AADConnect – An error occurred executing Create AD Trust task

Azure custom domain name verification process is little different if you are enabling SSO using ADFS (Federated domain).  If you select “I plan to configure the domain for a single sing-on with my local Active Directory” option, you will not get a TXT or MX record from this window for the domain verification. 



The TXT and MX records will be provided during the AADConnect configuration as shown in the following screenshot:


However, sometime you will get the AzureDomainNotVerifiedException error message during the AADConnect domain verification process.  The error messages and details are provided  below:

Create AAD Trust
Add error occurred executing CreAAD Trust task:  Exception of type ‘Microsoft.Online.Deployment.Types.AzureDomainNotVerifiedException’ was thrown.



Resolution / Workaround
1. Delete the custom domain from Azure. 
2.  Add a new custom domain and DO NOT select “I plan to configure the domain for a single sing-on with my local Active Directory” option.
3. Get the TXT record and verify the domain. 

4.  Perform AADConnect configuration. During this configuration, domain will be converted from Managed to Federated.

Posted in: