If you are having problems in successfully complete the MFA verification calls
MFA phone verification fails sometimes or Microsoft 365 did not send me a code?
A U.S. system always produce these calls with a +1 caller ID.
The carrier within this connection likely doesn’t support dual tone multi frequency (DTMF). Therefore, MSFT never receive the # signal back from the user’s phone. As a result, failure of authentication may be encounter.
In other words, calls could get routed through a carrier between the source and target that doesn’t support or pass along the caller ID that MSFT sent.
If you attempt again within 10 minutes,
MSFT will choose a different PSTN provider to ensure a different routing and increase the chances of a successful connection.
If you are on a specific country that are having a number of MFA phone verification fails intermittently,
By logging a support case, MSFT could run a deliberation to see if there’s a need for further fix within your location otherwise choose other methods such as the Authenticator mobile app or text message.
In conclusion, MSFT has given multiple options you can choose from for your best case scenario. More on securing Microsoft 365 here.
You can’t add custom DNS records type to Admin Center
This normally happened if you have only PartialRedelegation upon adding your domain. We need to change this to FullRedelegation especially if the NameServer is pointed to Microsoft 365 so that we can add other records like records for your website.
Go to M365 portal > Settings > Domains.
Select the domain and click manage DNS.
Click on more option and choose “Set up my online services for me”.
Click continue until you reach to this page.
You can now add the IP address of the website during the set up.
Complete the set up and go back to manage the domain to see if you have a capability to add custom DNS types
You are getting a message about a Domain Broker Service advertisement
Your website intermittently redirect to a different webpage and sometimes on your website
Your domain is parked
Firstly, you must investigate your DNS entries and look for A record with the value named “Parked“. This is designed by GoDaddy to let the internet know that your domain is taken and at the same time does not have an existing website.
Moreover, domain Broker Service Ads campaign is then use by the domain broker service and advertise it to people that has interest to your domain name. In other words, your domain is up for a bidding.
This may be applicable to other domain service provider since mine is with GoDaddy I followed the steps below to resolved it.
Importantly, after adding your A records for your website’s IP address make sure to remove the entry for another record for “Park”, otherwise the you’ll be broadcasting two records (depending on the load balancer) and a redirection to your web server or GoDaddy’s Domain Broker Service Ads as a result.
Scenario: Got two MSOL user they are both sync, looking to see if we can merge it.
You don’t have to really merge this and there’s no way to really do that. Both msol user are synced with AD. So the question is who’s to retain and obviously it would be the licensed account.
For this you just need to find the equivalent AD object of the unlicensed msol user and move it away from the syncing OU. This will delete it from O365 hence will not show ung Admin center active user.