Office 365 with SSO on subdomain

We are about to move to Office 365 and we want to sync our AD.
I have installed ADFS 2.0, DirSync etc and Everything is working fine in our test Environment.
BUT, with the real case I cant use our email domain because there is already an A record pointing to our homepage.
(And there must be an A record pointing to our local network?)
So I created a subdomain instead but when I try to federate that suddomain it only said that it isn´t supported.
Do I have to create a new domain that is unused?
Or how do I solve this?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When you say "I cant use our email domain because there is already an A record pointing to our homepage.
(And there must be an A record pointing to our local network?)" which A record are you referring to specifically?
FutureITPartnerAuthor Commented:
Lets say that our email domain is:
And my our website is:
When we configure O365 and SSO I have to make point to our WAN IP so that we can forward port 443 to our ADFS server. That is, create an public A record to our WAN IP.
But we have an A revord already for, pointing to our ISP.
Hope you understand what I meen :-)
Vasil Michev (MVP)Commented:
The usual setup is to use something like or, pointing to the AD FS farm. No need to change anything on the top level domain. But of course make sure that the certificate you will use includes the FQDN of the AD FS farm, whatever it will be :)
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

FutureITPartnerAuthor Commented:
I tried using but when I tried to convert it to federate, Powershell gave an error about that it wasn´t supported.
Vasil Michev (MVP)Commented:
We seem to be talking about different things. The DNS record/certificate is tied up with the AD FS farm FQDN, that can be or whatever. When configuring the O365 RPT however, you federate the top-level domain, and all subdomains are included automatically. You dont need to have any additional records or anything, simply run the cmdlet against the primary domain.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
I agree with Vasil and this is where I wanted to get as well, hence the question about the specific A record you were unable to create? You should be fine with using your if you configure it properly.
FutureITPartnerAuthor Commented:
OK. I tried it again and now its working like you said.
I have done that before and it didn´t work.
I Think it was because I first added to Office365 och converted it to Federated. Then I added a couple of Days later, and changed the IIS etc.

This time I converted to standard then I converted it to Federated when was present in the O365.

Could this be the case?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.