添加 DNS 记录以连接你的域Add DNS records to connect your domain

如果是从第三方托管提供商处购买的域,则可以通过更新注册机构帐户中的 DNS 记录将其连接到 Microsoft 365。If you purchased a domain from a third-party hosting provider, you can connect it to Microsoft 365 by updating the DNS records in your registrar’s account.

执行完以下步骤后,你的域将在向你出售域的主机中保持注册,但 Microsoft 365 可将其用于你的电子邮件地址(如 user@yourdomain.com)和其他服务。At the end of these steps, your domain will stay registered with the host that you purchased the domain from, but Microsoft 365 can use it for your email addresses (like user@yourdomain.com) and other services.

如果你不添加域,组织中的人员将在电子邮件地址中使用 onmicrosoft.com 域,直至你添加为止。If you don't add a domain, people in your organization will use the onmicrosoft.com domain for their email addresses until you do. 请务必在添加用户前先添加域,以免需要进行两次设置。It's important to add your domain before you add users, so you don't have to set them up twice.

如果在下文中找不到要查找的内容,请查看域常见问题解答Check the Domains FAQ if you don't find what you're looking for below.

步骤 1:添加 TXT 或 MX 记录以验证你是否拥有相应的域Step 1: Add a TXT or MX record to verify you own the domain

首先,你需要证明自己拥有要添加到 Microsoft 365 的域。First, you need to prove you own the domain you want to add to Microsoft 365.

  1. 登录到 Microsoft 365 管理中心,然后选择“全部显示” > “设置” > “”。Sign in to the Microsoft 365 admin center and select Show all > Settings > Domains.
  2. 在新的浏览器标签页或窗口中,登录 DNS 托管提供商网站,然后找到管理 DNS 设置(如“区域文件设置”、“管理域”、“域管理器”和“DNS 管理器”)的位置。In a new browser tab or window, sign in to your DNS hosting provider, and then find where you manage your DNS settings (e.g., Zone File Settings, Manage Domains, Domain Manager, DNS Manager).
  3. 转到提供商的“DNS 管理器”页面,然后将管理中心中指示的 TXT 记录添加到域中。Go to your provider's DNS Manager page, and add the TXT record indicated in the admin center to your domain.

添加此记录不会影响现有电子邮件或其他服务,并且可在域连接到 Microsoft 365 后,安全地将其删除。Adding this record won't affect your existing email or other services and you can safely remove it once your domain is connected to Microsoft 365.

示例:Example:

  • TXT 名称:@TXT Name: @
  • TXT 值:MS=ms########(管理中心的唯一 ID)TXT Value: MS=ms######## (unique ID from the admin center)
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)
  1. 保存记录,返回管理中心,然后选择“验证”。Save the record, go back to the admin center, and then select Verify. 对记录更改进行注册通常需要 15 分钟左右,但有时可能需要更长时间。It typically takes around 15 minutes for record changes to register, but sometimes it can take longer. 请稍等片刻并多尝试几次,以便获得所做的更改。Give it some time and a few tries to pick up the change.

当 Microsof 找到正确的 TXT 记录时,表明域已通过验证。When Microsoft finds the correct TXT record, your domain is verified.

使用 MX 记录进行验证Verify with an MX record

如果注册机构不支持添加 TXT 记录,可通过添加 MX 记录进行验证。If your registrar doesn't support adding TXT records, you can verify by adding an MX record.

  1. 登录到 Microsoft 365 管理中心,然后选择“全部显示” > “设置” > “”。Sign in to the Microsoft 365 admin center and select Show all > Settings > Domains.
  2. 在新的浏览器标签页或窗口中,登录 DNS 托管提供商网站,然后找到管理 DNS 设置(如“区域文件设置”、“管理域”、“域管理器”和“DNS 管理器”)的位置。In a new browser tab or window, sign in to your DNS hosting provider, and then find where you manage your DNS settings (e.g., Zone File Settings, Manage Domains, Domain Manager, DNS Manager).
  3. 转到提供商的“DNS 管理器”页面,然后将管理中心中指示的 MX 记录添加到域中。Go to your provider's DNS Manager page, and add the MX record indicated in the admin center to your domain.

此 MX 记录的 优先级 必须是域的所有现有 MX 记录中最高的。This MX record's Priority must be the highest of all existing MX records for the domain. 否则,它可能会干扰发送和接收电子邮件。Otherwise, it can interfere with sending and receiving email. 域验证完成后,应立即删除此记录。You should delete this records as soon as domain verification is complete.

请确保将字段设置为以下值:Make sure that the fields are set to the following values:

  • 记录类型:MXRecord Type: MX
  • 优先级:设置为可用的最高值,通常为 0Priority: Set to the highest value available, typically 0.
  • 主机名:@Host Name: @
  • 指向地址:从管理中心复制值并将其粘贴到此处。Points to address: Copy the value from the admin center and paste it here.
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)

当 Microsof 找到正确的 MX 记录时,表明域已通过验证。When Microsoft finds the correct MX record, your domain is verified.

步骤 2:添加 DNS 记录以连接 Microsoft 服务Step 2: Add DNS records to connect Microsoft services

在新的浏览器标签页或窗口中,登录 DNS 托管提供商网站,然后找到管理 DNS 设置(如“区域文件设置”、“管理域”、“域管理器”和“DNS 管理器”)的位置。In a new browser tab or window, sign in to your DNS hosting provider, and find where you manage your DNS settings (e.g., Zone File Settings, Manage Domains, Domain Manager, DNS Manager).

根据要启用的服务,你将添加多个不同类型的 DNS 记录。You'll be adding several different types of DNS records depending on the services you want to enable.

添加针对电子邮件(Outlook、Exchange Online)的 MX 记录Add an MX record for email (Outlook, Exchange Online)

准备工作: 如果用户已经拥有使用你的域的电子邮件地址(如 user@yourdomain.com),请先在管理中心中创建其帐户,然后再设置 MX 记录。Before you begin: If users already have email with your domain (such as user@yourdomain.com), create their accounts in the admin center before you set up your MX records. 这样一来,他们便能够继续接收电子邮件。That way, they’ll continue to receive email. 更新你的域的 MX 记录时,使用你的域的任何人的所有新电子邮件现在都将发往 Microsoft 365。When you update your domain's MX record, all new email for anyone who uses your domain will now come to Microsoft 365. 你已拥有的任何电子邮件将保留在你当前的电子邮件主机中,除非你决定将电子邮件和联系人迁移到 Microsoft 365。Any email you already have will stay at your current email host, unless you decide to migrate email and contacts to Microsoft 365.

你将从管理中心域设置向导中获取有关 MX 记录的信息。You'll get the information for the MX record from the admin center domain setup wizard.

在托管提供商的网站上,添加一条新的 MX 记录。On your hosting provider's website, add a new MX record. 请确保将字段设置为以下值:Make sure that the fields are set to the following values:

  • 记录类型:MXRecord Type: MX
  • 优先级:设置为可用的最高值,通常为 0Priority: Set to the highest value available, typically 0.
  • 主机名:@Host Name: @
  • 指向地址:从管理中心复制值并将其粘贴到此处。Points to address: Copy the value from the admin center and paste it here.
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)

保存记录,然后删除任何其他 MX 记录。Save the record, and then remove any other MX records.

添加 CNAME 记录以连接其他服务(Teams、Exchange Online、AAD 和 MDM)Add CNAME records to connect other services (Teams, Exchange Online, AAD, MDM)

你将从管理中心域设置向导中获取有关 CNAME 记录的信息。You'll get the information for the CNAME records from the admin center domain setup wizard.

在托管提供商的网站上,为要连接的每个服务添加 CNAME 记录。On your hosting provider's website, add CNAME records for each service that you want to connect. 请确保将每个服务的字段设置为以下值:Make sure that the fields are set to the following values for each:

  • 记录类型:CNAME (Alias)Record Type: CNAME (Alias)
  • 主机:将从管理中心复制的值粘贴在此处。Host: Paste the values you copy from the admin center here.
  • 指向地址:从管理中心复制值并将其粘贴到此处。Points to address: Copy the value from the admin center and paste it here.
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)

添加或编辑 SPF TXT 记录,以防出现垃圾邮件(Outlook、Exchange Online)Add or edit an SPF TXT record to help prevent email spam (Outlook, Exchange Online)

准备工作: 如果你的域已有 SPF 记录,请不要为 Microsoft 365 创建新记录。Before you begin: If you already have an SPF record for your domain, don't create a new one for Microsoft 365. 相反,可以在托管提供商网站上将所需的 Microsoft 365 值添加到当前记录,这样就拥有同时包含两组值的 单个 SPF 记录。Instead, add the required Microsoft 365 values to the current record on your hosting providers website so that you have a single SPF record that includes both sets of values.

在托管提供商的网站上,编辑现有 SPF 记录或创建 SPF 记录。On your hosting provider's website, edit the existing SPF record or create an SPF record. 请确保将字段设置为以下值:Make sure that the fields are set to the following values:

  • 记录类型:TXT (Text)Record Type: TXT (Text)
  • 主机:@Host: @
  • TXT 值:v=spf1 include:spf.protection.outlook.com -allTXT Value: v=spf1 include:spf.protection.outlook.com -all
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)

保存记录。Save the record.

使用以下任一 SPF 验证工具验证 SPF 记录。Validate your SPF record by using one of these SPF validation tools

SPF 旨在帮助防骗,但有些骗术是 SPF 所无法防范的。SPF is designed to help prevent spoofing, but there are spoofing techniques that SPF cannot protect against. 为了防范这些骗术,在设置 SPF 后,还应为 Microsoft 365 设置 DKIM 和 DMARC。To protect against these, once you've set up SPF, you should also set up DKIM and DMARC for Microsoft 365.

若要开始进行设置,请参阅使用 DKIM 验证从 Microsoft 365 中的域发送的出站电子邮件使用 DMARC 验证 Microsoft 365 中的电子邮件To get started, see Use DKIM to validate outbound email sent from your domain in Microsoft 365 and Use DMARC to validate email in Microsoft 365.

为通信服务(Teams、Skype for Business)添加 SRV 记录Add SRV records for communications services (Teams, Skype for Business)

在托管提供商的网站上,为要连接的每个服务添加 SRV 记录。On your hosting provider's website, add SRV records for each service you want to connect. 请确保将每个服务的字段设置为以下值:Make sure that the fields are set to the following values for each:

  • 记录类型:SRV (Service)Record Type: SRV (Service)
  • 名称:@Name: @
  • 目标:从管理中心复制值并将其粘贴到此处。Target: Copy the value from the admin center and paste it here.
  • 协议:从管理中心复制值并将其粘贴到此处。Protocol: Copy the value from the admin center and paste it here.
  • 服务:从管理中心复制值并将其粘贴到此处。Service: Copy the value from the admin center and paste it here.
  • 优先级:100Priority: 100
  • 权重:1Weight: 1
  • 端口:从管理中心复制值并将其粘贴到此处。Port: Copy the value from the admin center and paste it here.
  • TTL:3600‎(或提供商的默认值)TTL: 3600‎ (or your provider default)

保存记录。Save the record.

SRV 记录字段限制和解决方法SRV record field restrictions and workarounds

某些托管提供商会对 SRV 记录中的字段值施加限制。Some hosting providers impose restrictions on field values within SRV records. 下面是应对这些限制的一些常见解决方法。Here are some common workarounds for these restrictions.

名称Name

如果托管提供商不允许将此字段设置为 @,请将其留空。If your hosting provider doesn't allow setting this field to @, leave it blank. 当托管提供商为“服务”和“协议”值提供了单独的字段时,才能使用此方法。Use this approach only when your hosting provider has separate fields for the Service and Protocol values. 否则,请查看下面的“服务和协议”说明。Otherwise, see the Service and Protocol notes below.

服务和协议Service and Protocol

如果托管提供商没有为 SRV 记录提供这些字段,则必须在记录的“名称”字段中指定“服务”和“协议”值。If your hosting provider doesn't provide these fields for SRV records, you must specify the Service and Protocol values in the record's Name field. (注意:根据你所选择的托管提供商,“名称”字段可能会有其他称呼,如:“主机”、“主机名”或“子域”。)若要添加这些值,可创建一个字符串,并用圆点分隔这些值。(Note: Depending on your hosting provider, the Name field might be called something else, like: Host, Hostname, or Subdomain.) To add these values, you create a single string, separating the values with a dot.

例如:_sip._tlsExample: _sip._tls

优先级、权重和端口Priority, Weight, and Port

如果托管提供商没有为 SRV 记录提供这些字段,则必须在记录的“目标”字段中指定它们的值。If your hosting provider doesn't provide these fields for SRV records, you must specify them in the record's Target field. (注意:根据你所选择的托管提供商,“目标”字段可能会有其他称呼,如:“内容”、“IP 地址”或“目标主机”。)(Note: Depending on your hosting provider, the Target field might be called something else, like: Content, IP Address, or Target Host.)

若要添加这些值,请创建一个字符串,并用空格分隔这些值且 有时以圆点结尾(如果你不确定,请与你的提供商进行核实)。To add these values, create a single string, separating the values with spaces and sometimes ending with a dot (check with your provider if you are unsure). 这些值必须按以下顺序排列:优先级、权重、端口、目标。The values must be included in this order: Priority, Weight, Port, Target.

  • 示例 1:100 1 443 sipdir.online.lync.com.Example 1: 100 1 443 sipdir.online.lync.com.
  • 示例 2:100 1 443 sipdir.online.lync.comExample 2: 100 1 443 sipdir.online.lync.com