Steps to create New Active Directory forest using Azure Portal
In this blog, we will show you the Steps to create New Active Directory forest using Azure Portal.
REQUIREMENTS
- Microsoft Azure Subscription
- 2 Azure VM’s.
OVERVIEW
- We will be creating two VM’s named DC1 and DC2.
- DC1 is the primary Domain Controller and DC2 will be the fault tolerance.
CREATING RESOURCE GROUP
- Open the Azure portal and click on resource group link from the service list.
- Click on Add button to add a new resource group.
- Provide the resource group name, subscription and group location. Then click on Create button.
- Now the new resource group will be available on the list.
CREATING VIRTUAL NETWORK
- From the Azure portal, click on virtual network link from the service list.
- Click on Add button to create the new virtual network.
- Provide the Virtual network name, address space, resource group and subnet details and click on Create button.
- The new virtual network will be available on the network list.
CREATE A NEW AVAILABILITY SET
- From the Azure portal click on More services link and search for availability set.
- Click on Add button to create a new availability set.
- Provide the required information Name, Subscription, Resource Group and location details. We use the default Fault domains as 2 and Update domains as 5. Also, we are using classic storage type for this demo. Verify the provide details and click on Create button.
- The New availability set is available on the list.
CREATING DC1 VM
- From the Azure portal, click on virtual machines link from the service list.
- Click on Add button to create a new virtual machine.
- Select the Windows 2016 server from the compute list.
- Provide the basic information as the first step and click OK.
- Select the VM Size.
- From the settings screen, select our newly created high availability set.
- Select No for using managed disks. Then provide the storage account Network, Subnet, Public IP address, Network security group details. Verify the details and click OK.
- Verify the selected settings in the summary screen and click on Create button to spin up a new VM in Azure.
- After few minutes, our new VM will be available on the VM list.
ASSIGNING STATIC IP ADDRESS
- From the VM properties page, click on the Virtual Network/subnet option.
- Select the AZ-DC1 network interface under connected devices section.
- Click on the IP configuration link.
- Select the ipconfig1 option.
- Under Private IP address settings, select the assignment as static and click on Save button.
ENABLING CUSTOM DNS
- From the Azure portal, click on the Virtual network link and select our DC-VNET.
- Click on DNS Servers link.
- Select the custom tab and provide the DC1 static private IP address and click on Save button.
INSTALLING ACTIVE DIRECTORY SERVICE ON DC1 VM
- Login into DC1 VM through RDP using public IP address and open the server manager snap-in.
- From the manage option, click on Add Roles and Features option.
- From the welcome wizard, Click Next to continue.
- Select the Role-based installation.
- Click on the server from the pool list and click Next.
- Select the Active Directory Domain Services check box.
- Leave the default in the features section.
- It displays the information about active directory domain services. Click Next to continue.
- Click on Install button to install the service.
- It will take few minutes to complete the installation.
- Click on Close button to close the wizard.
PROMOTE DC1 TO DOMAIN CONTROLLER
- Click on the notifications link in the server manager and select the Promote this server to a domain controller option.
- Select the Add a new forest option and provide a domain name then click Next.
- Provide the Directory Service Restore Mode Password.
- Leave the default.
- Verify the NETBIOS name.
- We use the C:\ drive to store the Active Directory related files for this demo.
- Review the selected options and Click Next.
- It will perform the Pre-requisites check before promoting the server to domain controller. Select the Install option to start the installation.
- It will take several minutes to complete the installation.
- The server will be rebooted to complete the operation. We can now log in to the VM using azdomain.local.
CREATING AND PREPARING THE DC2 VM
- Follow the same steps which you perform earlier for DC1 VM. Make sure that you have selected correct virtual network and availability set.
- Also, change the private IP assignment for AZ-DC2 VM as static.
- Also, add the AZ-DC2 VM static IP as secondary DNS in the DC-VNET virtual Network.
- Install the Active Directory Domain Services through server manager snap-in.
PROMOTE AZ-DC2 VM AS DOMAIN CONTROLLER
- From the notification window click on promote this server to a domain controller option.
- Select the Add a domain controller to an existing domain option and provide your existing domain name and click the select button.
- Provide the domain controller login credentials and click ok.
- Select the domain from the pop-up box and click OK.
- Click Next to continue the wizard.
- Leave as default and provide a password for Directory Service Restore Mode.
- Do not change the settings of DNS delegation.
- Select the replicate from any domain controller.
- We stored the Active Directory related files in C:\ drive for this demo.
- Review the selected options.
- It will perform the Pre-requisites check and click Install to start the installation.
- It will take several minutes to complete the installation.
- The server will reboot to complete the installation. Once it’s back to online we can login into AZ-DC2 VM in your domain.
- AZ-DC2 VM has been added to AZDOMAIN.LOCAL domain.
Reference Links
https://www.assistanz.com/microsoft-azure-availability-sets/
https://www.assistanz.com/steps-to-add-existing-vm-into-high-availability-set/
VIDEO
Thanks for reading this blog. We hope it was useful for you to learn about creating AD forest using windows 2016 in Azure portal
