Microsoft 365 Admin – Day-1 Real-World Setup (Beginner Friendly)

🎯 Goal of Day-1

Set up a new Microsoft 365 tenant securely and professionally, just like a real IT/M365 administrator would do on Day-1 in an organization.

🧱 DAY-1 TASK BREAKDOWN (Industry-Style)

1️⃣ Access Microsoft 365 Admin Center

Steps

Open: https://admin.microsoft.com
Sign in using Global Admin credentials
Verify you can access:
- Users
- Teams & groups
- Security
- Billing
- Settings

Real-World Tip

First login should always be done using Global Admin, but daily work should use a non-admin account.

2️⃣ Verify & Add Custom Domain

Why?

Professional email addresses (@company.com)
Required for production use

Steps

Admin Center → Settings → Domains
Click Add domain
Enter domain name
Copy TXT record
Add TXT record in domain provider (GoDaddy / Namecheap / Hostinger)
Click Verify
Set domain as Default

DNS Records to Add

Type	Purpose
TXT	Domain verification
MX	Email delivery
CNAME	Autodiscover
SPF	Anti-spoofing

3️⃣ Create Core Admin Accounts (Must-Have)

Accounts to Create

Account	Role
globaladmin@domain.com	Global Admin
m365admin@domain.com	Admin tasks
breakglass@domain.com	Emergency access

Steps

Users → Active users → Add user
Assign licenses later
Assign admin roles

Best Practice

🚨 Break Glass Account

No MFA initially
Very strong password
Used only during tenant lockout

4️⃣ Enable Security Defaults / MFA

Steps

Admin Center → Identity → Azure AD
Properties → Manage Security Defaults
Enable Security Defaults

What This Enables

✔ MFA for admins
✔ MFA for users
✔ Legacy auth blocked

5️⃣ License Assignment (Basic Setup)

Common Licenses

Microsoft 365 Business Basic
Business Standard
Business Premium

Steps

Billing → Licenses
Assign license to admin & test user
Verify services:
- Exchange
- OneDrive
- Teams
- SharePoint

6️⃣ Create Initial Test Users

Example Users

Name	Purpose
user1@domain.com	Regular employee
hr@domain.com	HR mailbox
it.support@domain.com	Support mailbox

Steps

Users → Add user
Assign license
Login once to initialize mailbox

7️⃣ Exchange Online – Day-1 Checks

Tasks

Verify mailbox creation
Check Outlook Web Access
Confirm MX records working

Optional (But Good)

Create shared mailbox
Assign permissions

8️⃣ Teams & SharePoint Validation

Teams

Login as user
Open Teams Web/App
Confirm chat & meeting access

SharePoint

Open SharePoint Admin Center
Check default site
Verify OneDrive access

9️⃣ Baseline Security Checks

Must-Do

Confirm MFA working
Disable legacy protocols
Check sign-in logs

Tools

Entra ID → Sign-in logs
Microsoft Defender portal

🔟 Documentation (Very Important)

What to Document

Tenant name
Admin accounts
Domain DNS records
License type
MFA status

📌 This is what real admins must do but beginners often skip.

📌 Day-1 Outcome (What You Achieved)

✔ Tenant ready
✔ Custom domain active
✔ Secure admin access
✔ Users created
✔ Email + Teams working
✔ Security baseline applied

Next Steps (Day-2 Ideas)

Conditional Access
Mail flow rules
Anti-phishing
Intune basics
Backup strategy

🎯 Goal of Day-1

🧱 DAY-1 TASK BREAKDOWN (Industry-Style)

1️⃣ Access Microsoft 365 Admin Center

Steps

Real-World Tip

2️⃣ Verify & Add Custom Domain

Why?

Steps

DNS Records to Add

3️⃣ Create Core Admin Accounts (Must-Have)

Accounts to Create

Steps

Best Practice

4️⃣ Enable Security Defaults / MFA

Steps

What This Enables

5️⃣ License Assignment (Basic Setup)

Common Licenses

Steps

6️⃣ Create Initial Test Users

Example Users

Steps

7️⃣ Exchange Online – Day-1 Checks

Tasks

Optional (But Good)

8️⃣ Teams & SharePoint Validation

Teams

SharePoint

9️⃣ Baseline Security Checks

Must-Do

Tools

🔟 Documentation (Very Important)

What to Document

📌 Day-1 Outcome (What You Achieved)

Next Steps (Day-2 Ideas)

Leave a Reply Cancel reply