Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
605 questions
Setting up DNS Zones to use wildcard nested subdomains
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 85%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAF%3C/text%3E%3C/svg%3E)
Andre Fuller
1
Reputation point
We have a domain that we want to serve different information based on 2 levels of subdomain.
For example (using contoso.com):
contoso.com is our main site.
john.contoso.com is a subdomain that leads to john's profile. Getting this far I am able to do and have successfully deployed something along these lines our production application.
The issue however is in the following:
If I want john's project to be at project1.john.contoso.com I have no way of doing this without manually adding in every single user into each web app's custom domains that our traffic manager redirects to. (*.{userName}.contoso.com) which isn't scalable or feasible at all.
I've tried adding the custom domain wildcard.wildcard.contoso.com (wildcard insterted for asterisks because they aren't showing up in the post correctly) in the custom domains but that doesn't work because you're required to add the asuid TXT entry in the DNS zone. However when I try and add . to the DNS zone I get an error saying a wildcard character cannot be used in this way.
How should I proceed?
I think this article had a similar question, but the rep ended up speaking with them privately and not giving a public solution:
https://learn.microsoft.com/en-us/answers/questions/405316/can-a-web-app-be-set-up-to-securely-serve-wildcard.html
{count} votes
-
KapilAnanth-MSFT 37,406 Reputation points Microsoft Employee2022-07-28T04:53:28.807+00:00 Hi @Andre Fuller ,
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are trying to add a "." wildcard record in Azure DNS.Unfortunately, this is not supported.
Azure DNS only supports wildcard characters as a single entry, "." or a wildcard in its leftmost label, ".john".In your scenario, since you are required to add "asuid.", I am afraid wildcard cannot be of much help here.
Refer : https://learn.microsoft.com/en-us/azure/dns/dns-zones-records
The ideal scenario here is to manually add the entries or use Azure Powershell/CLI
https://learn.microsoft.com/en-us/powershell/module/az.dns/new-azdnsrecordconfig?view=azps-8.1.0Kindly let me know if my understanding is incorrect or you have any follow-up queries on the above.
Thanks,
Kapil -
Andre Fuller 1 Reputation point
2022-07-28T15:20:46.547+00:00 So if I have 1000 users, I'll have to manually add or use the CLI to add DNS records for every single user?
Additionally, because we're using custom domains on our app services (that are pointed to via a traffic manager), those have to be configured on each app service individually. I looked but didn't see a way to do that in the CLI docs.
Ideally what I would do on the app services we have would add this custom domain.
However because we cannot generate the TXT file as we discussed above, this is impossible. So for every single user I would have to:
- Add a TXT record in DNS zone referring to the custom domain verification ID so I can prove domain ownership
- Add the custom domain to all app services that the traffic manager points to (*.john.contoso.com)
- Add the SSL Binding for each custom domain
- Add the CNAME records in DNS zone pointing to the traffic manager which then points to the app services
If there's a way to programmatically do all those steps on user sign-up then please let me know what that is. I haven't seen the capability for that yet, though. Otherwise the restriction of not allowing nested subdomains with wildcards doesn't make sense to me. While I acknowledge that my use case may not be normal, it certainly isn't off the table. For example even if I only wanted to be nested deep one subdomain but also allow www.subdomain.contoso.com to point to subdomain.contoso.com I wouldn't be able to.
-
KapilAnanth-MSFT 37,406 Reputation points Microsoft Employee
2022-07-29T14:56:20.917+00:00 Hi @Andre Fuller ,
I checked this once again.
As of today, this is not supported.
For your use case, I am afraid we do not have a readily available script.
You might have to customize the PowerShell commands or leverage Azure Pipelines to meet this requirementRefer:
- https://azure.microsoft.com/en-in/services/devops/pipelines/
- https://learn.microsoft.com/en-us/azure/dns/dns-operations-recordsets
- https://learn.microsoft.com/en-us/azure/app-service/scripts/powershell-configure-custom-domain
If you need further help with the scripting/deploying Pipelines, I would recommend creating a Support request.
Thanks,
Kapil.
Sign in to comment