Step by Step Procedure to install a new Active Directory Forest in Microsoft Azure Portal

Technical Description:

We are all aware of implementing an Active Directory Infrastructure in On-Premise environment, and we know how to join them to the domain.

We can achieve this scenario in Microsoft Azure by following some additional steps which are different from On-premise implementation

How does this differ from On-Premise:

1. Create a Virtual Network in Azure
2. Create A VM in Azure Portal
3. Set a static IP address by power shell command (Get-AzureVM -ServiceName AzureDC1 -Name AzureDC1 | Set-AzureStaticVNetIP -IPAddress <> | Update-AzureVM)
4. Attach a Virtual Disk to newly Created VM
5. Install Windows Server Active Directory ( This step is same as on-prem)
6. Set DNS address on the Virtual Network properties
7. Reset DNS server for Azure Virtual Network
8. Create a VM and join to the domain

Considerations :

Azure network is not connected to On premise Network. For connecting Azure Network to On premise, we have to set up a Site-Site VPN in Azure portal.

1. Creating Virtual Network in Azure Portal 

Sign in to Azure portal

Navigate to New-> Network services-> Virtual network-> Custom Create

Virtual Network Details : Enter a name for your Virtual network

Region : Choose a region which is closest

DNS and VPN : Leave DNS server blank and dont select VPN option either

Virtual Network Address Spaces :

Subnet name : Enter a name for your Subnet

Starting IP : 10.0.0.1

CIDR:/24 (256)

2. Create a VM in Azure Portal :

We have to create 2 VM’s. One VM is for AD and other VM is to join to the domain.

Navigate to New->Compute-Virtual Machine->From Gallery

Choose windows server 2012 Data Center image

Create a cloud Service and Select the virtual network which was created earlier

Map it to storage account and select the availability set if created earlier. Or else create them

Reserve a static IP address for VM that will run the DC role. To reserve a static IP address, download the Microsoft Web Platform Installer and install Azure PowerShell and run the Set-AzureStaticVNetIP cmdlet. For example:

‘Get-AzureVM -ServiceName AzureDC1 -Name AzureDC1 | Set-AzureStaticVNetIP -IPAddress 10.0.0.4 | Update-AzureVM

4. Attach a Virtual Disk to the Newly Created VM 

5. Install Windows Server Active Directory

This is same as we do in On-prem.  Add Active Directory Domain Services from the roles and proceed for the next steps. Be sure that the Sysvol location should be changed from default C drive to the other drive which we added before

6. Set DNS address on the Virtual Network properties 

7.Reset DNS server for Azure Virtual Network

Reset the DNS forwarder setting on the new DC/DNS server.

1. In Server Manager, click Tools > DNS.
2. In DNS Manager, right-click the name of the DNS server and click Properties.
3. On the Forwarders tab, click the IP address of the forwarder and click Edit. Select the IP address and click Delete.
4. Click OK to close the editor and Ok again to close the DNS server properties.
5. Restart the DC and join with Domain Credentials

8. Create a New VM and join to the domain.

Create a new VM from the gallery and select the Cloud service and Virtual Network which were created.

Go to the server manager and change the VM from workgroup to the domain. Enter the domain credentials to join the VM to the domain