In Azure

Deploying Azure AD Domain Services

No Comments

Hi,

In this article, I would like to show you how to deploy Azure AD Domain Services and what are the requirements for it.

Requirements

To deploy Azure AD DS you will need the followings:

  • Resource group for the virtual network (VNet)
  • VNet
  • Resource group for Azure AD DS
  • DNS Domain Name : workshopN.azureblog.pl

Where N is the result of the PowerShell command

Get-Random -Maximum 1024

In my case, the output from the PowerShell command is 995, that means my DNS Domain Name will be workshop995.azureblog.pl

Resource Groups deployment

Let’s deploy resource groups for our resources.

Go to Azure portal and from the left side menu chose Create a resource

On the New window type resource group under Search field.

Creating a new resource

On the Resource Group screen click Create

Resource Group creation

On the Create a resource group screen fill the required fields:

  • Subscription: In my case Azure blog (this is the name of my subscription)
  • Resource Group: Type here the name of your resource group. In my case, it will be rg-network-neu
  • Region: Chose the region that you prefer. In my case, it will be North Europe

Click Review + create when ready and confirm by clicking Create

Resource group creation

Now we need to repeat steps but with one change – resource group name will change to rg-adds-neu

So the resource groups deployment is done. Now we can move to the next step, which is VNet deployment.

Virtual Network deployment

Go to the resource group rg-network-neu and click New

Resource deployment

On the New window type virtual network under Search field

Creating a new resource

On the Virtual Network screen click Create

Virtual Network creation

On the Create virtual network / Basics screen fill the required fields:

  • Subscription: In my case, Azure blog (this is the name of my subscription).
  • Resource Group: rg-network-neu.
  • Name: Provide the VNet name. In my case, I will use the one like vnet-workshop-N – where N is the value from the prerequisites chapter.
  • Region: This value will be selected automatically.

Click Next: IP Addresses

VNet basics configuration

Remove the configuration under the IPv4 address space by clicking the blue bin next to it. Provide the new value 10.10.10.0/24

IPv4 address space

Add new subnets using add subnet button using the following settings:

  • snet_adds_neu – 10.10.10.0/27
  • snet_mgmt_neu – 10.10.10.32/27
  • snet_wvd_neu – 10.10.10.64/26
Vnet IP Addresses Configuration
  • The first subnet will be dedicated to the Azure AD DS service.
  • The second subnet will be dedicated to management resources like virtual machines, storage accounts, etc.
  • The last subnet will be dedicated to WVD resources.

Click Review + Create and then Create to deploy VNet

Azure AD DS deployment

Go to the resource group rg-adds-neu and click New

Resource deployment

On the New window type azure ad domain services under Search field

Creating a new resource

On the Azure AD Domain Services screen click Create

Azure AD Domain Services creation

On the Create Azure AD Domain Services / Basics screen fill the required fields:

  • Subscription: In my case, Azure blog (this is the name of my subscription)
  • Resource Group: rg-adds-neu
  • DNS Domain Name: this is the value from the prerequisites section.
  • Region: (Europe) North Europe
  • SKU: Enterprise

Click Next

Azure AD DS basic configuration

On the Create Azure AD Domain Services / Networking screen fill the required fields:

  • Virtual Network: chose the one that we have created vnet-workshop-995
  • Subnet: chose the one that we have created snet_adds_neu

Click Next

Azure AD DS networking configuration

On the Create Azure AD Domain Services / Administration screen fill the required fields:

  • Click on the Manage group membership to add new AAD DS Administrators

Click Next

Azure AD DS administration configuration

On the Create Azure AD Domain Services / Synchronisation screen fill the required fields:

  • Synchronization type: All

Click Next

Azure AD DS synchronization configuration

On the Review+create screen, click Create to deploy Azur AD Domain Services. Accept the reminder.

Azure AD DS summary

Now the deployment will take around 45 minutes.

After the deployment remember to change the password for the accounts that were selected as a AAD DS Administrators

Azure AD DS overview

When the status of the Azure AD DS is running you can configure the last setting, which is VNet configuration for Azure AD DS, by clicking Configure under the Updating DNS server settings for virtual network

The information above describes VNet DNS servers update for Azure AD DS.
Now you can use deployed resources for authentication purposes like Windows Virtual Desktop.

Author

Related Posts

Comments are closed.