Confirm-MsolDomain
Verifies a custom domain.
Syntax
Confirm-MsolDomain
-DomainName <String>
[-SigningCertificate <String>]
[-NextSigningCertificate <String>]
[-LogOffUri <String>]
[-PassiveLogOnUri <String>]
[-ActiveLogOnUri <String>]
[-IssuerUri <String>]
[-FederationBrandName <String>]
[-MetadataExchangeUri <String>]
[-PreferredAuthenticationProtocol <AuthenticationProtocol>]
[-SupportsMfa <Boolean>]
[-DefaultInteractiveAuthenticationMethod <String>]
[-OpenIdConnectDiscoveryEndpoint <String>]
[-SigningCertificateUpdateStatus <SigningCertificateUpdateStatus>]
[-PromptLoginBehavior <PromptLoginBehavior>]
[-ForceTakeover <ForceTakeoverOption>]
[-TenantId <Guid>]
[<CommonParameters>] Description
The Confirm-MsolDomain cmdlet confirms ownership of a domain. In order to confirm ownership, a custom TXT or MX DNS record must be added for the domain. The domain must first be added by using the New-MsolDomain cmdlet. Then run the Get-MsolDomainVerificationDNS cmdlet to get the details of the DNS record that must be set.
There may be a delay of 15 to 60 minutes between when the DNS update is made and when this cmdlet is able to verify.
Examples
Example 1: Verify a domain
PS C:\> PS C:\> Confirm-MsolDomain -DomainName "contoso.com"This command attempts to verify the domain contoso.com. In order for domain verification to succeed, the appropriate DNS records must first be set up. Run the Get-MsolDomainVerificationDNS cmdlet to get the details of the DNS record that must be set.
Parameters
-ActiveLogOnUri
Specifies a URL that specifies the end point used by active clients when authenticating with domains set up for single sign-on with Azure Active Directory.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DefaultInteractiveAuthenticationMethod
Specifies the default authentication method that should be used when an application requires the user to have interactive login.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DomainName
Specifies the fully qualified domain name to verify.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-FederationBrandName
Specifies the name of the string value shown to users when signing in to Azure Active Directory Services. We recommend using something that is familiar to users, such as "Contoso Inc."
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ForceTakeover
Specifies the force takeover value.
| Type: | ForceTakeoverOption |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-IssuerUri
Specifies the unique ID of the domain in the Azure Active Directory identity platform that is derived from the federation server.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-LogOffUri
Specifies the URL that clients are redirected to when they sign out of Azure Active Directory Services.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-MetadataExchangeUri
Specifies the URL of the metadata exchange end point used for authentication from rich client applications such as Lync Online.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NextSigningCertificate
Specifies the next token signing certificate that is used to sign tokens when the primary signing certificate expires.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-OpenIdConnectDiscoveryEndpoint
Specifies the OpenID Connect Discovery Endpoint of the federated IDP STS.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-PassiveLogOnUri
Specifies the URL that web based clients are be directed to when signing in to Azure Active Directory Services.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-PreferredAuthenticationProtocol
Specifies the preferred authentication protocol.
| Type: | AuthenticationProtocol |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-PromptLoginBehavior
Specifies the prompt logon behavior.
| Type: | PromptLoginBehavior |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SigningCertificate
Specifies the current certificate used to sign tokens passed to the Azure Active Directory Identity platform.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SigningCertificateUpdateStatus
Specifies the update status of the signing certificate.
| Type: | SigningCertificateUpdateStatus |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SupportsMfa
Indicates whether the IDP STS supports MFA.
Note
We recommend configuring the security setting federatedIdpMfaBehavior using Microsoft Graph PowerShell for greater control over how to protect federated domains.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TenantId
Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Related Links
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for