Details about automatically created subdomains part of Intune/O365

Copper Contributor

Hello everyone,

 

So let's say I work for the company abc.com which uses Intune and O365.


As far as I read and looked in many articles, there are these 3 subdomains which are automatically created whenever something is configured in a specific way in Intune/O365.

 

enterpriseenrollment.abc.com

enterpriseregistration.abc.com

msoid.abc.com

 

So I was wondering, regarding those 3 domains, those are owned by Microsoft, right? Even if the subdomain makes you think the owner is abc.com.

 

I am asking this because, as part of our Extended Security Posture Management scan for all the domains and subdomains which belong to our company, abc.com, there are some findings like 

missing http headers, certificate name mismatches (as it redirects to the MS URL, the CN from the certificate does not matched the url, etc.)

 

And I was wondering, could these be fixed by Microsoft, or is it something which can be ignored? If we can ignore these, how can we make sure that there is no relation anymore between abc.com and these domains? Are there some DNS entries which can/should be removed?

2 Replies
Hi, the two first are used by Intune the other one by Exchange Online.
enterpriseenrollment.abc.com
enterpriseregistration.abc.com
Fixing the DNS issue you are seeing would be hard as it is a Microsoft domain they point to.

@SweJorgenMVP , even if I would have the possibility to create a request case directly with Microsoft, do you think they would do something about the findings related to those subdomains? 🙂