Visitor 1

MS Partner Center can't verify domain ownership with DNS TXT record for host @.<mydomain>

I added the DNS TXT record @ on my domain as per the instructions to verify domain ownership in MS Partner Center and waited for some time until the record would get propagated, but I keep getting the message: "We didn't find the record you added for <mydomain>..."


There seems to be a problem with using the special character "@" as name for the TXT DNS record.


I used three different tools to verify the DNS TXT record with the following results:

MS Command.exe:
c:> NSLookup -q=TXT @.<mydomain>
Result: Success. The TXT record was successfully returned, the returned string matches the exptected value ("MS=...").
PowerShell in Windows:
> Resolve-DnsName @.<mydomain> -Type TXT
Result: Failed. An error is returned complaining an un recognized token ( "@").
At line:1 char:17
+ Resolve-DnsName @.<mydomain> -Type TXT
Unrecognized token in source text.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnrecognizedToken
dig (Ubuntu Linux)
$ dig -t TXT @.<mydomain>
Result: Failure
dig: couldn't get address for '.<mydomain>': not found
Escaping the special character "@" worked:
$ dig -t TXT "\@.<mydomain>"
Result: Success.  The expected string is returned.
\@.<mydomain>. 3600 IN TXT "MS=..."


Note: <mydomain> is used to avoid disclosure of internal information in the public forum.  For the tests I used the actual domain.


I opened ticket TrackingID #2201100010000255 but it just lead to a dead end, with the recurrent answer that the record is incorrect in the DNS provider, which is external to MS, hence they cannot help with that.  IMHO the use of as special character such as "@" as a host name for the TXT DNS record is causing the problem; a different string for the name (not using special characters) should be used.


Any pointers will be useful.



@maosanch : The ticket would better be placed with AzureAD support, e.g. via Azure Portal, since partner Center is relying on the AzureAD information. Using the @ as Host name is done for probable a dozen of million tenants, so I guess this not the problem: Add your custom domain - Azure Active Directory | Microsoft Docs

Kind regards, Janosch
Receive consultations via Technical Presales and Deployment Services team