steps that you need to complete in order to get this working:
1. New-DkimSigningConfig -DomainName <domain> -Enabled $false
2. Get-DkimSigningConfig -Identity <domain> | Format-List Selector1CNAME, Selector2CNAMEGrab the CNAMES and update them in DNS.
Then run the command:
Set-DkimSigningConfig -Identity <domain> -Enabled $true
After running the command in Step 1, it should not give you the domain not found error.
Thanks
