Custom Domains on Azure Active Directory
Updated: Nov 15, 2019
Every Azure AD tenant comes with an initial domain name, like domain.onmicrosoft.com. This domain can't be changed or removed.
Most admins don't really want to use this domain for anything, and they want to use their company's domain instead. For example, if you created user accounts with the default domain they will have confusing usernames like firstname.lastname@example.org. The solution is to add a Custom Domain Name to your Azure AD. Once added, you can create accounts with usernames like email@example.com.
Some quick notes:
You must have the Owner role assigned to your account at the Azure Subscription level in order to add a custom domain name.
You must already own the custom domain and have it registered with a Domain Registrar of your choice. During the process you will be asked to verify ownership of the domain by adding a custom TXT record to your domain's public DNS records.
A custom domain name can only be verified in one Azure AD at a time.
You can add up to 900 custom domain names. However, if the custom domains are federated, then you can only add up to 450 in that case.
By default, the initial domain.onmicrosoft.com will be the Primary domain. But, once you verify your new custom domain name then you can switch it to be Primary, instead. One caveat to watch out for is that your custom domain name can't be made Primary if it is a federated domain.
Once you have everything configured, create a new admin account using your new domain name, like firstname.lastname@example.org. With this account you can go and sign up for services that require a Microsoft "Work" or "School" account, like Office 365, Azure DevOps, Power BI, etc.
If you sign up for Office 365 and start sending e-mail from your new domain, then make sure to configure SPF, DKIM, and DMARC for your domain. Check out my post here for more information.
- Add your custom domain name using the Azure Active Directory portal