Bridging on-premises Directory Services and Azure Active Directory is one of the more common tasks an Azure Engineer is likely to be faced with in this hybrid cloud-centric age. In this hands-on lab, the student will deploy an Azure Virtual Machine and install directory services to it. Then the student will install the Azure Active Directory Connect software, attaching it to the local domain in preparation for a future connection to Azure AD.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create and Deploy a Virtual Machine
Use ‘West US’ when asked location and asked for a resource group.
Deploy a VM:
- The VM name can be anything (MythicalDC001 in this example).
- The VM should be imaged with Windows Server 2019.
- The VM Size should be B2ms.
- UThe sername/Password can be anything (mythicaladmin and Crystal1Montana! in this example).
- Change Public Inbound Ports to None.
- Set NIC NSG to Advanced.
- Set Boot Diagnostics to Off.
- Ensure Port 3389 Is Open, Connect RDP to Server, and Install the ADDS Role
Install Active Directory Domain Services:
- Copy the Public IP from the VM Overview.
- Create the inbound exception in NSG for Port 3389.
- Connect via RDP to the Public IP. We recommend using the latest official RDP client. Make sure you choose to Connect to an admin session.
- Disable IE Enhanced Security Configuration.
- Right-click the server name and install ADDS Role.
- Promote Server to Domain Controller, and Download and Install Azure AD Connect
Note: Being unable to complete the install of AD Connect is to be expected.
Promote to DC and Install AD Connect:
- Click the promote link after ADDS role installs.
- Create a new Forest. It can be named anything (mythical.domain, in this example).
- DSRM password can be anything (Crystal1Montana!, in this example).
- After the server reboots, reconnect via RDP.
- Download Azure AD Connect software via Internet Explorer.
- Install Azure AD Connect software.