Skip to main content

Active Directory: Setting Up on Azure

·3 mins
Table of Contents

This lab outlines the process I followed to set up and install Active Directory on Azure, including configuring VMs and promoting the domain controller.

VM Configuration Setup #

I will be using two VMs in Azure, both located within the same:

  • Resource group
  • Region
  • Virtual network

To proceed, we need to configure the VMs. The image below on the left shows the default configuration. In this setup, the dc-1 VM will serve as the domain controller, while the client-1 VM will act as the client, which will later join the domain in a subsequent lab. To properly configure the VMs, the domain controller must be assigned a static private IP, and the client’s DNS server should be set to the domain controller’s private IP.

Default Configuration
New Configuration

Domain Controller Configuration #

Once you have completed the configuration in the Azure portal, log into the domain controller (dc-1). To simplify the setup, we will disable the Windows Firewall by setting the Firewall state to Off for the following profiles:

  • Domain Profile
  • Private Profile
  • Public Profile

Imgur
Disable Windows Firewall

Client Check #

At this point, you should be able to ping the dc-1 from within the client-1 VM. If you receive a reply, you’re all set!

Next, verify that the DNS settings are correctly configured. Open PowerShell as an administrator and run the following command:

ipconfig /all

Imgur
DNS for Client-1

If the DNS matches the private IP of the domain controller, you’re all set! If not, ensure that the correct DNS is configured in the Azure portal, then restart client-1 and run the command again.

Installing Active Directory #

Open Server Manager on the domain controller and select Add Roles and Features. During the installation process, ensure you select Active Directory Domain Services under Server Roles, then proceed with the default options for the rest.

Once the installation is complete, we need to promote the server to a domain controller. In Server Manager, you’ll notice a warning icon at the top-right corner under a flag. Click on the flag, then select Promote this server to a domain controller. Create a new forest and specify a domain name (e.g., mydomain.com). Set a password for the domain, uncheck Create DNS delegation, and proceed with the default settings to complete the installation.

Important Note #

Now that dc-1 is configured as the domain controller, you can log into the domain using a local account while specifying the domain name. For instance, I created a user called labuser.

To log in, use the following format:

mydomain.com\labuser

If you’re using Linux, refer to this post for instructions on connecting to Windows.