Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Adding Domain to the Custom Domain Names in AAD

Brass Contributor

Hi All,

I have a issue:

 

Problem Description: 

We have configured AAD Connect to sync all on prem users to Azure Active directory. The on-prem AD UPN suffix is @technet.org.au and the Azure AD user UPN suffix is @technet.onmicrosoft.com. After the initial sync, I could see all the on-prem users in AAD with the suffix username@technet.onmicrosoft.com. That is when I realized that the custom domain name i.e. technet.org.au wasn’t added to the custom domain names in AAD\Office 365. So I went ahead and registered the custom domain in Office 365. As part of the registration process, it asked to add a TXT record to the DNS service which we did. But it looks like the custom domain is added incorrectly. Instead of technet.org.au, the UPN suffix is: technetorgau.

 

Proposed Solution:

So In order to revert the change, i am thinking i should do this:

  1. Make sure that none of the users’ UPNs are updated to @technetorgau. (Revert it back to @technet.onmicrosoft.com if that is the case)
  2. Delete the domain from the Custom Domain Names
  3. Delete the TXT record from DNS

am i on the right path? 

 

Thanks everyone in advance

3 Replies

Never seen a domain being added "incorrectly" in the fashion you describe, but yes, the steps you outlined should do.

@Vasil Michev Thanks for your response. just for completeness i should add one more step to remediation steps that i posted earlier:

 

before deleting the domain from the Custom domain names, make sure it is not the primary domain as shown:

IM13.JPG

@ShehzadUIT 

1. As @Vasil Michev  mentioned, have never seen that happening in my experience, but yes the steps mentioned by you, should do the trick and get this resolved.

2. You can never remove a domain that is flagged as Primary, you would need to change the primary domain or in other words default routable domain to something else or domain.onmicrosoft.com and then remove the custom domain.

3. Ensure, no services bind up like SIP, Mailboxes associated with the custom domain name, to ensure smooth removal. Because a Force Removal would take atleast 24 hours to remove completely from backend before you can add your custom domain again.

 

Cheers !

 

Ankit Shukla