Office 365 Tips: Addressing Shadow Tenant Errors

  • Article

When adding a domain to your Office 365 tenant, you may run into the following error.

Sorry, you can't add domain.com here because it's already in use

This may be due to the fact that someone in your company signed up for a PowerBI trial with their company email address. We see this a lot then a subset of users has a different email address then the rest of the company and you now need to add that domain to Office 365.

In my example, I have opened a trail for PowerBI, using an email address (kelsey.epps@office365testing.org) that hasn’t been registered with my production Office 365 tenant. Now, when I try to add the domain (office365testing.org) to my production Office 365 tenant, I get an error (below in red). This is because the shadow tenant that was created for PowerBI trial is using that domain.

The post below details the process to do an admin takeover of the PowerBI shadow tenant, release the domain and then add to your production tenant.

If you own the domain.com domain and want to manage it, you have a couple of options.

clip_image002

Follow these instructions to remove the domain from the Shadow tenant and add it to your production tenant.

  1. Navigate to https://powerbi.microsoft.com/
     
  2. Enter your email address (that includes that domain that you can’t add to your Office 365 tenant). My example is office365testing.org
     
  3. Click ‘Use it free’
     
    clip_image004
     
  4. A confirmation email will be sent to your account. Click the link to verify the email address.
     
    clip_image006
     
  5. Enter your First Name, Last Name and a password. Click Start
     
    clip_image008
     
  6. The PowerBI setup process will kick off and your account will be added to the Shadow Tenant
     
    clip_image010
     
  7. Click the Office 365 waffle (app launcher)
     
  8. Click the Admin Icon
     
    clip_image012
     
  9. This will take you to the admin take over webpage
     
  10. Click ‘Yes, I want to be the admin’
     
    clip_image014
     
  11. Add the verification TXT record to your external DNS. My record happens to be hosted on GoDaddy, so there are instructions for GoDaddy on the page.
     
    clip_image016
     
    clip_image018
     
  12. Once the TXT record is added to public DNS, give it some time for replication. This is generally completed within 30 minutes, but can take up to 72 hours.
     
  13. Click ‘Okay, I’ve added the record’
     
    clip_image020
     
  14. The process will now go out and verify that the TXT record supplied is added to public DNS. Once completed, your account will be added as the admin for the shadow tenant.
     
    clip_image022
     
  15. Click ‘Go to the Office 365 homepage’ or login to https://portal.office.com with your account.
     
  16. Once logged into the Office 365 Admin Portal, click Users -> Active Users
     
  17. This will show you all the people that have opened trail accounts of PowerBI
     
    clip_image024
     
  18. In order to remove the domain, so that we can register it in the main tenant, you need to edit the users and change the UPN to the onmicrosoft.com domain (in my example – office365testingorg.onmicrosoft.com). This is required because none of the users can have the office365testing.org domain in use, if we want to remove the domain from this tenant. It’s recommended that you update all the users and then your admin account.
     
  19. Double click a user and change the UPN to the domain.onmicrosoft.com address
     
  20. Click Save
     
    clip_image026
     
  21. You may receive a warning. Click Yes
     
    clip_image028
     
  22. Repeat for all the users
     
    NOTE: Let your users know they still have their trial accounts, but the user name is now changed. This will allow them to remove their data.
     
  23. Edit your admin account the same way
     
  24. Click Yes to the warning
     

     
  25. Click OK and sign out of the tenant
     
    clip_image030
     
  26. Sign back in with the new user name (user@domain.onmicrosoft.com)
     
    clip_image032
     
  27. Click Domains and select the domain you want to remove (this is the domain that you want to add to your other tenant)
     
    clip_image034
     
  28. With the domain selected, click ‘Remove domain’
      
    clip_image036
     
  29. Click Yes
     
    NOTE: The domain will be removed from the shadow tenant and is not free to add to your tenant (give the process some replication time across the Microsoft backend servers).
     
  30. Logout of this tenant
     
  31. Login to your production tenant where you were getting the error adding the domain with your admin account and try to add the domain again. This time it should work without giving you the error. Please note that you will have to verify ownership again by adding the TXT record into public DNS.
     
  32. Login to the production tenant – https://portal.office.com
     
  33. Navigate to domains
     
  34. Click + Add domain
     
    clip_image038
     
  35. Click ‘Let’s get started –>’
     
    clip_image040
     
  36. Add the newly released domain from the shadow tenant
     
  37. Click Next
     
    clip_image042
     
  38. Verify domain ownership. Since I use GoDaddy, the process will allow me to sign into my GoDaddy account and verify, or use a TXT record in public DNS.
     
    clip_image044
     
  39. Success (and I forgot to screen shot the page before clicking next) … The domain is now verified and added to your production tenant. Step through the rest of the steps and now when viewing the domains in the production tenant, you will see it there and verified.
     
    clip_image046