According to the Microsoft Learn article Add and replace your onmicrosoft.com fallback domain in Microsoft 365 one cannot delete the extra domains once they are created (but I'm guessing if one contacts MS Support they can help);
Is it possible to remove extra '.onmicrosoft.com' domains from Azure AD
I am trying to remove a few extra '.onmicrosoft.com' domains I added to my Azure AD for testing
Steps taken so far:
- Removed all dependancies on domain in Azure AD
- Attempted to remove domain under 'Custom domain names' section of the Azure AD on azure portal. Resulted in "Unable to delete domain name '****.onmicrosft.com' from ****.com"
- Used used 'Remove-MsolDomain' command in powershell.
Resulted in:
Remove-MsolDomain : Unknown error occurred.
At line:1 char:1
- Remove-MsolDomain -DomainName "****.onmicrosoft.com" - ...
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- CategoryInfo : OperationStopped: (:) [Remove-MsolDomain], MicrosoftOnlineException
- FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.DomainCapabilityUnsetException,Microsoft.Onli
ne.Administration.Automation.RemoveDomain
Note: This is NOT the default '.onmicrosoft.com' domain that was created when tenant was created.
5 answers
Sort by: Most helpful
-
-
Shashi Shailaj 7,581 Reputation points Microsoft Employee
2022-04-04T14:39:34.08+00:00 As I understand your query , you seem to be trying to remove extra *.onmicrosoft.com' domain names from your Azure AD tenant . You have also mentioned that you the domain you are trying to remove is not the same domain that was created when tenant was created. The domain name that is created while we create a new tenant has type
initial
added to it as shown below.The
.onmicrosoft.com
name is the initial name that is provided to a tenant whenever it is created. The .onmicrosoft.com namespace is Microsoft-owned service namespace for Azure AD service . Its not possible to have two verified .onmicrosoft.com domain names associated with a single azure AD tenant by design . If there were multiple.onmicrosoft.com
domains in your Azure AD tenant; by design, only one would be verified domain that you would be able to use with users or groups while others would just be unverified domains which could be removed easily with the cmdlet Remove-AzureADdomain or Remove-MSolDomain.I tried to see if multiple .onmicrosoft.com domain could be added . Whenever I add a new
.onmicrosoft.com
domain likeabc.onmicrosoft.com
to my azure AD tenant, the system asks me to verify the same. In order to verify that I will require access to the onmicrosoft.com DNS zone which no one has access to except Microsoft Cloud Services hence the domain would never become a verified domain in my case as you can see below.For testing, I tried removing the initial domain xxxxxx13.onmicrosoft.com and got the following error.
PS C:\> Remove-MsolDomain -DomainName xxxxxxx13.onmicrosoft.com Remove-MsolDomain : You cannot remove the initial domain created for you in Office 365. At line:1 char:1 + Remove-MsolDomain -DomainName MSDx756613.onmicrosoft.com + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OperationStopped: (:) [Remove-MsolDomain], MicrosoftOnlineException + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InitialDomainDeletionException,Microsoft.Online.Administration.Automation.RemoveDomain
Then I tried removing other domains and I was successful without any issue as they were unverified domains.
PS C:\> Get-MsolDomain Name Status Authentication ---- ------ -------------- xxxxxxx13.onmicrosoft.com Verified Managed xxxxxxx13.mail.onmicrosoft.com Verified Managed abcd.org Verified Managed abc.onmicrosoft.com Unverified Managed rd.onmicrosoft.com Unverified Managed PS C:\> Remove-MsolDomain -DomainName abc.onmicrosoft.com PS C:\> Get-MsolDomain Name Status Authentication ---- ------ -------------- xxxxxxx13.onmicrosoft.com Verified Managed xxxxxxx13.mail.onmicrosoft.com Verified Managed abcd.org Verified Managed rd.onmicrosoft.com Unverified Managed
In this case I added multiple
.onmicrosoft.com
domains and removed them using the PowerShell cmdlets Remove-MsolDomain and it worked without any issue. Ideally if you have multiple verified .onmicrosoft.com domains in your azure AD tenant , it can be some bug and we can help you further if you can provide more information on this. I hope the information provided clarifies how custom domains related to.onmicrosoft.com
domains associated with a azure AD tenant . If the information is not helpful , please check if the domains you are trying to remove are verified or not. If they are verified , please let us know and we will continue to help you . Should the information in this thread help you , please do accept this post as answer which will help other members of the community and improve the relevancy of this thread.Thank you .
----------------------------------------------------------------------------------------------------------------------------------------------------------
- Please don't forget to click on whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
- Want a reminder to come back and check responses? Here is how to subscribe to a notification
- If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
-
Dionis Vozian 1 Reputation point
2022-04-19T02:43:05.607+00:00 i'm facing the same issue.
-
Will Christopher 1 Reputation point
2022-05-30T22:15:06.17+00:00 I'm having the same issue. Has anyone figured it out, yet?
-
Patrick-L 0 Reputation points
2023-02-15T08:07:36.2966667+00:00 Hi all,
I'm facing the same issue.
I created two sub-domains on my default "onmicrosoft.com" address:
Even the sub-domains aren't set as "Primary", I'm not able to delete one of them:
"subsub.xxx.onmicrosoft.com" is a custom domain with state: "Verified" but not the "Primary" domain:
Also deleting this Domain my Power-Shell with: Remove-AzureADDomain -Name subsub.AxxxxxxxxxxxA1.onmicrosoft.com was not possible.
What am I doing wrong?
Is this a Azure-Bug?
How to proceed here?