Cross-tenant Shared DNS Space (Native Cross-Tenant Domain Sharing for Exchange Online)

 

Cross-tenant Shared DNS Space
(Native Cross-Tenant Domain Sharing for Exchange Online)

 

Upcoming new features, describe and change migration approach, (private preview)

Reference: Supporting Mergers, Acquisitions, and Divestitures in Microsoft 365 - Microsoft Community Hub

 

Microsoft has announced publicly a new expected solution architecture and some of the configuration and management tasks you must perform when utilizing native cross-tenant domain sharing functionality.

Below, the step-by-step description to enable cross-tenant domain sharing for a single SMTP domain. (valid as long no major changes are introduced by MS)

The domain will be Authoritative in the Tenant where you perform the primary domain management. Up on enablement for domain for cross-tenant domain sharing, you will be able to add the domain as an Internal Relay in additional tenants. An internal Relays is like in Exchange On-Premises relay configuration.

  

Cross-Tenant Domain Sharing Configuration 

Enabling domain sharing for source-tenant.com in Source Tenant so that source-tenant.com can be assigned as a Primary SMTP address to the mailboxes in Target Tenant. 

  1. Add source-tenant.com as an Accepted Domain in Source Target before adding it to other tenants

·       Domain appears as Type: Authoritative 

  1. Configure source-tenant.com in Source Tenant to allow sharing with Target Tenant

·       Microsoft will provide full details for this task once the feature is public 

  1. Add source-tenant.com as an Accepted Domain in Target Tenant

·       Domain appears as Type: Internal Relay 

  1. Configure Inbound Connectors that are in each tenant to trust the opposite tenant

·       Source Tenant connector configuration:

SenderDomains={smtp:source-tenant.com;1} 

TrustedOrganizations={smtp:target-tenant.onmicrosoft.com;1} 

·       Target Tenant connector configuration:

SenderDomains={smtp:source-tenant.com;1} 

TrustedOrganizations={smtp:source-tenant.onmicrosoft.com;1} 

  1. MX Record for source-tenant.com points to Source Tenant

·       Inbound messages for all source-tenant.com addresses will deliver to Source Tenant and then routed to Target Tenant 

  

Primary SMTP Address Assignment 

With the cross-tenant domain sharing architecture in place, you can now start to assign source-tenant.com email addresses to mailboxes in Target Tenant, which has target-tenant.com as an Authoritative Accepted Domain. 

  1. Create a mailbox in Target Tenant, which will have a UPN for a domain that is owned by Target Tenant
  1. Set the Primary SMTP on the mailbox in Target Tenant to a unique source-tenant.com address
    • Example: userA@source-tenant.com 
    • Microsoft will provide full details for this task once the feature is public 

 

The user is now able to send emails from his mailbox in Target Tenant as userA@source-tenant.com even though that domain is managed by Source Tenant. 

Comments

Popular posts from this blog

Cannot join external Lync Meeting: Lync Edge Server Single IP Address (Lync Edge Server Single IP Web Conferenceing Problem)

How to hide users from GAL if they are AD Connect synchronized

MFA with Guest Access and different tenants settings