English

DNS forwards for Azure AD DS & SSO via O365 identity

Contributors tvanroo Download PDF of this page

Overview

Users can’t access company websites on primary email domain.

For Example, NetApp employees in VDS workspaces can’t access netapp.com if their SSO account is user@netapp.com

Dedicated VDS deployments use the internal domain of the Azure tenant.

Resolution

To resolve this, the Organization’s team that manages DNS will need to create a DNS forward lookup zone for your internal domain to allow it to resolve the the correct external IP (for NetApp’s purpose, this would let NetApp employees browse to netapp.com from within their virtual desktop).

Step by Step Guide

  1. Install the DNS Server Tools on CWMGR1 – this will allow you to manage DNS.

    dns1

    dns2

    dns3

    dns4

    dns5

  2. Once installed, you can go to Control Panel → System and Security → Administrative Tools and open up DNS.

    dns6

  3. When asked for the DNS server running DNS you will want to put in your domain name (in the example we’ve been using, this would be netapp.com).