When setting up a domain in Office 365, we need a way to now direct traffic to all of the various services you want to use, if this traffic is never routed Office 365 would be a pretty lonely empty place. Office 365 and most of the internet routes traffic based on the domain name service/system (DNS).
What is DNS?
At it’s core DNS is a way for to translate IP addresses to domain names. This way as humans we don’t have to remember that 18.104.22.168 is a google DNS IP address, it also translates to google-public-dns-a.google.com. Much easier to remember for humans. When it comes to services there are special types of records that different services, protocols and software look for to route email. For example in the email world we have Mail Xchanger records or MX records. When a mail system wants to send email to another server say 365unity.com, the sending mail system will look for a DNS MX record for 365unity.com. A Name Server lookup (NSlookup) will tell us that the server receiving email for 365unity.com is 365unity-com.mail.protection.outlook.com, and the sending email server will try to send email on that record.
In a nutshell that’s it.
For Office 365 because there are a number of services available to it over the internet, we need to find a way to route the different types of traffic to your Office 365 services. If you keep the generic “company.onmicrosoft.com” address that is given to you when you purchase your tenant you are already set. If you add a personalized domain, you are also going to need a DNS service to change and route the traffic to Office 365. When you are configuring domains in Office 365, Microsoft gives us the MX records we need to set with our DNS provider.
DNS records required by Service
Exchange will need 3 records, and I will do my best to explain what each record is used for.
MX records as previously discussed tell mail servers where to send email for the domain in question, in our case Exchange Endpoint Protection is set to receive the email before it get’s sent to my account.
TXT records are used to validate that you own the domain when adding a DNS record. This is a security feature that Microsoft uses. The assumption is if you can change the DNS records, you own the domain.
CNAME records are also known as canonical name records or alias. In this case it’s setting the autodiscover record which will be used by rich clients to determine how to setup Outlook for instance once I put in my email address email@example.com
Skype for Business
Skype for business introduces the SRV or service record. These records tell a service what the address is and what port to use for a specific service. In Skype for Business’ case, the SRV record will tell the Skype for Business rich client where to try to log onto and by what port. The other SRV record tells other Skype for Business services how to federate with your domain. The two CNAME addresses are used to allow your rich client into Skype for Business through a reverse proxy and Edge Server.
Mobile Device Management
Office 365 offers a feature to manage your mobile devices, since they are the future. This feature is pretty powerful and allows you to set device policies. When you set these policies you will be setting up DNS records so your devices can register and enroll in the service. Once this is completed you can do manage those devices inside of Office 365. Management includes tasks such as wipe or block a device, set password policies and view policies associated to devices. This feature can be compared to activesync in Exchange.
Those are the basics but another cool feature is if you have some of the most common DNS providers such as GoDaddy and you feel compelled to, Microsoft will with your permissions and credentials log in and make those DNS changes for you. Otherwise it’s a manual process, but they do give you all of the information you’ll need to input. Be fairwarned though if you are not comfortable making DNS changes, please have someone that is comfortable do it for you.