none
Custom Domain Unverified

    Question

  • Greetings.  I am attempting to verify a custom domain in AZ AD.  Using PS I can see the DNS txt record I have created matches what AZ AD has.  AD Sync is working, even ADFS has the trust setup for the custom domain, but in AZ AD/Domains it still lists the custom domain as unverified.  It has been days waiting for it to pick up the DNS record.  

    Everything looks like I would expect it to, sync is working, ADFS, I am just unable to get the custom domain to verify.  I did use AAD Connect instead of AD Sync that is the only thing that would be different than doing this in the past.  

    Any ideas on what I am missing?

    TIA

    Tuesday, July 21, 2015 8:53 PM

All replies

  • DNS verified using PS??  It sounds like you are adding these in your internal DNS.  You need to add these DNS records in the public DNS.  Are you hosting these public DNS? If not you need add these in your ISP DNS servers. 

    Santhosh Sivarajan | Houston, TX | www.sivarajan.com
    ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA

    Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012

    Blogs: Blogs
    Twitter: Twitter
    LinkedIn: LinkedIn
    Facebook: Facebook

    Microsoft Virtual Academy: Microsoft Virtual Academy

    This posting is provided AS IS with no warranties, and confers no rights.

    Wednesday, July 22, 2015 2:24 AM
  • These are being added to Godaddy's DNS records for the site.  The PS cmds I am referring to are Confirm-MsolDomain,  Get-MsolDomainVerificationDns, so on. From

    Wednesday, July 22, 2015 4:09 AM
  • Hello Anthony,

    Typically it takes about 15 minutes for your changes to take effect. But it can take up to 72 hours for the DNS record that you created to propagate through the DNS system.

    To troubleshoot domain issue you can refer to - https://azure.microsoft.com/en-us/documentation/articles/active-directory-add-domain/


    Best Regards

    Sadiqh Ahmed

    ________________________________________________________________________________________________________________

    If a post answers your question, please click Mark As Answer on that post and Vote as Helpful.

    Wednesday, July 22, 2015 11:30 AM
    Moderator
  • "It has been days waiting for it to pick up the DNS record. "
    Wednesday, July 22, 2015 12:30 PM
  • Do you see the DNS records if you use a third-party DNS resolver (e.g. this one)?

    If they are, would you mind sending me a note to phsignor microsoft.com with the details of the domain?

    Wednesday, July 22, 2015 1:21 PM
  • Anthony, did you ever get a resolution to this?  I am having the same issue.  Network solutions dns is updated and it has been days and still unverified.  I use the tools to lookup txt file and it reports correctly.
    Monday, February 15, 2016 2:08 PM
  • If your domain Federated? how did you add the domain? Using PowerShell?

    Santhosh Sivarajan | Houston, TX | www.sivarajan.com
    ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA

    My Books: | Windows Server Security | Windows Server 2012

    Blogs | Twitter | LinkedIn | Facebook|

    This posting is provided AS IS with no warranties, and confers no rights.

    Monday, February 15, 2016 3:07 PM
  • the domain is federated and it is windows 2012 r2 and accessible / available from outside world.  Added it via the azure portal.  Installed sync tool also.
    Monday, February 15, 2016 4:19 PM
  • I don't know what process you used. This is what I would do:

    Add domain using the following comdlet

    New-MsolFederateDomain –DomainName Domain.com – SupportMultipleDomain cmdlet

    – SupportMultipleDomain  - That is based on your config and requirements.

    You will get the TXT and MX record. Add these records in the public DNS zone for the custom domain.

    Sometimes, you may need to run the above cmdlet again to see the "verified" status.


    Santhosh Sivarajan | Houston, TX | www.sivarajan.com
    ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA

    My Books: | Windows Server Security | Windows Server 2012

    Blogs | Twitter | LinkedIn | Facebook|

    This posting is provided AS IS with no warranties, and confers no rights.

    Monday, February 15, 2016 4:24 PM
  • Thanks for the advice.  This worked for the 1st domain that I created on a test azure account.  Now that I am moving to the partner portal, I removed the users and domain from the old azure account and added the domain to the new account.  With new username and password added the domain and put in dns verification and it has not verified after 2 hours.  Did the above command and still sitting at unverified.

    Any other ideas for me?

    Thursday, March 03, 2016 9:38 PM
  • Hey BilliumG,

    If possible can you send me an e-mail with the domain namespace in question so I can have a look at this for you and get you unblocked as soon as possible. AzureADAssist [at] microsoft [.com]

    Many Thanks,

    James.


    Senior Escalation Engineer EEE-Dev | Azure AD Serviceability | Azure AD Identity and Access Management | blog: http://www.edutech.me.uk

    Sunday, March 06, 2016 4:48 AM