Azure
custom domain name verification process is little different if you are enabling
SSO using ADFS (Federated domain). If you select “I plan to configure the
domain for a single sing-on with my local Active Directory” option, you will
not get a TXT or MX record from this window for the domain verification.
The TXT
and MX records will be provided during the AADConnect configuration as shown in
the following screenshot:
However,
sometime you will get the AzureDomainNotVerifiedException error message during
the AADConnect domain verification process. The error messages and
details are provided below:
Create
AAD Trust
Add
error occurred executing CreAAD Trust task: Exception of type
‘Microsoft.Online.Deployment.Types.AzureDomainNotVerifiedException’ was thrown.
Resolution
/ Workaround
1.
Delete the custom domain from Azure.
2.
Add a new custom domain and DO NOT select “I plan to configure the domain for a
single sing-on with my local Active Directory” option.
3. Get
the TXT record and verify the domain.
4.
Perform AADConnect configuration. During this configuration, domain will be
converted from Managed to Federated.
Monday, November 9, 2015
AADConnect – An error occurred executing Create AD Trust task
Popular Posts
-
The ADMT service account needs to have proper permission in source and target domains. You don’t need to use 2 separate accounts. You can ...
-
Issue: You receive the following error message, when you try to login to the domain. The security database on the server does not have ...
-
Updated Script - http://portal.sivarajan.com/2011/10/search-ad-collect-local-admin-group.html Script #1 This script...
-
Purpose – Add users to a group from an input file – PowerShell V2 Script. Input file – Input file (Users.csv) contains samAccountName in...
-
What is an objectSID in Active Directory? When a new object is created in Active Directory, Domain Controller assigns a unique value used ...
-
Part I - User Account Migration and Merging Using ADMT Part II - User Account Migration and Merging Using QMM pre-creating user account ...
-
Here is an easy way to identify and delete inactive or stale computers in an Active Directory environment. Using the dsquery command you c...
-
In windows 7 and windows 2008, you can generate an email alert when an event meets specified criteria in the event log. Here is the procedu...
-
As we know, there many applications available to convert a PowerShell file to a standalone executable file. Based on my experience, PowerSh...
-
Part I - User Account Migration and Merging Using ADMT Part II - User Account Migration and Merging Using QMM Pre-creating user account in...
1 comments:
I have learned a lot of useful information from your blog.GoMovies
Post a Comment