Giters

whitneydawson123 / active-directory

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Microsoft Active Directory Logo

On-premises Active Directory Deployed in the Cloud (Azure)

This tutorial outlines the implementation of on-premises Active Directory within Azure Virtual Machines.

Environments and Technologies Used

  • Microsoft Azure (Virtual Machines/Compute)
  • Remote Desktop
  • Active Directory Domain Services
  • PowerShell

Operating Systems Used

  • Windows Server 2022
  • Windows 10 (21H2)

High-Level Deployment and Configuration Steps

  • Setup Resources in Azure
  • Ensure Connection between Client and Domain Controller
  • Install Active Directory and Admin Creation
  • Create Client Users using Powershell Script

Deployment and Configuration Steps

Create the Domain Controller VM (Windows Server 2022). I named it DC-1. Set up Domain Controller's Network Interface Card (NIC) Private IP address to be static DC-1 -> networking -> NIC -> IP configurations.

Step 1 Step 2

Now create the Client VM (Windows 10) named Client-1. Use the same Resource Group and Vnet that was created in the DC-1 step.


Step 3 Step 4 Step 5

Make sure client-1 and dc-1 are on the same Vnet and resource group. Then, log in to Client-1 with Remote Desktop and ping the DC-1's private IP address with ping -t.

Notice that we are getting "request timed out" Let's fix that! Login to DC-1 and make sure to keep Client-1 open.


Step 6

Go to the search bar and search for wf.msc go to Inbound Rules in the top left and sort by protocol. Enable Core Networking Diagnostics - ICMP Echo Request. Enable both Private and Domain Profiles.


Step 7

Now go back to Client-1 and the ping should now be succeeding.


Step 8 Step 9

Now, it is time to install Active Directory. Go to DC-1 and go to server manager -> add roles and features -> then check the "Active Directory Domain Services".


Step 10 Step 11

Once you have installed that and are now on the main server control page. Click on the yellow triangle and click promote this server to a domain controller. Click Add a new forest and enter any domain name you want. I chose mydomain.com. Restart and then log back into DC-1 as user: mydomain.com\labuser


Step 12 Step 13

Go to Active Directory Users and Computer (ADUC) and create an Organization Unit (OU) called "_EMPLOYEES" and another OU called "_ADMIN".


Step 14 Step 15

In _ADMINS create a new employee named Jane Doe with the username of jane_admin. Add jane_admin to the Domain Admins Security Group. Log out of the Remote Desktop connection and log back in as mydomain.com\jane_admin.


Step 16 Step 17

Go back to the Azure Portal and set Client-1's DNS settings to the DC's Private IP address. Restart Client-1 and then log back in through Remote Desktop with labuser. Join Client-1 to the domain and the computer will restart.


Step 18 Step 19

Log into Client-1 as mydomain.com\jane_admin and open system properties. Click remote desktop. Then, allow domain users to access the remote desktop. You can now log into Client-1 as a non-administrative user.


Step 20

Log into DC-1 as jane_admin. Open Powershell ISE as an administrator. Then I paste the Powershell script I created and hit the start green arrow.


Step 21

Then, I log out of my Client-1 desktop and logged back in with one of the accounts the PowerShell script just created.


About