I got a question regarding the ability to add a Domain to an existing O365 Tenant. From the customers perspective, they wanted to have users in their tenant that were from a different domain than their primary one.
In the context of Power BI, you can only share items with users in your tenant. So, one thing you can do is add a domain for the users in another domain to allow them access into your tenant. So, we cannot share items with a user in a different tenant.
Let’s look at how we could add a domain to an existing tenant. Within the Office 365 Admin Portal, we can go to the Domains section and see what domains we currently have applied to our tenant.
Here we can see that I have three domains already.
- anothercube.guyinacube.com (Child Domain to guyinacube.com)
- guyinacube.onmicrosoft.com (Default domain for a new tenant)
In my case, the guyinacube.com domain resides in local VMs on my workstation. I ended up creating a Domain within Windows Azure Virtual Machines and called it battlestarcloud.com. This domain actually has a two way trust with guyinacube.com.
I want to add the battelestarcloud.com domain to my tenant so I can have users there as well for some later posts and other scenarios.
NOTE: The domain you want to add cannot already exist within Azure Active Directory. There can be only one!
We can click on Add domain. This will bring you to the Add a new domain in Office 365 flow.
This will verify the domain that you want to add. This is done via DNS records, so it has to be a valid domain on the internet. In my case, I would normally use battlestar.local for the domain name. However, .local is not a valid top level domain, so I can’t verify it. There may be a way to do that through external DNS items, but I didn’t go into that. Instead I just used battlestarcloud.com to go through this.
You can click on Let’s get started. You will then be prompted to enter the domain you want to add.
You can then click Next. For me, it determined that this domain was registered with GoDaddy. If it can’t determine that, it will give you some options.
We will need to sign in to GoDaddy to add a TXT entry so that O365/Azure Active Directory can validate the domain. It will bring up a screen from GoDaddy that is aware of O365. This may be different depending on where your domain is registered.
This is an automated process for GoDaddy. Otherwise you can manually add the TXT record, and it would walk you through that if the automation isn’t present.
At that point I can add a user called John Doe. That user will be email@example.com. Optionally, you can also confirm that domain with an MX record for use with Exchange Online and Lync.
Once we are done, if we look back at the domain list within the O365 Admin Portal, we can see battlestarcloud.com listed for our Tenant.
We will also see firstname.lastname@example.org listed in our user list.
Now we can assign licenses and that user can then use the services they have access to within the Tenant.