Replica DCs on Azure – Adjustment of some server settings before promoting the DCs

March 17, 2016 at 9:05 pm in Azure, Cloud, DC, hybrid cloud, IaaS, PowerShell by Wim Matthyssen

This blog post is part of the step-by-step to deploy replica DCs on Microsoft Azure which can be found here: http://scug.be/wim/2015/09/28/deploying-replica-dcs-in-windows-azure/

Before we promote the servers to DCs, we can do some configuration like for example adding the server(s) to the domain, place the server(s) in the correct organizational unit (OU), create an inbound rule in Windows Firewall to allow ICMPv4 and set the correct time zone. Installing all Windows Updates is also an important step to do for security reasons, but also to fix problems or to foresee additions to the operating system (OS). Below I will show you how you can do all of the above by using the GUI or/and trough PowerShell.

Add the server to the domain (GUI)

1) Logon to the server trough RDP, open Server Manager, select Local Server and select WORKGROUP

image

2) Click Change…

image

3) Fill in the name of the Domain (for example contoso.local) and when asked enter a username and password of an account who is able to add a server to the domain. Click OK

image

4) Click OK when the “Welcome to the contoso.local domain.” shows up

image

5) Click OK

image

6) Click Close

image

7) Click Restart Now

image

8) After the reboot the server is added to the domain

image

Add the server to the domain (PowerShell)

1) Logon to the server trough RDP and open PowerShell as an administrator. Run following cmdlets (replace contoso.local by your own domain name):

image

2) When asked restart the server with following cmdlet:

image

3) After the reboot the server is added to the domain

image

 

Place the server(s) in the correct OU (GUI)

1) Logon to an on premise DC and open Active Directory Users and Computers by opening Run and typing dsa.msc. Click OK

image

2) Click Action and select Find…

image

3) In the Find Computers screen, select Computers in the Find: field and Entire Directory in the In: field. Type the name in the Computer name field (in my case I typed I the 4 first characters of both Azure IaaS VMs who will be promoted to DC)

image

4) Select both servers and right-click. Select Move…

image

5) Select the correct OU (in my case DC) and click OK. Close the Find Computers window

image

6) After a refresh (F5), the servers are added to the correct OU

image

 

Place the servers in the correct OU (PowerShell)

1) Logon to an on-premise DC trough RDP and open PowerShell as an administrator. Run following cmdlets (replace contoso.local by your own domain name):

image

2) After a refresh (F5), the servers are added to the correct OU

image

 

Install Windows Updates (GUI)

1) Logon to the server trough RDP, open Run and type wuapp.exe. Click OK

image

2) To change Windows Update settings (mostly already taken care of with a GPO), click Change settings

image

3) Change the settings like your company prefers. Press OK

image

4) The server will start Checking for updates…

image

5) Install all necessary updates and if needed reboot (repeat this step until all updates are installed)

image

 

Enable ICMPv4 rule in Windows Firewall (PowerShell)

1) Logon to the server trough RDP and open PowerShell as an administrator. Run following cmdlet:

image

2) Like you can see the rule is created and I’m now able to ping the server

image

image

 

Set the time zone (PowerShell)

1) Open up PowerShell as an administrator and run the following command:

image

image

 

Enabling the High Performance Power Plan (PowerShell)

1) Open up PowerShell as an administrator and run the following script:

image

image

 

That ends the fifth part of this series. Please continue through the rest of the series to complete the setup (if all are available).

Till next time!

Wim Matthyssen (@wmatthyssen)

Share on LinkedInTweet about this on TwitterShare on Google+Share on Facebook