Fed up of having to login to your hosting companies website and seperate MFA to manage your domains? Have you considered pointing your Domains to M365 to manage them in the Control Panel you’ve already secured with MFA and familiar with? Well carry on reading and we’ll discuss reasons to consider and how to go about migrating your domains over.
Introduction
Most of the domain providers I’ve used previously have provided a very basic portal with often only one username/Password, Limited MFA options, often SMS only which is insecure, and certainly inconvinient for a team when colleagues are on holiday / out the office and unable to forward MFA in time.
Not to mention as hosting providers don’t make any money from providing these portals, most will only provide a couple of name servers which aren’t always as reliable and fast as we’d like them to be.
Why Microsoft 365
- It’s in M365 portal so comes under the same MFA / Access Permissions / Roles as your mailboxes and office apps.
- As you’re only repointing the Name Servers, You can setup DNS Records in O365 in advance (This usually isn’t possible when changing DNS Providers) so there is no loss of service during domain cutovers
- M365 provides audit logs so you can see what changes have been made, When and whom by.
Anything to be aware of before moving?
Microsoft 365 allows you to create the below types of records, If you require any records outside of this list then they may not be suitable at this time.
It’s also worth noting that if you have used NS records for your DMARC provider you won’t be able to do this with M365. This isn’t usually too much of a problem but something to be aware of as you will need create a DMARC Txt record in M365 instead.
How to migrate a domain to M365
We’ll assume you’ve already purchased your domain, and that your domain is already added in M365.
So we’ll start with making the changes in M365, This will allow you to change the DNS Records in M365. Finally once you’re happy all your DNS Entries have been copied across you can go ahead and update the Name Servers on your registrars portal.
Steps to Migrate
Start by logging into the M365 portal
Expand Settings, click on the domain you’re looking to move.
Under your domain click on Manage DNS
Currently you’ll be set to “Add your own DNS Records” where Microsoft provide the Email/Sharepoint/Teams/Microsoft Endpoint DNS Records for you to add to your DNS Host’s site.
In order to move across we’ll be changing to “Set up my online services for me” so select this and click next.
On the next screen you can tick all 4 options, If however you wish to modify your SPF and DMARC records you’ll want to untick “Exchange and Exchange Online Protection”.
Once you’re happy with your selection, Click Continue.
On the next screen you’ll have access to add your WWW records, Any other TXT records and any DNS Entries for SSL Verification e.t.c that you need to migrate.
Once you’re happy with your DNS Entries then it’s time to login to your DNS Provider and update your NS Records to the ones provided by Microsoft. These are the same ones shown under the Microsoft 365 admin console under your usual records.
Mine are shown below as an example but these may be different for other M365 zones so best to check your portal.
Note: Once you’ve gone through the steps on the Microsoft portal, you will lose the Add Record, Check Health e.t.c options from the top menu. The Status on the Main Domains screen will also change at this point and you’ll see a blue status Icon.
This is to be expected and once the NS records have been updated on your domain, and the TTL has expired, You can click “Check Health” on the main menu to restore these options once Microsoft have verified NS records are pointed to them.
If you have any issues with the above article and need any assistance please reach out through the comments and I’ll be happy to help.