Verify a domain at any domain name registrar

  • Article

Updated: September 10, 2015

Applies To: Azure, Windows Intune

Important

Please bear with us as we migrate this and other content to the Microsoft Azure website. This topic is no longer being updated and might become out of date. Please bookmark the updated Azure article on this subject, Add your own domain name to Azure AD.

If you already own a domain name, you can configure it to work with your Microsoft Azure AD tenant. After you configure your domain to work with Azure AD, you can change the destination of domain services—such as email and web hosting—to point to your cloud service. For more information, see Add your custom domain to Azure AD.

If you already have a domain registered with a domain name registrar, and you want to configure it to work with Azure AD, domain verification is required to confirm that you own the domain. To verify your domain, you create a DNS record at the domain name registrar, or wherever your DNS is hosted, and then Azure AD uses that record to confirm that you own the domain.

Note

  • Before you can verify your domain, you must add a custom domain to Azure AD. When you’ve added a custom domain but the domain hasn’t yet been verified, the status will either show as Click to verify domain or Unverified.

  • You can add and verify a custom domain name only once. If someone else in your company has already added and verified a custom domain name in Azure AD, you will receive an error message if you try to add the same domain again.

If your current hosting provider, which might be your domain name registrar, appears in the following list, click that link for step-by-step instructions for verifying your domain. If your DNS hosting provider is not listed, use the instructions following the list to verify your domain. You must complete all the steps to verify your domain in the cloud service.

Complete these steps

  • Step 1. Gather your domain information

  • Step 2. Add a DNS record at your domain name registrar

  • Step 3. Verify your domain

Step 1. Gather your domain information

Based on the portal you are using to administer your Azure AD tenant, you’ll need to collect some information about your domain so that you can later create a DNS record that will be used during the verification process. For more information, see Add your custom domain to Azure AD.

Find your domain info using the Microsoft Intune or Azure AD account portal

  1. In the portal, click Domains, and then follow the instructions to add a domain.

    Note

    If you’ve already added a domain, on the Domains page, in the list of domain names, find the domain that you are verifying. In the Status column, click Click to verify domain.

  2. On the Verify domain page, in the See instructions for performing this step with: drop-down list, choose your DNS hosting provider. If your provider doesn’t appear in the list, choose General instructions.

  3. In the Select a verification method: drop-down list, choose Add a TXT record (preferred method) or Add an MX record (alternate method).

    Not sure which verification method to choose? See Verify your domain by using a TXT record or an MX record?.

  4. From the table, copy or record the Destination or Points to Address information.

Find your domain info using the Azure Management Portal

  1. In the portal, click Active Directory, click Enterprise Directory, click Domains, and then follow the instructions to add a domain.

    Note

    If you’ve already added a domain, on the Domains page, in the list of domain names, click the domain that you want to verify, and then click Verify.

  2. On the Verify page, in the Record Type drop-down list, choose either TXT record or MX record.

  3. Copy or record the information under it.

You will need this information when you create the new DNS record at your domain registrar in the next section.

Step 2. Add a DNS record at your domain name registrar

Azure AD uses a DNS record that you create at your domain name registrar to confirm that you own the domain. Use the instructions below to create either a TXT or MX record type for a domain that is registered at your registrar.

Note

You may notice differences between your domain name registrar’s website and the website described in these instructions.

Warning

If your domain registrar does not accept “@” as a hostname, contact your domain registrar to find out how to represent “parent of the current zone.”

To add a TXT record to your domain name registrar

  1. Sign in to your domain name registrar’s website, and then select the domain that you’re verifying.

  2. In the DNS management area for your account, select the option to add a TXT record for your domain.

  3. In the TXT box for the domain, type the following: @

  4. In the Fully qualified domain name (FQDN) or Points to box, type or paste the Destination or Points to Address that you recorded in Step 1. Gather your domain information.

  5. Where it asks for TTL information, type 1 to set TTL to one hour.

  6. Save your changes, and then sign out of your domain name registrar’s website.

To add a MX record to your domain name registrar

  1. Sign in to your domain name registrar’s website, and then select the domain that you’re verifying.

  2. In the DNS management area for your account, select the option to add an MX record for your domain.

  3. In the MX box for the domain, type the following: @

  4. In the Fully qualified domain name (FQDN) or Points to box, type or paste the Destination or Points to Address that you recorded in Step 1. Gather your domain information.

  5. Where it asks for TTL information, type 1 to set TTL to one hour.

  6. Where it asks for a priority (or preference), type a number that is larger than the number you’ve specified for existing MX records. This can help prevent the new MX record from interfering with mail routing for the domain. Instead of a priority, you may see the following options: Low, Medium, High. In this scenario, choose Low.

  7. Save your changes, and then sign out of your domain name registrar’s website.

After you create either the TXT record or the MX record and sign out of the website, return to the cloud service to verify the domain.

Note

Typically it takes about 15 minutes for your changes to take effect. But it can take up to 72 hours for the record that you created to propagate through the DNS system.

Step 3. Verify your domain

After the record that you created for your domain has propagated successfully through the DNS system, do the following to finish verifying your domain with Azure AD.

  1. In the portal, click Domains.

  2. In the Domains list, find the domain that you’re verifying, and then based on the portal you are using, click either Click to verify domain or Verify.

  3. Follow the instructions provided to complete the verification process.

    • If domain verification succeeds, you will be notified that your domain has been added to your account.

    • If domain verification fails, then the changes that you made at the domain registrar might need more time to propagate. Cancel the verification process, and return later to try the verification again.

    Note

    If it has been more than 72 hours since you made the changes to your domain, sign in to the domain registrar’s website and verify that you entered the alias information correctly. If you entered the information incorrectly, you must remove the incorrect DNS record and create a new one with the correct information by using the procedures in this topic.

After you’ve verified your domain, you can configure your domain to work with your accounts.

See Also

Other Resources

What is a Azure AD tenant?
Administering your Azure AD tenant