Deploy a domain controller on Microsoft Azure Virtual Machines

Deploying a domain controller isn't a new thing in our work environment. Normally, we deploy it in on-premises environment. In this post, I won't list all the steps for deploying Active Directory Domain Services on a Microsoft Azure Virtual Machine but I will mention all things which is needed to mention.

Is it available to deploy a domain controller on Microsoft Azure environment? 

Yes.

Why do you deploy a domain controller on Microsoft Azure?

You might use Microsoft Azure for your branch office deployment. One of my projects was deployed domain controllers in world wide so I think I can apply this scenario to work with Microsoft Azure.

To deploy a domain controller on Microsoft Azure, we need notice the following things:

1. Create a virtual network and then assign IP address and DNS servers for virtual machines on Microsoft Azure

Many of you know that we need to assign a fix IP address and DNS Server for every domain controller. Even though deploy a domain controller on Microsoft Azure, we also need to assign a fix IP address and DNS server to a server. To assign  a fix IP address to a virtual machine on Microsoft Azure, we need to create a virtual network first. To create a virtual network and then assign IP address and DNS Server for Azure Virtual Machines, please read:

Configure a static IP address for a virtual machine in a Cloud-Only virtual network on Microsoft Azure

Manage DNS servers used by a virtual network (VNet)

Remark: The above screen capture is for demo environment. In production, the DNS server should point to your HQ domain controllers.

2. As mentioned branch office scenario, we may need to configure VPN connection from branch office to Microsoft Azure. To configure on-premises sites network to Microsoft Azure Virtual Network, please read:

Connect Multiple On-premises Sites to a Virtual Network

Setup VNet-To-Vnet VPN on Microsoft Azure - Part 1

Setup VNet-To-VNet VPN on Microsoft Azure - Part 2

After testing the network connection, we can do the next task.

3. Because the IP address and DNS server are assigned to a virtual machine by Microsoft Azure, we don't need to enter any IP address and DNS server inside a virtual machine.

We can perform GIP on PowerShell to check the IP settings of a virtual machine.

After that, you can promote a domain controller.

To promote a domain controller, please read:

Install Active Directory Domain Services (Level 100)

Windows 10 is coming and it supports to join Azure Active Directory. Do we still need to join the old Active Directory? Stay tuned.

This posting is provided “AS IS” with no warranties, and confers no rights!