Custom Domain Verification for Azure AD | Exam AZ-104 | Microsoft Azure Administrator

Create DNS Record for Azure AD Domain Verification

Prev Question Next Question

Question

You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com.

Your company has a public DNS zone for contoso.com.

You add contoso.com as a custom domain name to Azure AD.

You need to ensure that Azure can verify the domain name.

Which type of DNS record should you create?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A

To verify your custom domain name (example)

1. Sign in to the Azure portal using a Global administrator account for the directory.

2. Select Azure Active Directory, and then select Custom domain names.

3. On the Fabrikam - Custom domain names page, select the custom domain name, Contoso.

4. On the Contoso page, select Verify to make sure your custom domain is properly registered and is valid for Azure AD. Use either the TXT or the MX record type.

Note:

There are several versions of this question in the exam. The question can have two correct answer:

1. MX

2. TXT

The question can also have other incorrect answer options, including the following:

1. SRV

2. NSEC3

https://docs.microsoft.com/en-us/azure/dns/dns-web-sites-custom-domain

To verify a custom domain name in Azure AD, you need to create a specific DNS record in your public DNS zone for the domain. This record is used to confirm that you own the domain and authorize Azure AD to manage it.

The correct DNS record type to create is a TXT (text) record. This record should contain a specific verification code that Azure AD provides when you attempt to verify the domain.

Therefore, none of the answer choices provided are correct, and the correct answer is not listed.

To clarify, here are the correct steps to verify a custom domain name in Azure AD:

  1. In the Azure portal, go to Azure Active Directory > Custom domain names.

  2. Enter your custom domain name (in this case, contoso.com) and click Add domain.

  3. Choose the verification method you want to use. This can either be DNS verification or email verification.

  4. If you choose DNS verification, Azure AD will provide a TXT record that you must add to your public DNS zone for the domain.

  5. Create a TXT record in your public DNS zone for the domain that contains the verification code provided by Azure AD.

  6. Wait for the DNS record to propagate, which can take up to 72 hours.

  7. Return to the Azure portal and click Verify to confirm that the domain has been successfully verified.

Once the domain is verified, you can start using it in Azure AD for things like user sign-in and email.

Prev Question Next Question