Bridging On-Premises Directory Services and Azure Active Directory is one of the more common tasks an Azure Engineer is likely to be faced with in this Hybrid Cloud centric age.
In this hands-on lab, engineers will deploy an Azure Virtual Machine and install directory services to it, then install the Azure Active Directory Connect software, attaching it to the local domain in preparation for a future connection to Azure AD.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create and Deploy a Virtual Machine
Use ‘West US’ when asked location and asked for a resource group.
Deploy a VM:
- The VM name can be anything (
MythicalDC001
in this example). - The VM should be imaged with Windows Server 2019.
- The VM Size should be
B2ms
. - Username/Password can be anything (
mythicaladmin
andCrystal1Montana!
in this example) - Change Public Inbound Ports to
None
. - Set NIC NSG to
Advanced
. - Set Boot Diagnostics to
Off
.
- The VM name can be anything (
- Ensure Port 3389 is open, RDP to server, and install the ADDS Role.
Install Active Directory Domain Services:
- Copy the Public IP from the VM Overview.
- Create the inbound exception in NSG for Port 3389.
- Set RDP to the Public IP.
- Disable IE Enhanced Security Configuration.
- Right-click the server name and install ADDS Role.
- Promote Server to Domain Controller, then download and install Azure AD Connect
Note: Being unable to complete the install of AD Connect is to be expected.
Promote to DC and Install AD Connect:
- Click the promote link after ADDS role installs.
- Create a new Forest. It can be named anything (
mythical.domain
in this example). - DSRM password can be anything (
Crystal1Montana!
in this example) - After the server reboots, reconnect via RDP.
- Download Azure AD Connect software via Internet Explorer.
- Install Azure AD Connect software.