Welcome to the inaugural project in a comprehensive series of tutorials focused on Azure and Active Directory implementation. This initial project serves as the foundational cornerstone and setup for the subsequent parts of this tutorial series. The primary objective is to lay the groundwork for a simple lab environment on Azure to simulate the environment in which Active Directory is employed within an enterprise setting.

In this first project, I will configure and interconnect two virtual machines, each assuming distinct roles. The first virtual machine will be designated as the Domain Controller. The second virtual machine will be configured as the Client.

• Configure the Domain Controller virtual machine
• Establish the Client virtual machine

• Enable a connection using remote desktop connection

• Undertake a basic inspection of the network traffic between the Domain Controller and Client virtual machines.

• Microsoft Azure (Virtual Machines/Compute)
• Remote Desktop
• Active Directory Domain Services
• PowerShell

• Windows Server 2022
• Windows 10 (21H2)

• Create a virtual machine on Azure.
• Name it DC-01
• Select Windows Server 2022: Azure Edition - x64 Gen2 as the image

.

.

.

NOTE: Make sure to select at least 2 vcpus and 16 GiB memory and take note of the vnet that the VM has created.

.

.

.

• Once the VM has been deployed, proceed to the VM overview page and select "Networking" on the left side.

• Select Network Interface Card -> IP configurations -> ipconfig1 and set Private IP address allocation to static.

.

.

.

• Once again create a new VM and we'll name it Client-01. We'll select Windows 10 as the image and make sure to select at least 2 vcpus and 16 GiB memory.

NOTE: Make sure to select the same resource group and vnet from the DC-01 VM

.

.

\

.

.

.

• Now finalize everything and wait for its deployment.

.

.

.

To ensure connectivity between the two VM's, we will ping the domain controller from the client.

• First login to the Client-01 using it's public ip address and remote desktop

.

.

.

.

.

.

Find DC-01's private ip address in the Azure Portal and copy it. Proceed to Client-01 and open the terminal and type "ping -t (DC-01 private ip address)"

Now notice how the request timed out, this is because ICMP v4 traffic is blocked by default on DC-01's firewall. So we will have to enable inbound ICMP traffic to allow for Client-01's ping.

.

.

.

Login to DC-01 using remote desktop and open windows defender firewall and select advanced settings. Sort by protocol and find both ICMP echo requests and enable both these rules by right clicking and selecting enable rule.

.

.

.

Now once the traffic has been enabled, you can check back with Client-01 and notice that the ping is now successful.

We've completed the foundational setup for our Azure and Active Directory project series. By configuring two virtual machines, we've laid the groundwork for implementing the subsequent set of projects. In this project, we focused on establishing a Domain Controller and a Client machine, enabling remote access, and briefly examining network traffic between them. Moving forward, this foundation will help implement more advanced configurations and practical scenarios in Azure and Active Directory.