Harish Kaushal Blog

Office 365 Exchange Online and Identity Online Blog

Unable to remove domain from Office 365? Here is the script which can help!!

When we should use this script?

When you are trying to remove a domain from one Office 365 tenant and want to verify domain on another tenant but you are unable to remove and getting errors like below.

Remove-MsolDomain : Unable to remove this domain. Use Get-MsolUser -DomainName<domain name> to retrieve a list of objects that are blocking removal.
At line:1 char:18
+ Remove-MsolDomain <<<< -DomainName <DomainName>
+ CategoryInfo : OperationStopped: (:) [Remove-MsolDomain], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.DomainNotEmptyException,Microsoft.Online.Administration.Automation.RemoveDomain

Remove-MsolDomain : Unable to complete this action. Try again later.
At line:1 char:1
+ Remove-MsolDomain -DomainName peppromotions.com –Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [Remove-MsolDomain], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InternalServiceException,Microsoft.Online.Adm
   inistration.Automation.RemoveDomain

What is the reason for these errors?

We get this error when domain we are trying to remove is getting consumed in any of the Office 365 User or Exchange Recipient or Azure AD. So in order to release the domain first we need to remove all the references for that domain from Office 365, Exchange online and Azure.

So this script will help you in finding out where all domain is getting used.

What do you need to know before you begin?

Need an admin account who is Global admin for Office 365, Exchange Online and Azure AD.

Windows PowerShell.

Azure AD and MSOnline modules installed.(Note: If not installed script will guide you in installing them)

How to download?

Download Link :- version-2

What all this script will do?

Checks for all the modules required to perform steps in the steps and if they are missing it will guide to install.

Checks for domain references under users in Office 365 and extract CSV file.

Checks for domain references under recipients in Exchange Online and extract CSV file.

Checks for domain references in Azure AD and extract CSV file.

Helps in removing Azure Apps consuming the domain we want to remove.

If no references found then helps in removing domain.

How you can use it?

1. Save attached and extract attached script. It should contain below files.

scripts

2. Open windows PowerShell as administrator and run below command to set execution policy.

Set-ExecutionPolicy Unrestricted -Force

3. Run below command to set directory where script is extracted and import module.

cd “Directory where scripts extracted”

Import-Module .\DomainScriptModule.psm1

Once you run above command it will give you below warning four time as this script is not signed so you need to type “R” to allow this script.

Security warning
Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your
computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning
message. Do you want to run D:\Scripts\DomainScript\DomainScript\DomainScriptModule.psm1?
[D] Do not run  [R] Run once  [S] Suspend  [?] Help (default is “D”): R

4. Once you allow script it will start checking if AzureADPreview module is installed or not, if not it will give you an option to install as in my case its not installed so i selected Y in below option. It will perform same steps for MsOnline module and give you link if not installed.

modulecheck

5. In my case MsOnline module is also not installed so it will check and provide me an link to download module. Download module from listed link and re-import module.

msonlinemodule

6. Once all module check passes it will import module and ask for Global admin credentials which is global admin for Office 365, Exchange online as well as Azure AD.

creds

7. After entering credentials it will connect to Office 365, Exchange online and Azure AD.

8. Once connected run below command.

Domain-RemovalScript

9. After executing above command it will ask for domain name which you want to remove. In my case i am typing abc123.com

Type domain you want to remove: abc123.com

nouserdomain

10. Once you type above command it will do below checks.

If domain exists on the tenant or not?If Yes, then continue otherwise Stop.

How many Msol users consuming domain?

How many Exchange Online users consuming domain?

How many Azure objects consuming domain?

If no reference found in any of the service then ask if you want to remove the domain or not.

11. In step 9, domain i used doesn’t have any object reference so we get Green output and its asking if we want to remove the domain or not.

12. If i try domain which has object references in Office 365, Exchange and Azure output should look like below.

It will show you MSOL users which are consuming this domain.

It will ask for CSV file where you want to export the data of MsolUsers.

It will show you Exchange recipient and there type which all are consuming this domain and extract CSV.

It will show you Azure Apps which are consuming this domain and extract them to a CSV.

It will also give you option of you want to remove shown apps or not, if you select Yes, it will remove the apps.

userdomain

13. Once you remove all the references run below command again to check and if all green, remove the domain.

Domain-RemovalScript

I hope it helps. Please do share your feedback in comments and it you run into any issues please feel free to share it in comments.

Thanks,

Harish