Step-by-Step Add AZURE Active Directory DS to your AZURE Subscription

In this post I will describe how to add AZURE Active Directory Domain services to your tenant using AZURE Portal and create a VM then join it to the created domain.

Login to AZURE Portal











Create new resource group




Click review and create




 Search for AZURE AD DS and choose AZURE AD Domain Services



Click ADD
Choose subscription and resource group




After filling the required fields click Next




Choose the default VNet & Subnet or customize as per your requirement






















Add more Administrators If needed or accept the default then click next





Accept the default then press Next














After validation complete press create















Press Ok to start creating AZURE AD Domain Services

It might take an hour to be finished

























































Click view health




Now let’s create a VM in the same VNet and try to join AZURE AD DS


From home page click create resource








Choose compute then select virtual machine


















Fill the required fields the click Next

















In the Disks page accept the defaults then click next
















In the Networking page accept the defaults then click Review + Create















Then click create
After creation completed you will be able to connect to your VM





















Click Connect  RDP
















Click download RDP File then connect to the created VM

Connect to the virtual machine using the credentials you supplied in the creation wizard















Now let’s try to join the domain



Click computer name then click change




































































































































This failed because AZURE Active Directory Domain Services requires the legacy password of NTLM for authentication because this is a cloud only account.

To solve this Issue we have to go back to AZURE active directory from the portal and search for that user and reset the password.






















Click users
And choose the user you tried joining using it and reset password






















Click reset password
And in private browser window update the password then wait for 30 Minutes


Now let’s try to join the domain using the new password


















































































After restarting you will be able to login using the domain user 













































References







Comments

Popular posts from this blog

Azure AD DS Highlights