Create an Azure AD Custom Domain Name

Introduction

Every single Azure AD tenant comes with a domain name initially which is domainname.onmicrosoft.com, you can’t actually delete or amend this but you can add your own name to the list by adding a custom Domain Name. You can also make it your primary domain if you like but that is entirely up to you.

Quick Note

You must already have a domain name with a domain registrar such as GoDaddy or domain.com, i will explain what details you should add during the actual config though so don’t worry just yet.  Click here for ICANN-Accredited Registrars

Also beforere you proceed, this assumes you already have an Azure Active Directory Tenant ( I already have mine setup and i am a global administrator), it’s also worth noting that my account in Azure AD is though a domain registrar and is Azure AD for Office 365 (Free).  You can see how to create a tenant direct from Microsoft

Instruction

  1. On your Azure Portal select Custom Domain Names and the click + Add Custom Domain

2. Type your new domain name (Ensure you include a .com, .net or another top level extension) into the Custom Domain Box, in my case i am using blackwaterconfig.co.uk and now select Add Domain

3. From here you need to copy the information from the new domain name (blackwaterconfig.co.uk) page into a new DNS record within your DNS Registrars portal, my example is below from Go Daddy.  The Type should be TXT (Text Record), the Host should be @ (root of domain), the TXT Value will be MS=ms37296173 in my case and the TTL (Time to live)should read 1 hour (equivalent to 3600 seconds) and ensure you save this

4. Once you have created your new TXT record with your domain registrar then go back to your Azure Portal where you left it with the new domain name ready to Verify and select Verify

Note: you may need to wait up to an hour for your new DNS Record you created to take effect before you can Verify Successfully as you will get the following error message


5. If this is successful you will see this screen below, from here you can Make this your Primary Domain which i am going to do now, once you click Make Primary you are asked Do you want to make blackwaterconfig.co.uk your primary domain so select Yes if you are 100% certain.

Note: You can also setup Azure AD Connect feature on your On-premises AD Server at this point, you would need to ensure you register the same domain name on Azure AD as you use with your on-premises solution.  Download the Azure AD Connect Tool here

6. That’s it, when you go to your Home>Azure AD Tenant (blackwaterconfig for me)>Custom Domain Names you will see this has been added, is now the primary and is also Verified


Issues with Verification?

  • If Azure AD can’t verify a custom domain name, try the following suggestions:
    • Wait at least an hour and try again. DNS records must propagate before Azure AD can verify the domain and this process can take an hour or more.
    • Make sure the DNS record is correct. Go back to the domain name registrar site and make sure the entry is there, and that it matches the DNS entry information provided by Azure AD.If you can’t update the record on the registrar site, you must share the entry with someone that has the right permissions to add the entry and verify it’s accurate.
  • Make sure the domain name isn’t already in use in another directory. A domain name can only be verified in one directory, which means that if your domain name is currently verified in another directory, it can’t also be verified in the new directory. To fix this duplication problem, you must delete the domain name from the old directory.
  • Make sure you don’t have any unmanaged Power BI tenants. If your users have activated Power BI through self-service sign-up and created an unmanaged tenant for your organization, you must take over management as an internal or external admin, using PowerShell. To learn more about how to take over an unmanaged directory,