Backtrack:  
 
by lunarg on August 17th 2015, at 13:25

EDIT: highlight required trailing dots + added CNAME for msoid.

If you're using a hosting provider which uses DirectAdmin for its DNS management, it may be a hassle to correctly configure DNS records for Office 365, mainly because of syntax issues. After some trial-and-error and googling, I finally managed to correctly devise the proper syntax to configure Exchange Online and Lync Online.

The set up of the entries below is a left and right field in the DNS management, safe for MX-records, which are set up elsewhere. For most services, don't forget to add the trailing . at the end of each record pointing to a Microsoft Server. Otherwise, resolving will incorrectly add your own domain name to resolve, resulting in a incorrectly configured DNS record. Also, note that the TTL cannot be entered as such as it has to be set as a default value. Setting it to 3600 (the default suggested by Microsoft) will set all records to the same TTL.

Important!
As said earlier, punctuation and how you enter the records is very important. Not paying attention will break your records from resolving correctly. You have been warned!

Domain ownership verification

There are two ways to verify ownership of a domain: through a TXT-record or through an MX-record. I prefer the TXT-record as it reduces the overhead of any mailserver attempting to contact the invalid MX. To add the TXT-record:

domain.tld. TXT MS=msXXXXXXXX

Substitute domain.tld with your own, and don't forget the trailing dot. Also, substitute the XXXXX with whatever value Microsoft has given you.

Configure Exchange Online

For Exchange Online, you need to add the Autodiscovery and MX-records. For MX-records to work, you need to turn off Handle mail on this server. This option can be found at the bottom of the DNS Management page.

prefix.mail.protection.outlook.com. MX 0

Substitute the prefix with whatever Microsoft has given you. It usually somewhat resembles your domain name (e.g. like domain-tld). Also, add the autodiscovery CNAME, and your SPF-record (as a TXT):

autodiscover CNAME autodiscover.outlook.com.
domain.tld. TXT "v=spf1 include:spf.protection.outlook.com -all"

Substitute domain.tld with your own, and don't forget the trailing dot. It is also important to add the quotes around the complete value of the SPF-record. Otherwise, DNS resolving will enclose each sub-field with quotes, breaking SPF specifications.

Configure Lync Online

Lync Online is configured through a set of SRV and CNAME records.

The syntax of an SRV record in DirectAdmin is as follows:

  • left field: [record type].[protocol]
  • right field: [weight] [priority] [port] [target]

This results in adding the SRV records like so:

_sip._tls SRV 1 100 443 sipdir.online.lync.com.
_sipfederationtls._tcp SRV 1 100 5061 sipfed.online.lync.com.

Add these CNAME records:

lyncdiscover CNAME webdir.online.lync.com.
sip CNAME sipdir.online.lync.com.
msoid CNAME clientconfig.microsoftonline-p.net.