Installing a new Active Directory infrastructure in Windows Azure
In the course of this article, I will discuss the deployment of a new Windows Azure Active Directory service and the addition of new virtual machines. Before you begin deploying Active Directory, you must:
• Configure Virtual Networking , including the Affinity Group .
• Create a storage account.
• Install Windows PowerShell .
1. Start Windows Azure PowerShell , and run the following command:
2. Next, connect the appropriate modules:
')
3. You must download the .publishsettings file of your Windows Azure subscription in order to save yourself from the initial settings on subsequent launches:
4. Next, launch Windows Azure PowerShell ISE :
5. Paste the following script in Windows Azure PowerShell ISE and edit the script under your subscription: the path to PublishSettingsFile , SubscriptionName , StorageAccount , etc.
6. Make sure that the script is working correctly, you can, by viewing the progress of work on the Windows Azure portal:
Windows Azure Management Portal
7. Next, an Empty Disk must be attached to the previously created virtual machine:
Attaching an empty disk
8. To connect to a virtual machine, click Connect and download the .rdp profile to make a remote connection.
Disk initialization
1. Connect to the virtual machine using the previously downloaded remote connection profile .rdp .
2. After connecting, run the IPConfig command to get the IP address.
3. Open Computer Management to initialize the attached early disk.
4. Start the Active Directory Domain Services Installation Wizard with the DCPromo command.
Add AD DS Role
5. Select Create a domain in a new forest .
Create AD DS
6. Name the Forest Root Domain and specify the functional level as Windows Server 2008 R2 . To create a DNS server, leave the standard selection.
7. Since when using a Windows Azure virtual machine, the IP address is assigned only while this virtual machine is running, click Yes, it will be assigned a DCHP server (not recommended).
Using an Automatically Assigned IP Address
8. Finally, it remains to determine the location of the Databases, Log files and SYSVOL folders on the previously created disk.
This section shows an example of how you can automatically deploy new virtual machines to the created domain.
1. Open Windows Azure PowerShell in admin mode.
2. Configure DNS for the new virtual machine. To do this, you need a virtual machine created earlier and configured for Active Directory.
3. Next, you need to configure the virtual machine so that it automatically enters the AD domain at the deployment stage.
In this post, I covered the process of creating a new Active Directory domain in Windows Azure IaaS, partially using Windows Azure PowerShell.
• Configure Virtual Networking , including the Affinity Group .
• Create a storage account.
• Install Windows PowerShell .
Creating the first Virtual Machines.
1. Start Windows Azure PowerShell , and run the following command:
Set-ExecutionPolicy RemoteSigned 2. Next, connect the appropriate modules:
')
Import-Module 'C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1' 3. You must download the .publishsettings file of your Windows Azure subscription in order to save yourself from the initial settings on subsequent launches:
Get-AzurePublishSettingsFile 4. Next, launch Windows Azure PowerShell ISE :
powershell ise 5. Paste the following script in Windows Azure PowerShell ISE and edit the script under your subscription: the path to PublishSettingsFile , SubscriptionName , StorageAccount , etc.
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1" Import-AzurePublishSettingsFile 'E:\PowerShell\ MyAccount.publishsettings' Set-AzureSubscription -SubscriptionName MSDN -CurrentStorageAccount Test Select-AzureSubscription -SubscriptionName MSDN $myDNS = New-AzureDNS -Name 'myDNS' -IPAddress '127.0.0.1' $vmname = 'Test' $image = 'MSFT__Win2K8R2SP1-Datacenter-201207.01-en.us-30GB.vhd' $service = 'YourHabrahabr' $AG = 'Habrahabr' $vnet = 'HabrahabrVM' # VM's $MyDC = New-AzureVMConfig -name $vmname -InstanceSize 'Small' -ImageName $image | Add-AzureProvisioningConfig -Windows -Password 'Pa$w0rd!' | Set-AzureSubnet -SubnetNames 'BackEnd' New-AzureVM -ServiceName $service -AffinityGroup $AG -VMs $MyDC -DnsSettings $myDNS -VNetName $vnet 6. Make sure that the script is working correctly, you can, by viewing the progress of work on the Windows Azure portal:
Windows Azure Management Portal
7. Next, an Empty Disk must be attached to the previously created virtual machine:
Attaching an empty disk
8. To connect to a virtual machine, click Connect and download the .rdp profile to make a remote connection.
Disk initialization
Deploy a domain controller.
1. Connect to the virtual machine using the previously downloaded remote connection profile .rdp .
2. After connecting, run the IPConfig command to get the IP address.
3. Open Computer Management to initialize the attached early disk.
4. Start the Active Directory Domain Services Installation Wizard with the DCPromo command.
Add AD DS Role
5. Select Create a domain in a new forest .
Create AD DS
6. Name the Forest Root Domain and specify the functional level as Windows Server 2008 R2 . To create a DNS server, leave the standard selection.
7. Since when using a Windows Azure virtual machine, the IP address is assigned only while this virtual machine is running, click Yes, it will be assigned a DCHP server (not recommended).
Using an Automatically Assigned IP Address
8. Finally, it remains to determine the location of the Databases, Log files and SYSVOL folders on the previously created disk.
Deploying new virtual machines and joining a domain from PowerShell
This section shows an example of how you can automatically deploy new virtual machines to the created domain.
1. Open Windows Azure PowerShell in admin mode.
2. Configure DNS for the new virtual machine. To do this, you need a virtual machine created earlier and configured for Active Directory.
$advmIP = '[IP-ADDRESS]' $advmName = '[AD-NAME]' # IP- $dns1 = New-AzureDns -Name $advmName -IPAddress $advmIP 3. Next, you need to configure the virtual machine so that it automatically enters the AD domain at the deployment stage.
$vmName = 'adtest' $adminPassword = '[PASSWORD]' $domainPassword = '[PASSWORD]' $domainUser = 'administrator' $FQDomainName = 'testHabrAD.com' $subNet = 'AppSubnet' # VM $advm1 = New-AzureVMConfig -Name $vmName -InstanceSize Small -ImageName $imgName | Add-AzureProvisioningConfig -WindowsDomain -Password $adminPassword ` -Domain ' testHabrAD' -DomainPassword $domainPassword ` -DomainUserName $domainUser -JoinDomain $FQDomainName | Set-AzureSubnet -SubnetNames $subNet Conclusion
In this post, I covered the process of creating a new Active Directory domain in Windows Azure IaaS, partially using Windows Azure PowerShell.
Source: https://habr.com/ru/post/158211/
All Articles