DNS Forwards for Azure ADDS & SSO via O365 identity


Users can’t access company websites on primary email domain.

For Example, NetApp employees in VDS workspaces can’t access netapp.com if their SSO account is user@netapp.com

Dedicated VDS deployments use the internal domain of the Azure tenant.


To resolve this, the Organization’s team that manages DNS will need to create a DNS forward lookup zone for your internal domain to allow it to resolve the the correct external IP (for NetApp’s purpose, this would let NetApp employees browse to netapp.com from within their virtual desktop).

Step by Step Guide

  1. Install the DNS Server Tools on CWMGR1 – this will allow you to manage DNS.






  2. Once installed, you can go to Control Panel → System and Security → Administrative Tools and open up DNS.


  3. When asked for the DNS server running DNS you will want to put in your domain name (in the example we’ve been using, this would be netapp.com).