Need help with Office 365 error

I feel like I am going in circles. The platform for our website (Kajabi) has instructed us to set up our DNS through Cloudflare. It worked well. I am getting errors with my Office 365 setup and Microsoft’s guidance is to delete our domain from Cloudflare. I don’t want to cause problems with our website. Can we delete our site from Cloudflare, set up Office 365 per Microsoft’s instructions, then set up Cloudflare again? I read in one post that you have to wait 60 days after setting up Office 365 to move DNS. That won’t work because we need our site up. Please advise. Thanks!

DETAILS

  1. I purchased a domain from GoDaddy.

  2. We are developing a website in Kajabi and followed their instructions for setting up DNS with Cloudflare. I updated GoDaddy with the Cloudflare name servers. Works great.

  3. Next item on our checklist was to set up an Office 365 account for email. I followed all the instructions at Microsoft.

  4. In the Microsoft admin center for the domain I get a “DNS errors detected” error message. When I click for details I get the error that says the name servers assigned to us by Cloudflare are being seen and that it cannot find the Microsoft name servers it expects.

|Expected vs actual record|Points to address or value|Status|

* Expected record|ns1.bdm.microsoftonline.com|The records we detected do not match the expected values|
  • |Actual record|cody.ns.Cloudflare.com|Invalid entry|
    
  • |Actual record|gail.ns.Cloudflare.com|Invalid entry|
    
  • ||
    
  • |Expected record|ns2.bdm.microsoftonline.com|The records we detected do not match the expected values|
    
  • |Actual record|cody.ns.Cloudflare.com|Invalid entry|
    
  • |Actual record|gail.ns.Cloudflare.com|
    
  1. Another Microsoft support article says to Delete your Cloudflare domain and enter the Microsoft name servers at the registrar, in our case, GoDaddy.

There are 2 options when adding a domain to use Office 365, you can have Microsoft manage the records or configure them in your existing DNS provider. Based on the error message it appears you’re currently configured for the former. Change the setting to use an external DNS provider.

1 Like

Thanks

Office 365 works seamlessly behind Cloudflare.

  1. Go to your Cloudflare Dashboard https://dash.cloudflare.com/?zone=dns
  2. Enter the following records (change yourdomain-com and yourtenant to the actual values)

Cloudflare Settings (make sure all of Office 365 Services are set to :grey:

Type    Host name               Points to address or value			TTL	          
MX      @                       yourdomain-com.mail.protection.outlook.com	1 Hour
TXT     @			v=spf1 include:spf.protection.outlook.com -all	1 Hour
CNAME   autodiscover            autodiscover.outlook.com                       1 Hour
CNAME   sip			sipdir.online.lync.com				1 Hour
CNAME	lyncdiscover		webdir.online.lync.com				1 Hour
CNAME	enterpriseregistration	enterpriseregistration.windows.net		1 Hour
CNAME	enterpriseenrollment	enterpriseenrollment.manage.microsoft.com	1 Hour
CNAME   selector1._domainkey    selector1-yourdomain-com._domainkey.YOURTENANT.onmicrosoft.com 
CNAME   selector2._domainkey    selector2-yourdomain-com._domainkey.YOURTENANT.onmicrosoft.com

Type	Service			Protocol Port	Weight	 Priority	TTL 	Name	Target	
SRV	_sip			_tls	 443	   1	    100	   1 Hour	@	sipdir.online.lync.com
SRV 	_sipfederationtls	_tcp	 5061	   1	    100	   1 Hour	@	sipfed.online.lync.com

Also you need to create TXT records for SPF, DMARC and Kajabi DKIM if they provide it.

SPF (may require additional Kajabi information)
v=spf1 a:yourdomain-com.mail.protection.outlook.com include:spf.protection.outlook.com include:kajabimail.net -all

Little typo for the destination there, buddy, just in case this is from your own domain (should be sipdir.).

1 Like

Thanks @saul it’s corrected now!

1 Like

https://github.com/irazasyed/dns-zone-files Same as above but github repo also has a number of other popular services.

2 Likes

Bookmarked! Sure beats typing that out again… :slight_smile:

Thanks everyone! It’s working!

Mike Semel

1 Like

This topic was automatically closed after 31 days. New replies are no longer allowed.