Step-by-Step Guide to Setting Up Azure Entra ID with Domain, and User Management

Introduction
What is Azure Entra ID?

Azure Entra ID, formerly Azure Active Directory (Azure AD), is Microsoft’s cloud-based identity and access management (IAM) service.

It helps you securely manage users, devices, and applications — whether for a personal project, a business, or a large enterprise.

What You Can Do With Azure Entra ID:

1. User Authentication: Let users securely sign in to your apps or services.

2. Single Sign-On (SSO): Users can log in once and access multiple apps (like Microsoft 365, GitHub, Salesforce, etc.).

3. Role-Based Access Control (RBAC): Assign access permissions based on users’ roles.

4. Custom Domain Integration: Use your domain (like @mycompany.com) instead of the default @something.onmicrosoft.com.

5. Device Management: Secure and manage laptops, phones, or any connected devices.

6. Multi-Factor Authentication (MFA): Add extra security to logins.

7. App Registration: Register your web/mobile apps and manage their permissions.

8. B2B & B2C Scenarios: Collaborate securely with partners (B2B) or offer login to customers (B2C).

Think of Azure Entra ID As:
A digital gatekeeper that controls who can access what in your cloud setup — all with enterprise-grade security.

Now that we understand Azure Entra ID and its uses, let's set one up!

We will be creating:
Azure Portal
Azure Entra ID
Namecheap
Get your dollar credit card ready if you are opening the Azure portal for the first time.

Guidelines
Step 1:
i. Create a Microsoft (Outlook/Hotmail) Account
If you don’t already have one:

Visit https://signup.live.com/

ii. Choose “Get a new email address” if you want a custom Hotmail/Outlook domain.

iii. Fill in your details.

iv. Verify with your phone number.

1. Purchase a Domain on Namecheap i. Go to https://www.namecheap.com/

ii. Search for an available domain (e.g., yourbrandname.com).

iii. Add it to cart and check out.

iv. Skip additional upsells unless needed.

v. After payment, go to “Dashboard” > “Domain List”.

1. Set Up an Azure Cloud Account i. Go to https://azure.microsoft.com/en-us/free/

ii. Click "Start free" and sign in with your Outlook/Hotmail account.

iii. Provide required identity verification (phone and credit card).

iv. Once logged into the portal: https://portal.azure.com/
You'll get free credits (~$200) for testing.

1. Set Up Azure Entra ID (Azure Active Directory) i. In the Azure Portal, search for "Entra ID" or go to Microsoft Entra ID.

ii. Click on “+ Create a tenant”:

iii. Choose Microsoft Entra ID (not B2C).

iv. Enter Org Name (e.g., “My DevOps Lab”)

v. Enter Initial Domain Name (mydevlab.onmicrosoft.com)

vi. Choose a region close to you.

vii. Click Review + Create → then Create.
This creates a dedicated identity directory for managing users, apps, and domains.

1. Create a DNS Zone in Azure i. In Azure Portal, search for “DNS zones”.

ii. Click Create.

iii. Select your subscription/resource group.

iv. Enter your domain name (yourbrand.com)

v. Click Review + Create → then Create.

vi. After creating your DNS zone, click on *Go to Resources
* You’ll get NS (Name Server) Records.

1. Update Nameservers in Namecheap i. If you used Namecheap domain provider, then navigate to the Domain List on your left, and click on Manage on your right.

ii. Under Nameservers, select Custom DNS.

iii. Copy the four NS records from Azure and paste them into Namecheap’s fields.

v. Save changes.

DNS propagation can take a few hours (up to 48 hours globally, but often much faster).

1. Add Custom Domain to Azure Entra ID i. Navigate to Entra ID ii. Search custom domain and click it iii. Click on Add custom domain iv. Enter your Namecheap domain (e.g., yourbrand.com). Azure will give you a TXT record to verify your domain.

When you open an Azure account, Azure will give you an automatic domain name that is different from the one you bought from a domain host (e.g Namecheap). To change the domain name Azure gave you to the one you bought
i. Go to your Entra ID
ii. Click on Identity
iii. Click on settings
iv. Click on domain name
v. Put your domain you bought
vi. Then click on Add Domain

After this, you will need to set records by
i. Go to your Entra ID and search DNS zone and click it
ii. Click on record set
iii. At the name section, type @
iv. At the type section, search txt
v. At the TTL, put hour
vi. Copy the value under the Destination or points to address in Entra ID and paste it under value in the Azure portal. Click OK to create the record set.
You will get this

vii. Go back to the Entra ID tab and navigate to the custom domain names. We want to make our custom domain we created the primary domain. It is presently not the custom domain as the default one given to us by Azure is the primary domain.
viii. Click on your domain name and tick the place that says make primary. Whatever prompt you see, click 'Yes'.
ix. If you go back to your custom domain and refresh the page, you will see that your custom domain is now the primary domain.

Conclusion
To sum this up, this tutorial offered a comprehensive method for configuring and overseeing Azure Entra ID, encompassing the creation of domain names, email addresses, and DNS zones, in addition to setting up custom domains. You can set up a safe and effective identity management system for your cloud environment by following these steps. With Azure Entra ID, you can improve security and streamline user management for both on-premises and cloud services.