Setting up a Domain Controller on Microsoft Azure Virtual Machine

Installing a Domain Controller on Microsoft Azure Virtual Machine turned out to be quite a challenge and it was not even the primary task I was trying to achieve this weekend. I was trying to setup a Microsoft CRM VM on Azure and it all lead to 24 Hours of learning on Azure Services and Azure Powershell. I am used to setting up a separate Active Directory Server when installing CRM or SharePoint locally (Standard or Enterprise SharePoint installations don’t allow installing AD on the same machine anymore) – what I understood from the effort is that if you are new to Azure, the order of the following steps are really important.

1. Setup a Virtual Network (VNet) under your Microsoft Azure Subscription.
2. Select New > Network Services > Custom Create.
• Give your Virtual network a name and click Next.
• Leave the DNS Servers Empty for now – we will come back to it after our AD Forest and DNS Server are all setup.
• Click Next and leave Virtual Network Address Spaces to Default 10.0.0.0 subnet
3. Create the first domain controller Virtual Machine  – New > Compute > Virtual Machine > From Gallery.
• Select “Windows Server 2012 R2 Datacenter”, give your Virtual Machine a Name and specify a username / password
• In Virtual Machine Configuration, Select a new Cloud Service (if you are setting up a second domain domain controller, you will have to select the same Cloud Service)
• Select your virtual network that you setup in Step 1 in the Region / Affinity Group / Virtual Network.
• Select the default storage account (or the same storage account as the first DC machine if you are adding more than one DCs)
• Create an Availability Set for your first DC VM (You will have to add all subsequent DC VMs in the same Availability Groups)
• Click Next and check “Install the VM Agent” and Clock Complete.
4. You can also setup more than one Domain Controllers by following additional information mentioned in Step 3.
5. Setup Static Internal IP Addresses for each of your DC VMs. (You can use Azure Powershell Console on your local machine to setup the Static Internal IPs – you may have to install the Azure SDK on your local machine to get the Azure Powershell. The SDK also installs some great Visual Studio Tools for you if you have Visual Studio 2013 Update 3 or above)

PS C:\> Get-AzureVM -ServiceName AleemVNet2DC -Name AleemVNet2DC | Set-AzureStaticVNetIP -IPAddress 10.0.0.4 | Update-AzureVM



6. Attach a new Empty Hard Disk to each of your DC VMs. This disk will be used for saving the Active Directory Files, Logs etc.
• Go to the Azure Virtual Machines dashboard on Azure Portal and clock “Attach” in the bottom Ribbon options – Select “Attach an Empty” disk and create a new empty disk – specify name and size of the disk (say 10 GB).
• Repeat this step for each of your DC VMs
7. Login to the DC VM and Setup the new attached disk
• Go to Server Manager > Storage > Disks and select the new attached disk.
• Right Click and Create a New Volume on the disk.
• Select all default options and complete the wizard.
• A new NTFS Volume will be created on the new disk.
8. Go to your Virtual Network (VNet) created in Step 1
• Select the Virtual Network and Select Configure
• Under DNS Servers enter the server name and Static IP Address of your DC Server
• If you are planning to setup multiple DCs, then enter all the server names and static IPs that you have setup in Step 5.
9. Login to your Domain Controller VM and install the Active Directory using the Roles and Features Wizard.
• Go to Server Manager > Manage > Add Roles and Features > Active Directory Services.
• Complete the Wizard and the Installation
• After your installation is complete, the server will ask you to configure your feature and if you want to promote this active directory server as domain controller.
• Complete the Configuration on the Primary Server.
• The system will ask for a server restart.
• In case if you are installing multiple DCs, you will have to join all other DC machines to the primary domain first by logging in to the VM – then repeat the same steps of installing and configuring the Active Directory and promoting the server as a Domain Controller
• You will have to specify the same domain name for secondary controllers and also select the replication from primary server option during the domain controller configuration. Apart from that the configuration is the same as primary server.
10. Restart the machines and your domain Controller should be up and running with multiple redundant DCs (in case of multiple DCs).

The following article http://azure.microsoft.com/en-us/documentation/articles/active-directory-new-forest-virtual-machine/ on Azure website was extremely helpful but since I am new to Azure and still figuring out the Powershell commands and the order order of all the steps mentioned above. In the end it all worked out and I have an AD Forest on an Azure Virtual Network with two replicated Domain Controllers under a single Azure Cloud Service and an Availability Set.