Configure a custom domain name
This topic tells administrators how you can create a DNS CNAME to simplify and customize your logon experience using Microsoft Intune.
When your organization signs up for a Microsoft cloud-based service like Intune, you're given an initial domain name hosted in Azure Active Directory (AD) that looks like your-domain.onmicrosoft.com. In this example, your-domain is the domain name that you chose when you signed up. onmicrosoft.com is the suffix assigned to the accounts you add to your subscription. You can configure your organization's custom domain to access Intune instead of the domain name provided with your subscription.
Before you create user accounts or synchronize your on-premises Active Directory, we strongly recommend that you decide whether to use only the .onmicrosoft.com domain or to add one or more of your custom domain names. Set up a custom domain before adding users to simplify user management. Setting up a customer domain lets users sign in with the credentials they use to access other domain resources.
When you subscribe to a cloud-based service from Microsoft, your instance of that service becomes a Microsoft Azure AD tenant, which provides identity and directory services for your cloud-based service. And, because the tasks to configure Intune to use your organizations custom domain name are the same as for other Azure AD tenants, you can use the information and procedures found in Add your domain.
To learn more about custom domains, see Conceptual overview of custom domain names in Azure Active Directory.
You cannot rename or remove the initial onmicrosoft.com domain name. You can add, verify, or remove custom domain names used with Intune to keep your business identity clear.
To add and verify your custom domain
Go to Microsoft 365 admin center and sign into your administrator account.
In the navigation pane, choose Setup > Domains.
Choose Add domain, and type your custom domain name. Select Next.
The Verify domain dialog box opens giving you the values to create the TXT record in your DNS hosting provider.
- GoDaddy users: Microsoft 365 admin center redirects you to GoDaddy's login page. After you enter your credentials and accept the domain change permission agreement, the TXT record is created automatically. You can alternatively create the TXT record.
- Register.com users: Follow the step-by-step instructions to create the TXT record.
The steps to add and verify a custom domain can also be performed in Azure Active Directory.
You can learn more about your initial onmicrosoft.com domain in Microsoft 365
You can learn more about how to simplify Windows enrollment without Azure AD Premium by creating a DNS CNAME that redirects enrollment to Intune servers.