Office 365 Custom Domain Automation
Office 365 lets you add your GoDaddy domain in a three-step process that takes minutes. Using the domains setup wizard in Office 365, you'll provide the domain name you want to add to Office 365, and then the automatic process at GoDaddy makes setup fast and simple.
You can see how it works here
What about if you own a domain from another domain registrar ? What about if you want to automate this custom domain verification through a script?
Below is a solution leveraging Azure DNS.
Install required software
As a prerequisite you need to install required software :
- Microsoft Online Services Sign-in Assistant
- Windows Azure Active Directory Module for Windows PowerShell
- Azure Resource Manager DNS module
These PowerShell lines will do the work for you: #Download and install MSOL Invoke-WebRequest -Uri https://download.microsoft.com/download/5/0/1/5017D39B-8E29-48C8-91A8-8D0E4968E6D4/en/msoidcli_64.msi -OutFile c:\msoidcli_64.msi Start-Process -FilePath msiexec -ArgumentList /i, c:\msoidcli_64.msi, /quiet -Wait #Download and install Windows Azure Active Directory Module for Windows PowerShell Invoke-WebRequest -Uri https://go.microsoft.com/fwlink/p/?linkid=236297 -OutFile c:\AdministrationConfig-en.msi Start-Process -FilePath msiexec -ArgumentList /i, c:\AdministrationConfig-en.msi, /quiet -Wait #Install Azure RM DNS ``Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force Install-Module AzureRM.Dns -Confirm:$false -Force
Connect to your tenant
Then you will have to connect to Office 365 and Azure which will host your DNS zone. Setting some parameters will be helpful for next steps:
#Parameters $DomainName = "yourdomain" $Username= "admin@xxxxxxx.onmicrosoft.com" $Password = "O365Pass" $AzureUsername = "admin@XXXXXX.com" $AzurePassword = "AzurePass" $ResourceGroupName = "MyRG" $subscriptionName = "MySubName"write "##################Connect to Office 365#########################" $SecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force [PSCredential ]$cred = New-Object PSCredential ($Username, $SecurePassword) #Login to O365 Import-Module MSOnline Connect-MsolService -Credential $credwrite "##################Connect to Azure##############################" $SecurePassword = ConvertTo-SecureString -String $AzurePassword -AsPlainText -Force [PSCredential ]$cred = New-Object PSCredential ($AzureUsername, $SecurePassword) #login to Azure Login-AzureRmAccount -Credential $cred Select-AzureRmSubscription -SubscriptionName $subscriptionName
DNS Domain Delegation
Next step is to create an Azure DNS Zone and update your domain name servers (domain delegation)
#Create new Zone New-AzureRmDnsZone -Name $DomainName -ResourceGroupName $ResourceGroupName -ErrorAction Continue
Azure DNS is not a name registrar service (Azure DNS does not support purchasing of domain names) but a service providing name resolution using Microsoft Azure infrastructure and enabling automation.
Therefore, after creating the Azure DNS Zone you should delegate your domain in your registrar provider to use Azure DNS Name servers located in your zone. For more details arround zone delegation refer to this article.
Custom Domain Verification and Setup
Once the domain delegation is setup Office 365 custom domain creation and verification is straight forward. Following PowerShell lines will add the custom domain in Office 365, populate Azure DNS zone with the TXT record needed for verification, run the verification, then create Exchange Online DNS entries.
write "###############Add DomainName in Office 365#########################" New-MsolDomain -Name $DomainName -ErrorAction Continue Get-MsolDomainwrite "###############Get DNS verification code############################" $txt=Get-MsolDomainVerificationDns -DomainName $DomainName -Mode DnsTxtRecord write $txtwrite "###############create DNS record in Azure ##########################" New-AzureRmDnsRecordSet -Name '@' -RecordType "TXT" -ZoneName $txt.Label -ResourceGroupName $ResourceGroupName -Ttl $txt.Ttl -DnsRecords (New-AzureRmDnsRecordConfig -Value $txt.Text) -Overwrite#Wait for DNS propagation which is very quick as inside Microsoft Network Start-Sleep 10write "############Confirm the DomainName is verified#############" Confirm-MsolDomain -DomainName $DomainName -ErrorAction Continuewrite "############create Exchange Office 365 DNS record in Azure##########" #Exchange Records $MX = $DomainName + '.mail.protection.outlook.com' $SPF = "v=spf1 include:spf.protection.outlook.com -all" $Auto = "autodiscover.outlook.com" New-AzureRmDnsRecordSet -Name '@' -RecordType "MX" -ZoneName $DomainName -ResourceGroupName $ResourceGroupName -Ttl 3600 -DnsRecords (New-AzureRmDnsRecordConfig -Exchange $MX -Preference 0) -Overwrite New-AzureRmDnsRecordSet -Name '@' -RecordType "TXT" -ZoneName $DomainName -ResourceGroupName $ResourceGroupName -Ttl 3600 -DnsRecords (New-AzureRmDnsRecordConfig -Value $SPF) -Overwrite New-AzureRmDnsRecordSet -Name 'autodiscover' -RecordType "CName" -ZoneName $DomainName -ResourceGroupName $ResourceGroupName -Ttl 3600 -DnsRecords (New-AzureRmDnsRecordConfig -Cname $Auto) -Overwrite
You can download this script from my github repository which contains more options like removing your custom domain to cleanup your tenant.
Enjoy :)