Search code examples
amazon-web-servicesdnsoffice365amazon-route53

Cannot correctly add office 365 registries (CNAME, TXT, MX) to get DNS from AWS

AWS does not accept registries CNAME and MX from office 365 as it is described in Microsoft's documentation. I need the correct way of doing it.

Solution

  • Here is how to do it

    Description of the issue:
    In my humble opinion ther is very bad documentation for newbies like me on how to use an AWS DNS to add a personal domain to my office365 email. Microsoft kind of gives a tutorial on how to do it, but it does not really work as expected and there are several hidden tips that can make you save a lot of time. Here the microsoft documentation for reference.

    I'm creating this post hoping that it helps someone in the same situation as I was trying to configure my company's custom domain email. (And Maybe Microsoft reads this and decides to update the documentation -.-').

    Situation:

    • You have a domain you bought at an external provider (not AWS, not Microsoft, in my case nominalia.com)
    • You run services using your domain (for instance, a webpage) in AWS (and you don't want to change your provider)
    • You have an office 365 plan and want to have a nice email address like "johndoe@thisismydomain.com"

    Pre-requisites:
    NOTE: this is not a tutorial on how to configure the DNS, but some key points might be given

    • You need to configure the DNS in your external domain provider so that it uses AWS DNS. The main thing to do in AWS is to create a Hosted zone in AWS with the name of your domain (for example). With the hosted zone, you will get SOA and NS registries. Copy the values for NS registries and add them to your external provider. *Some providers require to add for each NS url, its IP address, and AWS does not provide that information (shame on you AWS). Just use a service like https://www.whatismyip.com/dns-lookup/.
    • Once you have your DNS setup done, comes the time to really configure the mail domain.

    HANDS ON SOLVING THE REAL PROBLEM:

    • Go to your microsoft 365 account Admin page and click on "Setup" Setup button
    • You might be prompted with a set of available actions. Look for the one where you can configure your custom domain (NOTE: I can't add screenshots because I have already everything configured, but I don't think they are really needed)
    • Microsoft will guide you through the process up until you have to configure 3 registries for your DNS: TXT, MX and CNAME. (Now comes the time to start praying)
    • Go to your AWS route 53 hosted zone and click on create registry
    • For TXT registry, it is pretty much straight forward, just select registry type TXT, copy the value, set TTL and save (If microsoft specifies a host such as "@", just ignore Microsoft and imagine they did not specify any host)
    • For MX registry comes a small misconduction from AWS. Microsoft specifies a "Priority", a "Value", a "TTL" and probably again a "host" "@" that you need to ignore. Here you have to create again a registry with registry type MX, add the TTL as specified, and as for the value, AWS (at least in my spanish version) says "Add several values in separate lines". Well, again, trust me instead of the billion dollar company, you need to set the priority and the value in the same line. Something like "0 value-for-MX-registry" (where 0 is the priority).
    • And finally the "trickiest" (it is not tricky if you have a documentation not written by a chimpanze), you need to add a new registry CNAME. Again, Microsoft specifies a host (probably "autodiscover"), a value (probably autodiscover.something) and a TTL. What they don't explain correctly is that you have to add the host to the name of the registry (so you will have something similar to autodiscover.yourdomain.com as registry name) and that you have to add a dot at the end of the value.

    And that's it, you should have your DNS correctly setup for your nice custom email domain.

    I really hope this comes handy for someone, at least it is what worked for me.

    Regards.