Complete Tutorial and Demonstration of Azure Active Directory Domain Services
Vložit
- čas přidán 8. 02. 2023
- Professor Robert McMillen explains what Azure AD Domain Services is and how it differs from Azure AD and on-premises domains and forests. Watch a demo of creating an Azure AD DS domain, joining a computer to that domain using an Azure virtual machine, and manage the new domain using familiar AD tools on a Windows server. If you've ever been curious about Azure AD Domain Services, this is the video for you.
- Věda a technologie
Thanks Robert. I really enjoy your videos , they are not only complete,time-efficient-designed/performed, but also amusing, quite enticing to watch them all, MASTERPIECES, if I am allowed to say, they do show your wide and deep knowledge, Congrats!!!!!! Regards
Much appreciated!
What super explanation in shortest time on such a complex topic. Hats Off @Tech Pub
Thanks!
BY FAR the best tutuoral for an Azure novice like me. WELL DONE and thank you!
Glad it was helpful!
Thank you Robert. I always love your videos. Best trainer in LinkedIn and CZcams
I appreciate that!
A great training video. Thank you!
Glad to help and thanks for watching!
What an excellent video 👍 thanks for sharing
You are welcome! Thanks for watching.
Great video!
Didn't help me in the slightest with my current issue other than confirming everything I'd setup was right.
But even that was of great help and over all a great video.
Glad it did at least something for you.
Thank you very much for this tutorial, it is really clearing up questions my company has regarding moving to the cloud but still using legacy on prem applications. One question though, you mentioned Azure ADDS has no charges except for the resources. Does this mean an org with Azure P1 licensing could use this as a replacement of on prem AD for free, assuming you do not use a vm in Azure to manage AD?
Thanks for watching. Yes the P1 is the minimum for Azure AD and AAD DS licensing. I did make a mistake on the no charge thing. Although the AAD DS is free, it turns out they charge you for the IP resources and other things that go along with it. It's around $300 per month.
Can an on-prem domain controller be added at a future date if the domain is created in AADS?
No it cannot. Once your go AADDS, you only have that option.
Nice video...
Glad I could assist.
Fantastic video! Thank you for outlining the difference between Azure AD and Azure AD Domain Services. So basically aadds is a managed instance of Active Directory with the same management tools as on-premise AD but you can't manage the base OS?
Would you consider doing a video on how to configure a tunnel so you can join on-premise Windows endpoints to aadds? Is it different from using a Virtual Network Gateway and a local network gateway object? Is it just regular IPsec to the vNet?
Yes you are correct on what it is. The tunnel is quite a setup, but I think I can find time to do that.
@@techpub Is there a video available for configuring that tunnel?
Hi Robert, I mean is this the way to configure GPO settings for AADDS...i mean bu installing ADDS on a seperate VM???? I mean there must be some other managed way though??? I also remember one of my Instructor also did the same but he installed RSAT feature on that VM instead of ADDS services.....
You can add it through a GPO like you would any other exe or msi file. The RSAT tools are the way to do it on a client but ADDS is for a server.
thank you!
You're welcome!
Is it possible to "domain join" my own computer (not on the virtual network) to the AAD Domain Services? I've got a VM to work however struggling to join my computer
Yes but you would have to have a VPN tunnel to AAD DS to reach it. That requires a lot of extra steps.
@@techpub thank you for the reply. I will give your suggestion a go. I have enabled and set up certificates for secure LDP on Azure AD Domain Services, I can use/connect/bind with LDP.exe on my VM (on a different subnet but the same virtual network as AADDS) but unable to do it from over the internet. There's a setting in AADDS which I thought would allow me to do this "Allow secure LDAP access over the internet" but looks like that is not the case. Thanks again for the reply, much appreciated.
@@techpub I created a Azure Virtual network gateway and managed to join my personal computer to the domain and login with one of my domain accounts, thanks again for your help (y)
Thanks, it's great guide.
However, I have a scenario as below.
There are 1000 of users in an enterprise company which is using on-perm AD.
Now, the question is all those users are using their official PC/Laptops for daily works.
How those users are going to join in that Azure Domain? because it's seems expensive or not a easy way to say clients to login Azure VM ?
You're correct that it is expensive and you need a connection back to domain services. Its not for everyone for sure.
Thank you
You are welcome! Thanks for watching.
Any issues if your internal domain is a .local?
There should be no difference other than you have to prove you own it since its now a publicly available top level domain (unfortunately).
I always get the server IP. Could. Not. Be. Contacted when trying to. Add DNS any pointer,,?
Okays I did not sign in as domain admin
Glad you got it.
02:28 AADDS
yes