This project serves as a foundational step for my Azure Virtual Desktop initiative. In this phase, we will create a Windows Server in Azure, which will function as our Domain Controller. We’ll set up a new forest tailored to our environment and install Azure AD Connect on the server. This configuration will enable seamless synchronization of users and groups with Microsoft Entra ID.
First we are going to create a new virtual network in a resource group called “AVD-RG”
We will be creating two subnets within the virtual network as seen below
Next we will be deploying a virtual machine which will act as out Domain Controller
When deploying the VM I selected the VNet we created in the last step and the “Subnet-01-DC” subnet
Now we’ll connect to the server via RDP
Click the “Roles and features” option and install Active Directory Domain Services
After AD DS is installed on the system we can promote the system to be a domain controller
We are also creating a new forest called “AVD.local”
After out Domain controller is all setup and ready to go, we’ll begin to install Microsoft Entra Connect
Navigate to the Microsoft download page. Download and run the MSI
When configuring Azure AD Connect you may encounter some issues involving TLS 1.2 not being active
I’ll paste the required registry changes below this screenshot!
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
DWORD name: DisabledByDefault
DWORD value: 0
DWORD name: Enabled
DWORD value: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server
DWORD name: DisabledByDefault
DWORD value: 0
DWORD name: Enabled
DWORD value: 1
Next we’ll be creating some users within Active directory to test out our synchronization capabilities.
Click the Azure AD Connect icon on your desktop one more time and set up the synchronization for the newly created OU
Our new accounts we created in active directory synchronized to Microsoft Entra ID!
Conclusion,
This project showcases my ability to deploy and configure a Domain Controller within an Azure environment, including the integration of Azure AD Connect for seamless synchronization with Microsoft Entra ID. By demonstrating these skills, it enhances my portfolio and highlights my proficiency in managing hybrid identity solutions and cloud-based infrastructure.