Changes to the domain(s) of Azure AD and/or Workspace 365
Overview
There are different kind of scenarios where you need to switch/migrate to a new Azure AD tenant and/or update the domain for the Azure AD tenant. But you can also update domain/url on the workspace side. We describe here into detail what needs to be updated and in which scenarios.
We assume the usage of the following information;
| Azure AD tenant Domain | UPN | Workspace 365 url |
|
w365support.com |
a.carter@w365support.com |
Changes on the Azure AD domain(s)
Change Azure AD tenant with the same domain
If you want to migrate/change the exact same domain and users with UPN (e.g. a.carter@w365support.com) to a new Azure AD tenant, there are a few things to consider/update on the Workspace 365 side.
| Old | New | |
|
Azure AD tenant |
w365support.onmicrosoft.com |
newtenant.onmicrosoft.com |
|
Azure AD domain |
w365support.com |
w365support.com |
|
UPN |
a.carter@w365support.com |
a.carter@w365support.com |
|
Workspace 365 url |
https://portal.workspace.url/w365support |
https://portal.workspace.url/w365support |
Steps to take
- Make sure you have set up the new Azure AD with all the users present with the same domain and email address (UPN).
- Make sure the primary admin* has a mailbox.
- RequestEmergencyAdminAccess with the primary admin* in the Workspace.
- Follow the email flow and configure Single Sign-On.
- After you have setup Single Sign-On remove/cleanup the old Azure AD tenant.
*primary admin is the admin with which the workspace is created/registered.
Change Azure AD tenant with different domain
If you want to migrate/change a different domain and users with UPN (carter@w365support.com) to a new Azure AD tenant (a.carter@newdomain.com), there are a few things to consider/update on the Workspace 365 side.
| Old | New | |
|
Azure AD tenant |
w365support.onmicrosoft.com |
newtenant.onmicrosoft.com |
|
Azure AD domain |
w365support.com |
newdomain.com |
|
UPN |
a.carter@w365support.com |
a.carter@newdomain.com |
|
Workspace 365 url |
https://portal.workspace.url/w365support |
https://portal.workspace.url/w365support |
Steps to take
- Make sure you have set up the new Azure AD with all the users present with the new domain and email address (UPN).
- UPN of the users needs to be updated in the database. Make sure you have the old domain (e.g. w365support.com), new domain (e.g. newdomain.com) and tenant url (e.g. portal.workspace365.net/w365support) ready.
- If you are a Self-hosted partner you could update this yourself or contact us
- If you are a Hosted partner please contact us
- Make sure the primary admin* has a mailbox.
- RequestEmergencyAdminAccess with the primary admin* in the Workspace.
- Follow the email flow and configure Single Sign-On.
- After you have setup Single Sign-On remove/cleanup the old Azure AD tenant.
*primary admin is the admin with which the workspace is created/registered.
Same Azure AD tenant with different domain
It is also possible to have your own URL for customers/environments.
Check this article for more information about this.
| Old | New | |
|
Azure AD tenant |
w365support.onmicrosoft.com |
w365support.onmicrosoft.com |
|
Azure AD domain |
w365support.com |
newdomain.com |
|
UPN |
a.carter@w365support.com |
a.carter@newdomain.com |
|
Workspace 365 url |
https://portal.workspace.url/w365support |
https://portal.workspace.url/w365support |
Steps to take
- Redirect the domain with a CNAME (for example customname.partner.workspace365.net).
- Add the new URL to the Single Sign-On application in Azure AD.
(portal.azure.com -> Select the Workspace SSO application -> Authentication, and add the new Redirect URI) here.
(For example: https://customname.domainname.net/environmentname/OAuth2/HandleAuthorityResponse).
Changes on the Workspace 365 domains/url
Rename environment url
| Old | New | |
|
Azure AD tenant |
w365support.onmicrosoft.com |
w365support.onmicrosoft.com |
|
Azure AD domain |
w365support.com |
w365support.com |
|
UPN |
a.carter@w365support.com |
a.carter@w365support.com |
|
Workspace 365 url |
https://portal.workspace.url/w365support |
https://portal.workspace.url/newtenanturl |
Steps to take
- Log in to portal.azure.com
- Go to active directory
- Go to App registrations -> click all applications
- Select the Workspace 365 SSO app
- Go to authentication
- Copy the current redirect URI
- Paste it and replace the environment name part.
Rename or adding extra url's to the workspace instance
| Old | New | |
|
Azure AD tenant |
w365support.onmicrosoft.com |
w365support.onmicrosoft.com |
|
Azure AD domain |
w365support.com |
w365support.com |
|
UPN |
a.carter@w365support.com |
a.carter@w365support.com |
|
Workspace 365 url |
https://portal.workspace.url/w365support |
https://new.workspaceinstance.url/w365support |
Steps to take
Raise a Renew or update certificate ticket and make sure all the information is added.
Also follow the next step for make sure the SSO app is configured right,
- Log in to portal.azure.com
- Go to active directory
- Go to App registrations -> click all applications
- Select the Workspace 365 SSO app
- Go to authentication
- Copy the current redirect URI
- Paste it and replace the environment name part.