- Microsoft Azure (Virtual Machines/Compute)
- Remote Desktop
- Active Directory Domain Services
- PowerShell
- Windows Server 2022
- Windows 10 (21H2)
- Setup Resources in Azure
- Ensure Connection between Client and Domain Controller
- Install Active Directory and Admin Creation
- Create Client Users using Powershell Script
Create the Domain Controller VM (Windows Server 2022). I named it DC-1. Set up Domain Controller's Network Interface Card (NIC) Private IP address to be static DC-1 -> networking -> NIC -> IP configurations.
Now create the Client VM (Windows 10) named Client-1. Use the same Resource Group and Vnet that was created in the DC-1 step.
Make sure client-1 and dc-1 are on the same Vnet and resource group. Then, log in to Client-1 with Remote Desktop and ping the DC-1's private IP address with ping -t.
Notice that we are getting "request timed out" Let's fix that! Login to DC-1 and make sure to keep Client-1 open.
Go to the search bar and search for wf.msc go to Inbound Rules in the top left and sort by protocol. Enable Core Networking Diagnostics - ICMP Echo Request. Enable both Private and Domain Profiles.
Now go back to Client-1 and the ping should now be succeeding.
Now, it is time to install Active Directory. Go to DC-1 and go to server manager -> add roles and features -> then check the "Active Directory Domain Services".
Once you have installed that and are now on the main server control page. Click on the yellow triangle and click promote this server to a domain controller. Click Add a new forest and enter any domain name you want. I chose mydomain.com. Restart and then log back into DC-1 as user: mydomain.com\labuser
Go to Active Directory Users and Computer (ADUC) and create an Organization Unit (OU) called "_EMPLOYEES" and another OU called "_ADMIN".
In _ADMINS create a new employee named Jane Doe with the username of jane_admin. Add jane_admin to the Domain Admins Security Group. Log out of the Remote Desktop connection and log back in as mydomain.com\jane_admin.
Go back to the Azure Portal and set Client-1's DNS settings to the DC's Private IP address. Restart Client-1 and then log back in through Remote Desktop with labuser. Join Client-1 to the domain and the computer will restart.
Log into Client-1 as mydomain.com\jane_admin and open system properties. Click remote desktop. Then, allow domain users to access the remote desktop. You can now log into Client-1 as a non-administrative user.
Log into DC-1 as jane_admin. Open Powershell ISE as an administrator. Then I paste the Powershell script I created and hit the start green arrow.
Then, I log out of my Client-1 desktop and logged back in with one of the accounts the PowerShell script just created.