Changes to the domain(s) of Azure AD and/or Workspace 365
Overview
There are different kind of scenarios where you need to switch/migrate to a new Azure AD tenant and/or update the domain for the Azure AD tenant. But you can also update domain/URL on the Workspace side. We describe here into detail what needs to be updated and in which scenarios.
We assume the usage of the following information;
Azure AD tenant Domain | UPN | Workspace 365 URL |
Changes on the Azure AD domain(s)
Change Azure AD tenant with the same domain
If you want to migrate/change the exact same domain and users with UPN (e.g. a.carter@w365support.com) to a new Azure AD tenant, there are a few things to consider/update on the Workspace side.
| Old | New |
Azure AD tenant | ||
Azure AD domain | ||
UPN | ||
Workspace 365 URL |
Steps to take
Make sure you have set up the new Azure AD with all the users present with the same domain and email address (UPN).
Make sure the primary admin* has a mailbox.
with the primary admin* in the Workspace.
Follow the email flow and configure Single Sign-On.
After you have setup Single Sign-On remove/cleanup the old Azure AD tenant.
*primary admin is the admin with which the workspace is created/registered.
Change Azure AD tenant with different domain
If you want to migrate/change a different domain and users with UPN (carter@w365support.com) to a new Azure AD tenant (a.carter@newdomain.com), there are a few things to consider/update on the Workspace side.
| Old | New |
Azure AD tenant | ||
Azure AD domain | ||
UPN | ||
Workspace 365 url |
Steps to take
Make sure you have set up the new Azure AD with all the users present with the new domain and email address (UPN).
UPN of the users needs to be updated in the database. Make sure you have the old domain (e.g. w365support.com), new domain (e.g. http://newdomain.com ) and tenant url (e.g. portal.workspace365.net/w365support) ready.
If you are a Self-hosted partner you could update this yourself or contact us
If you are a Hosted partner please contact us
Make sure the primary admin* has a mailbox.
with the primary admin* in the Workspace.
Follow the email flow and configure Single Sign-On.
After you have setup Single Sign-On remove/cleanup the old Azure AD tenant.https://workspace365.2tcloud.com/
*primary admin is the admin with which the workspace is created/registered.
Same Azure AD tenant with different domain
It is also possible to have your own URL for customers/environments.
| Old | New |
Azure AD tenant | ||
Azure AD domain | ||
UPN | ||
Workspace 365 URL |
Steps to take
Redirect the domain with a CNAME (for example customname.partner.workspace365.net).
Add the new URL to the Single Sign-On application in Azure AD.
(portal.azure.com -> Select the Workspace SSO application -> Authentication, and add the new Redirect URI) here.
(For example: https://customname.domainname.net/environmentname/OAuth2/HandleAuthorityResponse).
It is also possible to redirect the new URL directly to the customer environment.
Changes on the Workspace 365 domains/URL
Rename environment URL
| Old | New |
Azure AD tenant | ||
Azure AD domain | ||
UPN | ||
Workspace 365 URL |
Steps to take
Log in to http://portal.azure.com
Go to Active Directory
Go to App registrations -> click on 'All applications'
Select the Workspace 365 SSO app
Go to Authentication
Copy the current redirect URI
Paste it and replace the environment name part
Rename or adding extra URL's to the workspace instance
| Old | New |
Azure AD tenant | ||
Azure AD domain | ||
UPN | ||
Workspace 365 URL |
Steps to take
Raise a Renew or update certificate ticket and make sure all the information is added.
Also follow the next step for make sure the SSO app is configured right,
Log in to http://portal.azure.com
Go to Active Directory
Go to App registrations -> click on 'All applications'
Select the Workspace 365 SSO app
Go to Authentication
Copy the current redirect URI
Paste it and replace the environment name part