As a consultant dealing with Office 365 onboarding projects, I got one question quite often from my customers and partners:
“Is it possible to check, if my domain is already registered in an Office 365 tenant?”
The reason, why I often get asked this question is that, many IT departments in most companies already did some research on Office 365 and the IT admins also often create a test tenant in order to check, what features are available and what can be done with O365. But that’s not a problem at all. The problem raises if the IT guys add their productive domain (e.g. bisser.at) to that test tenant and verify it as well.
When they do that, they often play around a little and then forget about that until the management says that it’s time to go for O365, where I step into the game.
Usually we then have some workshops and so one and create then a brand new O365 tenant in order to start using the cloud. There comes the first question: “How shall we call our tenant?” – which can take some time to be answered, especially, when you want to create a tenant with your company’s name, which is already existing. Luckily, Aaron Dinnage (Solution Specialist at Microsoft) came up with a solution in order to check if the preferred tenant name already exists. You can read more here: https://t.co/RlSYyl6eV8
After the tenant is created with the right name the next problem raises: “Why can’t I add my domain to that tenant?” and the answer is clear:
“Because it is already registered to a tenant.”
But this is not the only reason, why I tried to come up with a solution to this question. The other reason is the troubleshooting aspect.
When you invite an external person to your O365 tenant with his or her proper mail address, Azure AD could cause sign in problems.
The reason for that is that if you invite a person who doesn’t know about O365, the person just clicks on the invitation link in the mail and follows the instructions (setup account, create password, etc.) because the person is not aware, that he maybe already has an O365 user which has the same logon name as the mail address you invited.
Therefore, the login process will fail and as a result the person calls you and says “I can’t login, please help me!”. And you as an admin then try to troubleshoot the problem leading to the fact that you will reset the password, send another invite and so on – always with the same result.
In order to avoid these pesky troubleshooting hours, my script shall come up with a solution, which you may think now is quite obvious: The user is already registered in an AAD tenant with the exact same mail address and must therefore login with these credentials.
In order to check if there is an AAD tenant already registered with that (SMTP) domain, you can use my script, which can be found here:
When you execute the script, you will have to pass 1 (or 2 params):
- Domain: This represents the domain you want to check against a possible O365/AAD registration
- UseAnotherAccount: This is an optional param, where you can use the option “Use another account” within the O365 login process, if you have cached some O365 credentials in the Internet Explorer
So to run the script and check your domain, execute the following statement in a PowerShell window where you have stored that script:
.\o365_check_registered_domain.ps1 -domain "bisser.at"
Or by using “Use another account”, you need to run the following:
.\o365_check_registered_domain.ps1 -domain "bisser.at" -useAnotherAccount $true
After you execute this one, the PS will open up an IE window, which is not visible to you, navigating to https://portal.office.com and will try to insert a dummy user with that domain ending, in order to check if the domain is a known domain to Microsoft or not:
If the domain is already registered in O365/AAD, you will see the following output in your PS window:
But if the domain is not registered in an O365/AAD environment, you’ll see the following output, which means, that you’re good to go with that domain:
As this is the first version of my script, I will keep updating this one and improve it to make troubleshooting and checking of domain registration more easy, so keep reading to get updates on this one…