Skip to Content

Solved: How do I add extra domain into Active Directory, Office 365 and Okta settings


How do I add domain into Active Directory (AD), Office 365 and Okta settings so that I can receive emails to domain as well as

Solved: How do I add extra domain into Active Directory, Office 365 and Okta settings

Answer 1

For Office 365

Step 1: Add a new domain.

Step 2: Copy the DNS (MX, TXT, and CNAME) records and paste them into the public DNS Hosting Server.

Step 3: Once the records have been validated, the newly added domain name will be ready and shown under an approved domain.

Note: If the users are the same on both domains and no modifications to AD or Okta are required, proxy addresses can be added (and made primary if necessary).

For Okta

Assuming you already have the Single sign-on (SSO) integration domain with Office 365 tenant. In this instance. Any additional added domains do not need to be integrated because (Default Tenant Domain) is already SSO (wsFed) linked with Okta.

For Active Directory (AD)

It is generally suggested user login ID stay the same in AD, Okta, and Office 365, ie. ideally, but if the new domain is still to be included, e.g. change in UPN, then updates to Azure AD Sync tool and Okta are to be considered where the immutable ID will need to match with Office 365.

If this is a new domain with new users, there will be no difficulties on all three platforms; however, if an existing user’s UPN is changed from [email protected] to [email protected], records will pass from AD to Office 365 and AD to Okta.

Answer 2

Step 1: Verify new domain in the tenant either through Azure Active Directory or Microsoft 365 Admin portal and then follow below steps to create additional UPN suffix in the on-prem Active Directory.

Step 3: Log in to Windows Server with a domain administrator account.

Step 4: Open the Server Manager using the icon on the desktop taskbar, or from the Start screen.

Step 5: Select the Active Directory Domains and Trusts from the Tools menu.

Step 6: Right-click the Active Directory Domains and Trusts in the left pane and select the Properties option from the context menu.

Step 7: In the dialog box on the UPN Suffixes tab, type the name of the suffix that you would like to add to the AD forest in the Alternate UPN suffixes box.

Step 8: Click the Add and then the OK button.

Note: If you go to the properties of a user account you will be able to drop down the User logon Name and select the newly added domain. The next time Azure AD Connect sync, the user’s username will update in Azure AD.

Step 9: Create an email alias, add an alias for the user and this will sync to Exchange Online.


Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.