The following forum(s) are migrating to a new home on Microsoft Q&A (Preview): Azure Active Directory!

Ask new questions on Microsoft Q&A (Preview).
Interact with existing posts until December 13, 2019, after which content will be closed to all new and existing posts.

Learn More

 none
Can not verify AAD / AD RRS feed

  • Question

  • Hello!

    Did a sync from my AAD to my AD, but after a while I disovered that I used the wrong tenant.

    I uinstalled the Azure Active Direct and removed the local domain from that tenant. Went to the new tenant, change the DNS settings (one week ago so no TTL issues), reinstalled the Azure Active Directory Connect, can verify to both AAD and to OnPrem AD, but when I come to "Azure AD sign-in configuration" it refuses to verify my Azure AD Domain. See screen shots of my setup. What have I done wrong?

    


    Alexander Ervik Johnsen



    • Edited by commaxx Sunday, November 3, 2019 2:16 PM
    Sunday, November 3, 2019 2:15 PM

All replies

  • Hi,

    Can you confirm the TXT record that screenshot asked for (which as crossed out of the screenshot was:

    MS=ms81232377

    That should work if it is as that shows against your domain when doing a lookup...or was that the record from the old tenant?  Was the hostname set to @ in the TXT settings?  The TTL value you have set for that TXT record doesnt match what they ask you to set, but that shouldnt be an issue - my domain is lower and that worked.

    Thanks,

    Matt

    Sunday, November 3, 2019 4:55 PM
  • Or maybe try and verify it manually in Azure?  Go to Azure AD, then 'custom domains' and click your domain name....is there a verify button there to click to verify?  Give that a try :-)
    Sunday, November 3, 2019 4:56 PM
  • When you say that you had setup the Sync to a wrong tenant, I presume that you would have verified the domain with the same wrong tenant.

    Now once a domain is verified with a tenant, the same domain can not be re-verified with another till it has been removed from the earlier tenant.

    Suggest you to login to the Azure Portal with the previous tenant credentials. To delete a custom domain name, you must first ensure that no resources in your directory rely on the domain name. You can't delete a domain name from your directory if:

    1. Any user has a user name, email address, or proxy address that includes the domain name.
    2. Any group has an email address or proxy address that includes the domain name.
    3. Any application in your Azure AD has an app ID URI that includes the domain name.

    You can follow this document for detailed instructions.

    -----------------------------------------------------------------------------------------
    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Monday, November 4, 2019 4:16 AM
    Moderator
  • Hey Commaxx,

    I'm following up on this issue, were you able to get the issue resolved by the last few responses? If not, please let us know and please provide any new information you may have, we may need to escalate this to a support case otherwise.

    Thanks,

    - Frank H

    Wednesday, November 13, 2019 11:20 PM
    Moderator
  • Please let us know if you were able to resolve the issue from the replies before. If you still have more questions please let us know with some additional information regarding your question and we'll try to resolve it. It may require additional support escalation if we are unable to resolve this on this msdn thread. 

    If there's no more follow ups in regards to this, I will be marking an answer as answer. If you feel your question has not been answered please let us know anymore pending asks and we can try to follow up accordingly. 

    thanks,

    - Frank H.

    Tuesday, November 26, 2019 7:47 PM
    Moderator