DNS txt records for Azure AD connect

Copper Contributor

Hello All,

We are exploring the Azure AD connect in our environment. Before configuring in production environment we are currently working in Test Environment.

 

After installing the Azure AD Connect tool, one of the important pre-requsite is to registrer and add  ABC.TEST.COM AD Domain in our Azure Test Tennant to enable federation in our identity management solution. 

As the test environment is not publicly available and its only meant for testing, we are not sure how to proceed with regsitration of test envrionment.

4 Replies

@g461571, I might misunderstand the question, please correct me If I'm wrong... It seems you stuck at the custom domain name registration for your Azure AD. What you need to do there is to perform the actual verification and assignment of the domain name, i.e., you need to prove you own that domain name before you can actually assign it. No matter what domain registrar you use (GoDaddy, Namecheap, Cloudflare, etc.) the drill is the same... You purchase a domain from one of those I named (could be something different). After that, in the domain management section (on the registrar website) you create the TXT records you received from Azure AD for verification. Once verified, you assign a domain name in question to Azure AD. This article may also be helpful.

@Command0r yes you are correct.

But what i am looking for is we have test environment which is very generic like abc.test.com, we dont have any ownership or neither we purchase it. so still is it possible to registar the domain.

@g461571  Azure AD is a public service.  Setting AD Connect up, even in a test environment, requires a publicly routable domain name.  That is what allows users to locate and sign onto the service. 

If you have a Windows AD Domain in place, such as abc.test.com, and the public domain name is not available, you can use a different public domain name and modify the UPN for users on the Windows Domain.  This is common for environments that used non-routable domains (abc.test.local) for their Windows AD domain.  More information on that process is at the link below.

https://docs.microsoft.com/en-us/microsoft-365/enterprise/prepare-a-non-routable-domain-for-director...

@g461571 Yes you still need for the test or dev environment a routable domain name that you own for testing purpose, as this is exposed to Azure for the synchronization. Above links provided will help in creating the domain and setting up the environment.

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

 

Pre-reqs for AAD.

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-prerequisites

 

Hope this helps.