In this post, I will walk you through setting up AD on Azure VM for other VM to access RDP via AD.
Let’s begin by creating two VMs, one is for AD server and other is app1.
<<– created VM for AD server
Click the checkbox for ‘Active Directory Domain Services’ and click Add Features in the dialog displayed.
The installation for AD will begin.
After the installation completes, you will see exclamation icon indicating further actions as shown below.
If you click on the icon, the dropdown box will display the further action messages. Click the ‘Promote this server to a domain controller’
If that, you can see below new popup window to configure AD.
We should select the ‘Add a new forest’ button to new create AD then type your domain name which I had typed ‘contoso.com’ for my test.
Click on the ‘next’ button after typing the domain name.
When the Directory Service Recovery Mode pane is shown, type the password of the DSRM.
Type your password for a DSRM.
Type the NetBIOS domain name.
For this tutorial the default AD DS database directories will be used as illustrated below
All the configuration is shown for review in the review window
AD DS configuration wizard will verify all required prerequisites.
The following dialog displays if all the required prerequisites check are met.
AD DS configuration wizard will start installation.
The VM will be rebooted after the installation is completed and can be accessed via RDP. This is as illustrated below :
The screenshot below shows after the reboot and AD is ready for use.
Now, let’s create new user to test. Press right mouse button on the AD DS like below then press ‘Active Directory Users and Computers’
After press the option, you can see new popup window and right mouse button on the Users directory then move ‘New’ -> ‘User’
In the new window is type user information.
The confirmation dialog will be shown to confirm the user creation as displayed below.
After created the new user, this user will be only added to the ‘Domain Users’ group by default.
If the user is not added to the ‘Domain Admins’ group, you will have an error as shown below when adding a VM domain user privileges.
If you don’t want to add the user into the Domain Admins group, you can do it but you need to other process for the user to access RDP via domain service. This is skipped at this moment.
The tutorial has covered creating new VM for AD and installed the AD DS features.
Next task is to create new VM for access to VM via AD. Before creating new VM, let’s move to define DNS for the virtual network
which included the both of the VMs. The virtual network has two subnets which one is the ‘adnet’ for the AD DS and other is the ‘appnet’ for the app1 server.
The AD server will be DNS for the virtual network so I moved azure portal -> virtual network -> DNS then changed to the custom DNS like below.
After configuring DNS for the virtual network, create new VM for testing and I will skip to create VM steps.
My test VM name is ‘app1’ and let’s start to see how to access to the VM via AD now.
Here is app1’s information before joining to domain service,
the workgroup is default(WORKGOUP) and full computer name is just app1.
Let’s move to join AD DS. Open your file explorer(1) -> This PC(1) -> click right button of mouse on it(1) -> Properties(1)
then press the ‘Change settings’(2) in the computer name, domain, and workgroup settings tap.
Click the ‘Change’ button(3) then you can see the popup window(4). Type the domain name in the text box then click ‘OK’(4)
The Windows Security dialog will be shown requesting for AD Administrator username and password.
Provide the username and password to complete the request. If the created new user is administrator, you can use the user.
The following dialog will be shown if the VM is joined to the Domain successfully.
Click the ‘OK’ button and the VM will be rebooted to apply the new changes.
After rebooting the VM, provide the username with the domain suffix to login.
Then open file explorer to verify then move ‘This PC’ -> properties then you can see the changed information which joined your domain like below.
This is how AD DS can be configured and a VM can be added to the newly created domain.