In this article we are going to learn how to add custom domain names to Azure Active Directory. In a previous article, we learned what is Azure Active Directory (Azure AD) is. But for now, let’s have a simple idea of what is Azure AD.
Azure Active Directory is a multi-tenant, cloud-based directory and identity management service provided by Microsoft. For a company, Azure AD enables employees to sign up for multiple services and access them from anywhere in the cloud using a single set of login credentials.
So what are the domain names in Azure Active Directory?. Before that we need to know what is the use of Domain names. Domain names allow you to access networked resources. The most obvious resources are internet websites. You can also link a domain name to services such as Exchange Server, Microsoft 365, and Azure Active Directory (Azure AD).
In this article, we’ll look at how to use domain names in Azure AD and how subdomains work.
Custom domain names in Azure
You specify a default domain for your organization when you create an Azure subscription. The domain name is in this format, something.onmicrosoft.com. Contoso.onmicrosoft.com.
All Azure AD organizations receive the default domain name onmicrosoft.com from Azure. You are free to use it in your organization to create users and grant them resource access. If your company takes this route, your users will sign in with [email protected].
To make sign-in names more memorable and identifiable for your organization, you can associate a domain name that your company owns with Azure AD. You add your domain name as a custom domain name in Azure AD. Assume your company owns proseware.com in our example. If you add that domain name to Azure AD as a custom domain, your users will sign in with [email protected].
The access management features of Azure AD control users’ access to external Microsoft services after they sign in. Microsoft 365 and the Azure portal are two examples of such services. Users can also use Azure AD to access your company’s internal resources, such as intranets and cloud apps developed in-house.
You can purchase a domain name through Azure App Service domains or another domain registrar. App Service domains are top-level domains that Azure manages directly. They make it simple to manage App Service custom domains.
Add a domain name to Azure
You probably don’t need to add a custom domain to Azure AD if your organization already has one for a Microsoft 365 subscription. The domain has been listed and is ready to be used as the primary domain.
If you want to use a different domain or set up Microsoft 365 in a different organization than your Azure subscription, you may need to add a custom domain to Azure AD.
Your Azure AD organization can have up to 900 managed domain names.
Add a subdomain
Azure AD automatically verifies any subdomains you add after you add the custom domain and verify it. Examples include www.proseware.com and sandbox.proseware.com.
Managing DNS records
Without the Domain Name System, your domain name would be meaningless (DNS). This computer network provides a lookup database that connects a domain name to DNS records. Alias records for a single domain name can point to:
- Web servers by using A, AAAA, and CNAME records.
- Email services by using MX records.
- Name servers by using NS records.
- Proof of ownership by using TXT records.
The company that sold you the domain name can help you manage DNS records. You can also change the DNS provider by changing the name server for your domain. Consider Azure DNS if you want to centralize DNS management with your other infrastructure.
Add a custom domain name in Azure Active Directory
The instructions below will lead you through adding a custom domain name to Azure. You can follow along in your own Azure AD organization if you own an unused domain name.
Let’s assume our company has an Azure AD organization to which we can add the domain name before we start.
- Select Custom domain name from the Manage menu in Azure AD.
- Add a custom domain by selecting +Add custom domain.
- Enter the domain name proseware.com in the Custom domain name field.
- Select Add domain.
- Copy the DNS information from the proseware.com page.
Add DNS information to the domain registrar
Go to your domain registrar.
Using the DNS information you copied from Azure, create records for your domain. A text record has been added to Azure DNS, as shown in the screenshot below. As the domain registrar, Azure DNS is in charge.
Allow at least an hour for the DNS changes to take effect.
Verify the custom domain in Azure
- Select Custom domain name from the Manage menu in Azure AD.
- Select your custom domain name.
- Select Verify
- The domain name status switches to “Verified” if Azure confirms that the right record exists.
- Select + Add domain name and input a subdomain name, such as marketing.proseware.com, to create a subdomain. You don’t have to go through the verification process again.
Set the primary domain name
- Set one of the domain names as the primary once you’ve added the custom domain name and any subdomains.
- From the list of custom domain names, choose proseware.com.
- Select Make primary.
- Select Yes.
- The Primary column for proseware.com is now checked in the list of custom domain names.
Manage custom domain names by using Azure PowerShell
You might choose to use Azure PowerShell to handle your domain names.
- New-AzureADDomain:This function creates a new domain. Set the domain name as the primary domain name with the -IsDefault argument.
- Confirm-AzureADDomain:Allows you to check the ownership of a domain.
- Set-AzureADDomain: Updates a domain name and allows you to set it as the principal domain.
- Remove-AzureADDomain: Removes a domain from Azure Active Directory.
Add a user
Add users after you’ve added a custom domain name and made it the primary domain.
- Go to Azure Active Directory in the Azure portal.
- Select Users from the Manage menu on the left side of the screen.
- Select + New user.
- Fill in the values for User name and Name for your pilot user. As part of the username, the primary domain name appears.
So now we have a good idea of how to add custom domain name to Azure Active Directory.
