Solved

Office 365 (Enterprise E1) Outlook/DNS Setup

Posted on 2014-01-01
5
969 Views
Last Modified: 2014-11-12
I have converted over to Office 365 (Enterprise E1). None of the articles online tell where to point your Outlook or DNS so that clients in the domain can connect to Office 365. The OnRamp process completes successfully but there are no instructions as to what to do next.


Please advise,
Niles
0
Comment
Question by:Niles67
5 Comments
 
LVL 13

Expert Comment

by:Abhilash
ID: 39749776
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39749780
0
 
LVL 11

Expert Comment

by:Gregory Miller
ID: 39749838
In the MSOL portal log in as an admin user and on the left side click on Domains. Click the radio button next to the domain you are having issue with and then click the link "View DNS Settings". This will give you all of your necessary DNS settings for your intended purpose statement when you set up your account.
0
 

Accepted Solution

by:
Niles67 earned 0 total points
ID: 39770877
Issue solved.

I made a few points that should help:

 

·         Add a domain suffix ‘domain.net’ in local environment (if internal is .local).

·         Change the suffix for the users.

·         Add a forward lookup zone in dns for ‘domain.net’

 

·         Get a 3rd party cert with the Common name ‘<service name.domain.net>’

and dns as ‘<service name.domain.net’,  ‘enterpriseregistration.domain.net’

 

Note: As discussed below are the common service names used

sts, fs, adfs. They can be anything as per your requirement though.

 

·         We will have to then remove the adfs role and iis role.

·         Then install the adfs role again and run the configuration wizard with the new certificates.

 

·         Try to access the webpage internally.

https://<service name.domain.net/adfs/ls/idpinitiatedsignon.aspx

 

For eg if you have chosen the endpoint as sts

https://sts.domain.net/adfs/ls/idpinitiatedsignon.aspx

 

·         After that comes accessing the same link from external network.

For that you will have to configure the Firewall such that the requests coming from external clients are sent to the ADFS server.


·         Once the firewall and dns is configured then you should be able to access

https://<service name.domain.net/adfs/ls/idpinitiatedsignon.aspx

from the external network.

 

·         Once we are able to access it we should be able to sign on successfully.

 

·         After we make sure that this works, the last step will be federating the domain using the command in Azure Active Directory module for Powershell

Connect-MsolService

Credentials for onmicrosoft.com account

Convert-MsolDomainToFederated -DomainName domain.net.
0
 

Author Closing Comment

by:Niles67
ID: 39781764
I made a few points that should help:

 

·         Add a domain suffix ‘domain.net’ in local environment (if internal is .local).

·         Change the suffix for the users.

·         Add a forward lookup zone in dns for ‘domain.net’

 

·         Get a 3rd party cert with the Common name ‘<service name.domain.net>’

and dns as ‘<service name.domain.net’,  ‘enterpriseregistration.domain.net’

 

Note: As discussed below are the common service names used

sts, fs, adfs. They can be anything as per your requirement though.

 

·         We will have to then remove the adfs role and iis role.

·         Then install the adfs role again and run the configuration wizard with the new certificates.

 

·         Try to access the webpage internally.

https://<service name.domain.net/adfs/ls/idpinitiatedsignon.aspx

 

For eg if you have chosen the endpoint as sts

https://sts.domain.net/adfs/ls/idpinitiatedsignon.aspx

 

·         After that comes accessing the same link from external network.

For that you will have to configure the Firewall such that the requests coming from external clients are sent to the ADFS server.


·         Once the firewall and dns is configured then you should be able to access

https://<service name.domain.net/adfs/ls/idpinitiatedsignon.aspx

from the external network.

 

·         Once we are able to access it we should be able to sign on successfully.

 

·         After we make sure that this works, the last step will be federating the domain using the command in Azure Active Directory module for Powershell

Connect-MsolService

Credentials for onmicrosoft.com account

Convert-MsolDomainToFederated -DomainName domain.net.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. This article shows how to create one of these functions to write directly to Azure Table Storage.
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question