Setting up Azure Active Directory Domain Services

Active Directory on AWS Active Directory on OCI Active Directory on GCP Office365 Backup Netsuite Backup

Microsoft's Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication that's fully compatible with Windows Server Active Directory.

Configure initial setup of Azure AD DS

1. Navigate to www.portal.azure.com and sign in.
2. In the search bar, type "domain services", then select "Azure AD Domain Services."

3. Select + Add at the top left or Create Azure AD Domain Services in the center of the screen to begin.
4. The "Basics" page allows you to fill out the primary information regarding the service. Make sure the proper selections are made before selecting "Next".

5. On the Networking page, leave as default as Azure needs to create its own virtual network along with subnet/NSG for Azure AD DS.
6. The administration page allows you to choose who has admin privileges to administer Azure AD DS. Microsoft automatically creates a security group called "AAD DC Members," which is recommended. Furthermore, you'll also control who gets notification of any alerts set up for this service within Azure. You can see there are default users/members; however, you can still add other recipients via their email. Click "Next."

7. The Synchronization page outlines if you are wanting to sync your entire contents of Azure AD or just specific groups. (Please note: if you chose to sync all then change to scoped, you'll be required to delete and recreate. However, going from scope to all does not). Select "Review + Create" to see the summary.

8. After validation is complete (this can take up to five minutes), click Create to begin Azure AD DS creation. Microsoft then greets you with an informal message of what is created for the service and what cannot be changed once created. Review and select "OK" if you're ready to proceed.

9. The deployment process can take up to one hour, but once it's completed, you will get a symbol to confirm that deployment was successful.

10. If you navigate back to Azure AD Domain Services, you will now see your domain.

11. Select your domain to open the center blade for management purposes and begin setting up your domain. From here you can:
Change the Azure AD SKU tier

Configure DNS for other Virtual networks in your subscription
Check Domain Health and Synchronization status
Troubleshoot issues