Gordon Tin
asked on
Which domain name "internet domain" or "local domain" as Custom domain Names?
Background:
Created Primary domain macaoconcordia.onmicrosoft.com in Azure
We have internet domain "concordia.mo" (Macao Monic)
Corporate local AD domain "concordia.net"
For our company, email is username@concordia.mo
Next Step, we would like to add Add custom domain name and create Azure AD and use Azure AD connect to sync local account to Azure AD.
I am a little confuse whether I should add concordia.mo (Internet) or concordia.net (Local AD) as Custom domain names ?
No, you sync the other way around.
concordia AD server has user abc@concordia.net
user abc has password defgh
user abc has EXTRA email field abc@concordia.mo
Now the sync happens from your AD server to Azure. It knows about users, and their extra email field and know how to map it.
Now AFTER a successful sync, the user abc, can login to the cloud services (Office.com etc) with abc@concordia.mo and password defgh
concordia AD server has user abc@concordia.net
user abc has password defgh
user abc has EXTRA email field abc@concordia.mo
Now the sync happens from your AD server to Azure. It knows about users, and their extra email field and know how to map it.
Now AFTER a successful sync, the user abc, can login to the cloud services (Office.com etc) with abc@concordia.mo and password defgh
ASKER
Kimputer. I am a still a little confused.
I understand that the sync direction is from my (local) AD server ---> (Cloud) Azure.
1. But when I first create the Azure AD, the very first things that I need to do is to
Add & Verify the Custom domain name using TXT or MX record using DNS from the internet.
The only domain available in the internet is concordia.mo (NOT concordia.net) with corresponding DNS exist in internet. When I add TXT record, I can only add TXT for concordia.mo.
Therefore, I am unable to verify concordia.net first (as local internal domain, not routable) and sync items AD server to Azure AD.
Whether the AD server to Azure AD will still work If I add and verify custom domain "concordia.mo" (instead of concordia.net)???
(Again concordia.net is a internal and it is not accessible from the internet).
I hope that you see my points.
I understand that the sync direction is from my (local) AD server ---> (Cloud) Azure.
1. But when I first create the Azure AD, the very first things that I need to do is to
Add & Verify the Custom domain name using TXT or MX record using DNS from the internet.
The only domain available in the internet is concordia.mo (NOT concordia.net) with corresponding DNS exist in internet. When I add TXT record, I can only add TXT for concordia.mo.
Therefore, I am unable to verify concordia.net first (as local internal domain, not routable) and sync items AD server to Azure AD.
Whether the AD server to Azure AD will still work If I add and verify custom domain "concordia.mo" (instead of concordia.net)???
(Again concordia.net is a internal and it is not accessible from the internet).
I hope that you see my points.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That means to me that Add domain must be a internet domain.
My internet domain is concordia.mo (DNS provided by Macao ISP)
local domain is concordia.net (DNS is local / internal)
Do you see my problem?
When I approve Concordia.mo, I can't relate the domain to local AD domain?????