Deploy Entra Domain Service and Join a Server to the Domain
Vložit
- čas přidán 24. 07. 2024
- Wow, I missed updating the slide deck from Azure AD to Entra ID! Too late to change it now.
In this video, we review deploying Microsoft Entra Domain Services (Entra DS) and configuring replication with Entra ID. The video starts by outlining the requirements and features of the Entra DS service, including password hash synchronization. Then we create a virtual network (VNet) for the service and deploy Entra DS. Once deployed, we join a server to the Entra DS managed domain and add the remote administration RSAT tools to manage the directory.
00:00 - Start
06:23 - Create the VNet
08:20 - Deploy Entra DS
13:31 - Update DNS Settings
16:20 - Reset User Password
18:34 - Add a Management Computer to the Domain
20:48 - Add RSAT Tools
Links
Free Azure guide! Subscribe to the newsletter
subscribepage.io/rbsIjt
Zero to Hero with Azure Virtual Desktop
www.udemy.com/course/zero-to-...
Hybrid Identity with Windows AD and Azure AD
www.udemy.com/course/hybrid-i...
Windows 365 Enterprise and Intune Management
www.udemy.com/course/windows-...
Entra ID, Windows AD and Entra DS video
• What is Entra ID, Entr... - Věda a technologie
Thanks for another great video! Entra DS is all about taking those last few apps that depend on Kerberos for authentication and getting them out of the data center. It would be nice to see the next step of setting up app proxy and Kerberos constrained delegation. It would be interesting in a cloud native, passwordless world to see what's possible. Do we still need to reset passwords?
Travis, I've found, if I deploy EIDDS to a spoke identity network, I have to add routing back to the hub firewall, or resources can't resolve dns. Resources can query dns on EIDDS, but EIDDS doesn't have a route back to the resources for resolution. Have you seen this?
I have a Server 2022 VM that i Entra-ID joined, but under domain is still say workgroup?
how can i change it to say "Entra-ID Joined" or do i have to create a workgroup call that?
if we add the VM ip-address when creating the VM, or in the portal, then that IP address becomes a DHCP reserved address for that VM.
- is it possible to access that DHCP service using the RSAT tools?
Azure VM's get their IP from the WireServer IP, not from Windows DHCP. The only way to set a static private IP in Azure VM's is by setting it on the virtual NIC in Azure.
Will Azure also provide an "Entra Enterprise CA" like service ???
- with auto-enrollment & renewals for the VM & connected devices?
Hi, thanks for the Video Tutorial. I however have a problem. I noticed that the AD DS and AD LDS tools after I installed them... I get Access Denied when I try to make basic changes to users in the Active Directory Users and Computers container. I am very certain the User I am logged into is part of the AAD DC Administrators group. Any assistance or pointers will be appreciated.
If the users are sourced from Entra ID, they may need to be updated in Entra ID and the changes will replicate to Entra DS.
How does one manually add DNS entry???
How to add a TXT/A/AAA/CNAME record, or a SRV record when using Entra-DS?
Add the DNS Server tools to the management computer; it's a feature that is not part of the AD DS tools. DNS on the managed domain can be managed from there.
list of reasons to use entra domain services:
1.