Videos
How do I transfer a domain from Microsoft 365 to another host?
For the procedure to transfer a domain, see Transfer a domain from Microsoft to another host.
Can I add custom subdomains or multiple domains to Microsoft 365?
Yes. To add subdomains, you must manage your own DNS settings at your registrar's website. If you are letting Microsoft manage your DNS settings with NS records, or if you bought the domain from Microsoft, you can't add subdomains.
Yes! To add subdomains, you must manage your own DNS settings at your registrar's website. If you are letting 21Vianet manage your DNS settings with NS records, you cannot add subdomains.
Typically, you could add up to 5,000 domains to your Microsoft 365 subscription.
For example, you could add the domains contoso.com and contosomarketing.com, and then add the subdomains www.contoso.com, www.partners.contoso.com, www.marketing.partners.contoso.com, and so on.
When you add a subdomain, it is automatically verified based on the parent domain that is being verified.
When you add multiple domains to Microsoft 365, you can host any of the services (like email) on any of the domains you add. *When you change your email to Microsoft 365, by updating a domain's MX record, ALL email sent to that domain will start coming to Microsoft 365. *
Note
If you added a contoso.com domain to a Microsoft 365 subscription, you can also add the subdomain xyz.contoso.com to another Microsoft 365 organization. When adding the subdomain, you are prompted to add a TXT record in the DNS hosting provider.
How do I set or change the default domain in Microsoft 365?
You must have at least one custom domain that adds to Microsoft 365 before you can choose a default domain.
- In the admin center, go to the Settings > Domains page.
- In the admin center, go to the Settings > Domains page.
On the Domains page, select the domain you want to set as the default for new email addresses.
Select Set as default.
For information about adding or replacing an onmicrosoft.com domain, see Add or replace your onmicrosoft.com domain.
You cannot change the name of your initial partner.onmschina.cn domain.
Note
Changing the default domain affects new accounts only. This change does not impact user credentials or their access to applications or services. Removing or changing a domain on an account can impact mail, online storage, and login credentials.
The plan to move the organization on to a domain based infra can be achieved using local domain hosted in an internal network connecting all devices using internal switches and routers and securing the infrastructure or by using Azure Active directiry which needs systems to have active internet connected.
Let's assume you are going with Azure AD and configure AD domain on Azure and public DNS. You also enable:
-- Users can register devices
We wish to introduce domain logins to our company computers. Could someone guide me where to begin as Microsoft documentation is very confusing. What services do I need to look in? The requirements we need:
First and foremost should be to configure and Azure AD settings under free plan and add users that can access the Azure services such as Domain joining etc,
Compare premium features needed under differed AAD plans and M365.
You can ask users to register the devices using windows 10/11 settings.
https://support.microsoft.com/en-us/account-billing/register-your-personal-device-on-your-work-or-school-network-8803dd61-a613-45e3-ae6c-bd1ab25bf8a8
Employees login to their W10/11 devices via domain logins (we sync users from Google, so login via e-mail user test@test .com would be what's needed).
You can federate user logons on AAD from GCP Connector using below link
https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/google-apps-tutorial
We need to see the logs when and what user logged in into company owned W10/11 device.
All the logons can be seen in Azure for registered devices and can use Intune to control device behavior.
We need to manage those devices a bit, like force BitLocker to be enabled.
https://learn.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
We need to be able to block user from logging in into device.
Control user logons and local admins using Azure AD.
We need to be able to give those users Admin permissions on W10/11 devices.
Control local Administrators group membership to control admin rights.
https://learn.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin#:~:text=Browse%20to%20Azure%20Active%20Directory,to%20add%20and%20select%20Add.
So, what Microsoft subscriptions I should look into to achieve this? M365? Azure? Else?
You can compare the required features of Azure AD Premium services and Microsoft 365 plans to better align resources and adapt to required feaures.
https://techbento.zendesk.com/hc/en-us/articles/1500000350541-Azure-Active-Directory-Premium-Product-Comparison
https://www.microsoft.com/en-us/microsoft-365/business/compare-all-microsoft-365-business-products
Thank you @Jasreet Singh . Digging into this now.
So I recently had the need to move a sites DNS records from their current host (Cloudfair).
I didn't want to use the registrar as their interface is utter trash and transferring it out is not an option at the moment. So I thought I would move the hosting of the records to their Office 365 tenant.
Now though, it appears to be no longer an option. There used to be an option to click "Manage DNS" and one of the options was "Let Microsoft manage your DNS records". You could then change the domains name servers to ns1.bdm.microsoftonline.com, ns2, ns3 etc etc. Then add the records and away you went.
This doesn't seem possible any more? I tried speaking to MS support, but they said it's not possible even though I KNOW I did it before.
Am I going mad?
EDIT SPOKE TO Microsoft support. It has indeed been removed. Unless you select use MS name servers initially there is no way to move it across later other than removing and readding the domain. Were going to use the Azure DNS instead. Thanks all