question

23759417 avatar image
0 Votes"
23759417 asked JayceYang-MSFT commented

Ошибка Proof of domain ownership has failed. Make sure that the TXT record for the specified domain is available in DNS.

Добрый день!
Создавал доверие федерации по инструкциям https://docs.microsoft.com/ru-ru/exchange/manage-a-federation-trust-exchange-2013-help и https://docs.microsoft.com/ru-ru/exchange/configure-a-federation-trust-exchange-2013-help , на шаге 7 Используйте этот синтаксис для настройки основного общего домена для доверия федерации, созданного в шаге 3. Домен, который вы указываете, будет использоваться для настройки идентификатора организации (OrgID) для доверия федерации. Дополнительные сведения о orgID см. в федератовом идентификаторе организации.

PowerShell

Копировать
Set-FederatedOrganizationIdentifier -DelegationFederationTrust "<Federation Trust Name>" -AccountNamespace <Accepted Domain> -Enabled $true

Выдает ошибку
Proof of domain ownership has failed. Make sure that the TXT record for the specified domain is available in DNS. The f
ormat of the TXT record should be "example.com IN TXT hash-value" where "example.com" is the domain you want to configu
re for Federation and "hash-value" is the proof value generated with "Get-FederatedDomainProof -DomainName example.com"
.
+ CategoryInfo : InvalidResult: (:) [Set-FederatedOrganizationIdentifier], DomainProofOwnershipException
+ FullyQualifiedErrorId : [Server=MAIL,RequestId=71dcd68b-d0bb-4277-9e13-9f756ac8a042,TimeStamp=01.10.2021 13:45:3 1] [FailureCategory=Cmdlet-DomainProofOwnershipException] FF372BE1,Microsoft.Exchange.Management.SystemConfigurati
onTasks.SetFederatedOrganizationIdentifier

Хотя запись создана на DNS сервере, на запрос nslookup выдается нужный proof

office-exchange-server-administration
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

How about this issue? Just circling back to check to see how things are going on with this thread. Should you need more help on this, you can feel free to post back.

0 Votes 0 ·

1 Answer

JayceYang-MSFT avatar image
0 Votes"
JayceYang-MSFT answered

Hi @23759417

Welcome to Microsoft Q&A community! Please kindly understand that the current Microsoft Q&A community only support English. You could post your question in English.

Based on a quick machine translation of the question, it seems that you got error message “Proof of domain ownership has failed. Make sure that the TXT record for the specified domain is available in DNS. ” when you configured the primary shared domain for the federation trust. Please clarify this problem via English if there is any misunderstanding.

Did you configure hybrid deployment with Office 365? Did get the error message when run the Hybrid Configuration wizard?
If yes, you should follow this official document to make sure that your external DNS server has the correct TXT records for Proof and that you can successfully query the server.
https://docs.microsoft.com/en-us/exchange/troubleshoot/hybrid-configuration-wizard-errors/proof-of-domain-ownership-has-failed-error

Please note:
One of the values that's returned by the Nslookup command must match the Proof of Domain Ownership value that's returned by the Get-FederatedDomainProof command. If the values do not match, use the result that's returned by the Get-FederatedDomainProof command to update your external DNS server.

In addition, please make sure that you installed the latest CU and update for Exchange 2013.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.