Azure: Setting up a custom domain for Office 365 by way of Azure Active Directory

If you’re like me, sometimes you like to do things a little more efficiently and elegantly through PowerShell or through the Azure portal when it deals with the underlying infrastructure that’s associated with an Office 365 tenant. If you’re using Office 365 you’ve established a tenant with a .onmicrosoft.com name.  Reminder PSA: You can’t change your tenant name after you’ve created it – at least not right now.  But you can mask it using custom DNS names.

If you’re a little leery of Azure, then perhaps this will help to peel back the onion and bring tears of happiness to your face.

Step 0 – realize what you’re doing 🙂 and also that you probably want to make certain that you have permission to use the domain name that you’re setting up on the Office 365 / Azure instance that you’re going to perform these configuration changes on. Note that if you’re using a domain name already for something else that it might be wise to create a subdomain to tinker with rather than making “adjustments” to the main domain that you’ve got (e.g. something.danusher.com rather than danusher.com).

Step 1 – Head on over to your Office 365 admin portal (https://portal.office.com/adminportal/) and go to the bottom left corner to expand the “Admin Centers” section and click on “Azure Active Directory” (https://aad.portal.azure.com/binarybrewery.onmicrosoft.com). This will launch you to your Azure Active Directory admin center within Azure (alternatively, you can go to portal.azure.com and click on Azure Active Directory from the left most blade to open these settings).

Step 2 – Expand “Azure Active Directory” from the left most blade and then select “Custom domain names” from the blade that appears. This will list out the default tenant name that you have with your Office 365 tenant that was built out with your tenant when it was provisioned.

Screenshot 2018-03-27 21.52.54.png

Step 3 – Add a custom domain by typing in the name of the domain and then determining if you want to use a TXT record or an MX record to verify that you own the domain. If you’re not familiar with how to edit your TXT or MX records, Microsoft has some handy documentation on this over on the Office 365 support documents – https://support.office.com/en-us/article/gather-the-information-you-need-to-create-office-365-dns-records-77f90d4a-dc7f-4f09-8972-c1b03ea85a67

Screenshot 2018-03-27 21.57.20.png

Step 4 – Wait a while. Or as Spence would say while provisioning your User Profile Application, get a cuppa coffee.  DNS sometimes can take a while to provision.

Screenshot 2018-03-27 21.58.58.png

Sadly there are no exciting fireworks through the Azure Portal when you verify ownership of a domain.Screenshot 2018-03-27 22.31.19.png

Just a quick toast that briefly appears in the upper right hand corner of the Azure Portal.

Step 5 – Determine whether you just want to setup Azure AD Connect to get started with Directory and Password Synchronization, or go back to the Office 365 portal and setup the remaining DNS entries to be able to fully recognize the capabilities of Office 365. Nevertheless, you’ll see this screen within Azure upon completion of domain verification.

Screenshot 2018-03-27 22.14.05.png

Back in the Office 365 Admin Center however, you’ll notice that the domain says that it’s still being setup.

Screenshot 2018-03-27 22.34.09.pngStep 6 – Complete the setup of the domain by clicking on the line item associated with the domain name that has been verified by Microsoft Azure.

If I point my name servers from this domain through my registrar to be managed by Microsoft’s name servers, a lot of things just go away as Microsoft manages the domain for me at that point. If I however want to perform these configurations on my own as I have a complex DNS environment, I can do so by adding the values similar to these (fairly standard where you simply replace “potatoe-cloud” with your DNS name)word:

screenshot-2018-03-27-22-35-13.png

After you’ve updated your DNS within your registrar, you’ll see something like this if you happen to have an incorrect record…

Screenshot 2018-03-27 22.48.11.png

In my case I accidentally had an extra character in there – simple cut and paste error. 😐

After making my corrections and verifying settings I received a nice note that all was configured and ready to go.

Screenshot 2018-03-27 22.54.53.png

From there, any new user I create within Office 365 will make use of the @potatoe.cloud domain name rather than the Tenant name.

Congrats on having your Office 365 email accounts now masked as well as user login’s. I’d recommend learning how to setup and use Azure AD Connect so that you’re able to move forward with having your domain identities provisioned with Office 365 / Azure Active Directory to enhance your end user’s experience.

Remember – DNS isn’t that difficult. But it’s easy to mess up and also then make things more difficult.

ARM Template Reference Now Available

If you’ve been tracking Microsoft’s Azure cloud offering over the past few years you’ve probably noticed that there have been a few (hundred) changes during that time period. And by hundred, I mean multiple hundreds. . .

One of those changes was to transition from the Azure Service Management interfaces to the Azure Resource Management template model. This methodology has made the development of complete environments through Infrastructure as Code significantly more manageable through resource groups using templates that can be spun up and torn down on demand.

Recently Microsoft released their Azure Resource Manager template reference which guides you from nothing to environment in a pretty rapid fashion. If you’re familiar with Infrastructure as Code using JSON notation then this will be incredibly familiar to you and you may even find yourself liking it.

https://azure.microsoft.com/en-us/blog/azure-resource-manager-template-reference-now-available/

Windows Management Framework 4.0 Released

Just a heads up that the Windows Management Framework version 4.0 has been released.

If you remember the past year or so that it wasn’t until Service Pack 2 was released for SharePoint 2010 that you were able to use Windows Management Framework 3.0 with the application server. In similar fashion, version 4 is not compatible with a boat load of applications (Exchange 2013, SharePoint 2013, SharePoint 2010).

So before you get excited and run out and install it to start taking advantage of some of the improvements in Windows Remote Management, be mindful that it will break your applications.

http://www.microsoft.com/en-us/download/details.aspx?id=40855

Uncertain as to when we’ll see fixes to allow for compatibility with all of these application servers…

Check out the snazzy System Requirements tab:
Windows Management Framework 4.0

Blocking the installation of SharePoint 2013…

Recently I came across a thread on SPYAM regarding whether it’s possible to block SharePoint 2013 installations using group policy or through the registry.

Sure enough it’s possible to use the SharePoint 2010 installation blocking technique for SharePoint 2013 with a minor modification. Rather than having the Registry Key be for 14.0, just modify it to be 15.0.

So the key that end up implementing either through Group Policy, Power Shell or Registry key setting is:

HKLMSOFTWAREPoliciesMicrosoftShared ToolsWeb Server Extensions15.0SharePoint

With a DWORD Value of ‘DisableInstall’ with a property value of 1.

Sure you can still install the pre-reqs for 2013, but when you attempt to install the actual SharePoint 2013 binary, this is what you end up with:

SharePoint2013-BlockInstall

Time to pick up that VOIP handset and call the administrator about the GPO that seems to be pushed to my server and why I should be allowed to be moved to another OU that has a different domain linked policy. 🙂

Docs: Upgrading to SharePoint Server 2010 v3 Released

Similar to other documents, Microsoft has released a second update this month pertaining to Upgrading to SharePoint 2010. Similar to other docs, no change log is included with the document – break out your compare documents to find out the differences.

The document is available in two flavours, doc and pdf and available here for download:

Upgrading to SharePoint 2010 – Version 3, Released 17 January 2001

Docs: Group Policy for Microsoft Office 2010 – Update v2

In case you downloaded the Group Policy for Microsoft Office 2010 earlier this month, Microsoft has updated the documentation, still available in your favorite three flavours of doc, pdf and xps.

Group Policy for Microsoft Office 2010 Version 2, released on 17 January 2011

Unfortunately a change log page is not included within the document, thereby preventing us from knowing exactly what changed.

SharePoint Products and Technologies Protocol Documentation Update

For those of you that are working with integrating SharePoint with other technologies or just plumb curious as to the interfaces and technical specifications to take into account while developing solutions, best check out the 186 MB of SharePoint Products and Technologies Protocol Documentation that was recently updated and re-released. The original documentation was released back in July 2010.

Quick access here:

Microsoft SharePoint Products and Technologies Protocol Documentation – (1/10/11 v1.11)