This topic is part of a series about how to deploy a Windows Server 2016 RDS farm in Azure. In the previous topics, we have deployed Microsoft Azure resources such as networks, storage or virtual machines. In this topic, we will configure domain controllers to extend the On-Premise Active Directory to Microsoft Azure Before following this topic, the previous articles of this series must be followed. This series consists of the following topics:
- Deploy a Windows Server 2016 RDS Farm in Microsoft Azure
- Create Microsoft Azure networks, storage and Windows image
- Deploy the Microsoft Azure Virtual Machines
- Configure Domain Controllers
- Deploy the RDS farm
- Configure File Servers for User Profile Disk (UPD)
- RDS final configuration
Prepare the On-Prem Active Directory
In the following screenshot, you can find the current sites and services configuration. I have two sites with a replication link.
Now I’m going to create a new site, subnets, and a new replication link with PowerShell:
$OnPremSite = "Lyon-HyperV"
$AzureSite = "Azure"
$AzureDesc = "Azure AD Site"
Try {
New-ADReplicationSite -Name $AzureSite `
-Description $AzureDesc `
-ErrorAction Stop
New-ADReplicationSubnet -Name 10.11.0.0/24 `
-Site $AzureSite `
-ErrorAction Stop
New-ADReplicationSubnet -Name 10.11.1.0/24 `
-Site $AzureSite `
-ErrorAction Stop
New-ADReplicationSiteLink -Name $($OnPremSite + "-" + $AzureSite) `
-ReplicationFrequencyInMinutes 15 `
-InterSiteTransportProtocol IP `
-SitesIncluded $OnPremSite, $AzureSite `
-Cost 200
-ErrorAction Stop
}
Catch {
Write-Output $Error[0].Exeption.Message
}
The following screenshot presents the sites and services configuration after that I have run the script.
Below you can find the subnets configuration.
Azure VM configuration
First of all, I set to static the IP address of my domain controllers:
- AZADS0: 10.11.0.20
- AZADS1: 10.11.0.21
Then I change the DNS configuration. AZADS0 is bound to On-Prem domain controllers.
AZADS1 is bound to AZADS0 and an On-Prem domain controller.
Thanks to this configuration, both domain controllers are able to resolve the On-Prem domain DNS name (called homecloud.net).
Operating system configuration
Now I’m connecting to each domain controller (across the private IP because VPN is established) and I create a new volume on the data disk. I run the following PowerShell cmdlet:
Initialize-Disk -Number 2 New-Volume -DiskNumber 2 -FriendlyName Data -FileSystem NTFS -DriveLetter E
Then I install the domain service and DNS role:
Install-WindowsFeature AD-Domain-Services, DNS -IncludeManagementTools
Next I add promote the server as a domain controller:
Import-Module ADDSDeployment Install-ADDSDomainController ` -NoGlobalCatalog:$false ` -CreateDnsDelegation:$false ` -Credential (Get-Credential) ` -CriticalReplicationOnly:$false ` -DatabasePath "E:\NTDS" ` -DomainName "homecloud.net" ` -InstallDns:$true ` -LogPath "E:\NTDS" ` -NoRebootOnCompletion:$false ` -SiteName "Azure" ` -SysvolPath "E:\SYSVOL" ` -Force:$true
Once each Azure domain controllers are promoted, I open again the Active Directory Sites and Services. You can see now that both Azure Domain Controllers are located in Azure AD site.
Next topic
In the next topic, I will deploy the RDS Farm with all roles in High Availability. I’ll try to make the most PowerShell possible.
