Feedback by UserVoice

How can we improve the tenant admin features O365?

Allow sub-domains to have different authentication method even if they are registered after the parent domain

Currently if a sub-domain is added after the parent domain, you can not choose the authentication method for the sub domain as it uses the method of the parent. This can only be worked around by adding sub domains before the parent domain.

It would be great to be able to have the parent domain use ADFS and the child use in cloud authentication or vice-versa and configure them individually when required.

91 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Dave Watson shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...
  • Stein commented  ·   ·  Flag as inappropriate

    Please add -RootDomain parameter to cmdlet Set-AzureADDomain or Set-MsolDomainAuthentication to fix this issue

  • Murray Webber commented  ·   ·  Flag as inappropriate

    This needs way more support than it has currently.

    We also have a parent domain configured as federated, and it was configured first when we deployed, and via PowerShell to boot. Unfortunately, we are not only prevented from adding non-federated subdomains now, but also can't manage domains via the O365 Admin portal and need to use PowerShell instead. Both of these are a pretty terrible situation for us to be in. As Microsoft tried to explain to me, the current backend "container system" used by Office 365 doesn't permit subdomains to exist in a separate container, should the parent be configured as a federated domain. As such, unless the subdomain was added as a "Managed" domain first, all subdomains will have a "RootDomain" flag set; and that locks the subdomain to the federated parent only. Apparently, the only solution - and it isn't a real solution - is to remove all the domains and add them back, starting with the managed subdomains. Yikes.

    We were hoping to create subdomains that we could use for all of our cloud-only accounts we have (and were planning on using). We were hoping to create a community subdomain for parent accounts, and a alumni subdomain, and more... but this limitation has prevented all these scenarios, because we can't create subdomains. This really needs to be fixed.

Feedback and Knowledge Base