Error when you try to use the New-MSOLDomain cmdlet to add a subdomain to an existing domain: "New-MsolDomain: Unable to add this domain"

Applies to: Cloud Services (Web roles/Worker roles)Azure Active DirectoryMicrosoft Intune More

PROBLEM

You try to add a subdomain to an existing domain in a Microsoft cloud service such as Office 365, Microsoft Intune, or Microsoft Azure by using the New-MSOLDomain cmdlet. However, you receive the following error message:

New-MsolDomain: Unable to add this domain. It is a subdomain and its authentication type is different from the authentication type of the root domain.

CAUSE

This issue occurs if you try to use the New-MSOLDomain cmdlet to add a subdomain to an existing domain that's set up for federated authentication. The New-MSOLDomain cmdlet tries to add the subdomain as a standard authentication domain.

SOLUTION

To add a subdomain to a domain that's set up for federated authentication, follow these steps:

Connect to Azure Active Directory (Azure AD) by using Windows PowerShell. For more info, go to the following Microsoft website:
Connect to Azure AD Using Windows PowerShell
Use the New-MSOLFederatedDomain cmdlet.

The syntax to add a subdomain is as follows, where <subdomain> is the name of the subdomain that you want to add:
```
New-MSOLFederatedDomain -DomainName:<subdomain> 
```

MORE INFORMATION

For more info about how to use Windows PowerShell to manage Azure AD, go to the following Microsoft website:

Manage Azure AD using Windows PowerShell

Still need help? Go to Microsoft Community or the Azure Active Directory Forums website.

Last Updated: Dec 28, 2016