Allow sub-domains to have different authentication method even if they are registered after the parent domain
Currently if a sub-domain is added after the parent domain, you can not choose the authentication method for the sub domain as it uses the method of the parent. This can only be worked around by adding sub domains before the parent domain.
It would be great to be able to have the parent domain use ADFS and the child use in cloud authentication or vice-versa and configure them individually when required.
We have parent domain as www.hello.com.au and would like to add sub domain and point A records to new dedicated server out side of Azure from Office 365 DNS to new sub-domain but we cant see any option to do this?
Please add -RootDomain parameter to cmdlet Set-AzureADDomain or Set-MsolDomainAuthentication to fix this issue
please fix this. It is causing us real problems
Jean-Benoit Paux commented
Any news on that ?
Murray Webber commented
This needs way more support than it has currently.
We also have a parent domain configured as federated, and it was configured first when we deployed, and via PowerShell to boot. Unfortunately, we are not only prevented from adding non-federated subdomains now, but also can't manage domains via the O365 Admin portal and need to use PowerShell instead. Both of these are a pretty terrible situation for us to be in. As Microsoft tried to explain to me, the current backend "container system" used by Office 365 doesn't permit subdomains to exist in a separate container, should the parent be configured as a federated domain. As such, unless the subdomain was added as a "Managed" domain first, all subdomains will have a "RootDomain" flag set; and that locks the subdomain to the federated parent only. Apparently, the only solution - and it isn't a real solution - is to remove all the domains and add them back, starting with the managed subdomains. Yikes.
We were hoping to create subdomains that we could use for all of our cloud-only accounts we have (and were planning on using). We were hoping to create a community subdomain for parent accounts, and a alumni subdomain, and more... but this limitation has prevented all these scenarios, because we can't create subdomains. This really needs to be fixed.