When registering a domain with office 365, it checks if there is a root domain available in the same office 365. If there is, then it sets a property on the child domain referencing the root and it will share the same authentication realm.
If the child domain is added before any root domain then this does not happen and they will have independent authentication realms. You can see this property in PowerShell using the commands below
$domain = “xxxxx”
$RootDomainOfChild = Get-MsolDomain -DomainName $domain
Currently, when authenticating to IAM Cloud if there is a child domain that is not part of the root domain then we will need to make a manual configuration change. For such an instance Please log a support ticket and a Support Engineer will assist you immediately.
If you need any assistance please do not hesitate to contact our Technical Support Team:
IAM Cloud's Technical SupportTeam.
Support Portal: http://support.iamcloud.com
Email us: firstname.lastname@example.org
Phone (UK): +44 118 324 0000
Phone (US): +1 914 495 1298