1

Hopefully, I won't make the question very long but a little background is needed. Currently, in our office, we have 5 work stations and 2 windows server 2016. One is a domain controller and the other one with 3 hyper-v running SQL, IIS, and TFS. We also have a production server with another vendor.

Recently, we decided we will move everything to Azure. For the domain controller, we want to use AAD DS. My question is I'm having difficulties adding an azure VM to the domain controller, and as we want to keep our IIS and SQL in our office to keep the cost down that's why we will use one server in the office on running IIS and SQL. The production server will be an Azure VM and also the domain controller. That's we want to keep everything under one umbrella that 1 Azure VM, 5 Work stations, 1 On-prem Server. Azure VM will have a 1TB disk and our workstations will map those drive as everything under a single domain.

Is it possible? If it is, how can I achieve that? Small guidelines will be appreciated.

Regards eshayat

Eshayat
  • 11
  • 2

1 Answers1

0

Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, group policy, LDAP, and Kerberos / NTLM authentication that is fully compatible with Windows Server Active Directory.

I followed the following two guidelines, and got a success:

  1. Create Azure AD DS
  2. Join a Windows VM to domain

So, may I know if you have changed your password as required? :

Enable user accounts for Azure AD DS

enter image description here

I changed my password. After that, I tried to join a VM to the domain, and I was asked to provide my admin credential. I used the new credential, and successfully joined to the domain.

Jack Jia
  • 5,268
  • 1
  • 12
  • 14
  • Hey jack, Thanks for the comment. Yes, I understood the process and It works. My problem is that how can I login to the domain from my workstation without having a Domain on-prem. Meaning I want to join the domain directly outside of azure. From my SQL server or my workstation. If you have any insights on that please let me know. Thank you – Eshayat Oct 03 '19 at 03:11
  • I am afraid that you will not be able to do so. Because, a client needs to able to find the domain controller before it can join into the domain. However, you workstation is out of the Azure virtual network, so you will not able to join the Azure AD DS. – Jack Jia Oct 03 '19 at 07:33
  • Hey, Jack thanks for the reply. Let think of this way, If my router is connected to azure vNet and everyone is under the same router and can VPN into the network. Is it going to work then? – Eshayat Oct 04 '19 at 13:25