We have Single Sign-on working for a test application in Azure, using Azure Active Directory and the on-premise server running DirSync to synchronise the user details.
I have added a Custom Domain and verified it, by adding TXT records to the DNS entries at my registrar's website. In order to do this, I followed advice (from stackoverflow questions) that I needed to untick the option that said "I plan to configure this domain for single sign-on with my local Active Directory", in order to gain access to the additional information that allows me to prove ownership of the domain.
As a result, the domain has been verified and Azure recognises this, allowing me to see the domain as being 'verified', but the Single Sign-On value for this custom domain is set to 'Not Planned'.
The problem is now, I want to be able to re-tick that check box, and enable this domain to be used with the single sign-on, as I don't want to have to tell my users to use their log-in email addresses as 'username@something.onmicrosoft.com' as they'll never get it and will pester me to change it.
So, my question is: Is there a way to re-tick this box, and change the status of this field away from that of 'Not Planned', and (hopefully) to allow my users to sign in using their [email protected] instead?
I have tried to remove the domain and re-add it, but Azure stops me from deleting it, as it's probably already well utilised in the rest of the processes. Also, I have no ability (or at least that's how it seems!) to go back into this custom domain within Azure and modify it.
UPDATE: I have tried to Deactivate the Directory Integration directory sync - this allows me to adjust the sync'd user's email addresses, but they're reverted back to .onmicrosoft.com once the sync is Activated again.
UPDATE 2: I have tried to install PowerShell to remotely administer the custom domain to becoming active, but I just cannot connect, despite several hours of trying.