Replica DCs on Azure – Promote the Azure IaaS VMs to a domain controller

June 13, 2016 at 12:59 pm in Azure, Cloud, DC, hybrid cloud, IaaS, PowerShell by Wim Matthyssen

This blog post is part of the step-by-step to deploy replica DCs on Microsoft Azure which can be found here: http://scug.be/wim/2015/09/28/deploying-replica-dcs-in-windows-azure/

We will start were we left of in the previous blog post http://scug.be/wim/2016/06/06/replica-dcs-on-azure-add-the-active-directory-domain-services-role/ . We have just installed the Active Directory Domain Services (AD DS), so now it’s time to promote both servers to a domain controller (DC). We will use both the GUI (AZGR-DC-01) and PowerShell (AZGR-DC-02). So let’s kickoff.

Promote this server to a domain controller (GUI)

1) Logon to the server (AZGR-DC-01) as a domain administrator and open Server Manager. If you start were I left off in the previous blog post, you should see a question mark near the flag. Click on it and click on Promote this server to a domain controller

image

image

2) Select Add a domain controller to an existing domain. Normally the correct Domain is filled in automatically, if this is not the case select the proper domain or enter the domain name in the field provided. Select a user (Enterprise Administrator) who has to rights to add a domain controller to the domain and apply the proper credentials

image

3) Select both Domain Name System (DNS) server and Global Catalog (GC). Select the Site (AZU-VNET-1) to which the DC belongs. Fill in the Directory Services Restore Mode (DSRM) password and click Next. As a quick comment I just want to remind you that for best practice reasons this password should be documented, as it can help you to gain access to the AD environment in the event that all domain administrator accounts lose access

image

4) Since we are not using a parent zone, you will receive below warning message A delegation for this DNS server cannot be created because the authoritative zone cannot be found… We may ignore the warning message, as this will not affect whether the DNS feature gets installed. Click Next

image

5) In the Replicate from field select the on premise DC (GR-DC-01) to replicate from and click Next

image

6) Select as location for the AD DS database, log files and SYSVOL data the added Azure data disk with drive letter E: and click Next

image

7) The following window summaries all selected options. If all is right click Next

image

8) If the prerequisites check passes successfully, click Install

image

9) Installation will start and once it’s completed, by clicking on the Close button, the server will reboot. If the server is restarted the DC setup is completed

image

image

image

 

Promote this server to a domain controller (PowerShell)

1) Logon to the server (AZGR-DC-02) as a domain administrator and open PowerShell as Administrator

2) Run following PowerShell automation script (store with .ps1 extension or copy and run directly) to promote this server to a DC:

image

3) When asked enter a username and password (this user should have Enterprise Administrator rights)

image

4) Fill in the Directory Services Restore Mode (DSRM) password and confirm it a second time

image

5) Installation will go on and when succeeded the server will reboot. After the restart the DC installation is completed

image

image

This ends the seventh part of the series. Still a few steps to go, so please continue through the rest of the series to complete the setup. Till next time!

Wim Matthyssen (@wmatthyssen)

Share on LinkedInTweet about this on TwitterShare on Google+Share on Facebook