Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.
Anthony Bartolo Twitter | LinkedIn
Pierre Roman Twitter | LinkedIn
Chatter around cloud computing has increased as of late as more organizations are investigating how to harness the power of the cloud. Having an always on, always operational infrastructure based in the cloud provides piece of mind for most. With Microsoft's recent announcement around Price Reductions for Virtual Machines and Cloud Services, Microsoft Cloud Services have been on top of mind of many IT professionals. One concern, highlighted by some IT Professionals, has been the lack of training material around Windows Azure. This is where Pierre, Mitch and I are here to help.This Step-By-Step was produced by the Windows Azure team and is a great example of harnessing the power of the cloud to benefit one's organization.
Step 1: Verify static IP address for YourPrimaryDC
Log on to YourPrimaryDC on the Corp network.
In Server Manager, click View Network Connections.
Right-click the local area network connection and click Properties.
Click Internet Protocol Version 4 (TCP/IPv4) and click Properties.
Verify that the server is assigned a static IP address.
Step 2: Install Corp forest
In the RDP session for the VM, click Start, type dcpromo, and press ENTER.
On the Welcome page, click Next.
On the Operating System Compatibility page, click Next.
On the Choose a Deployment Configuration page, click Create a new domain in a new forest, and click Next.
On the Name the Forest Root Domain page, type corp.contoso.com the fully qualified domain name (FQDN) of the forest root domain and click Next.
On the Set Forest Functional level page, click Windows Server 2008 R2 and then click Next.
On the Additional Domain Controller Options page, click DNS server and click Next.
If the following DNS delegation warning appears, click Yes.
On the Location for Active Directory database, log files and SYSVOL page, type or select the location for the files and click Next.
On the Directory Services Restore Administrator page, type and confirm the DSRM password and click Next.
On the Summary page, confirm your selections and click Next.
After the Active Directory Installation Wizard finishes, click Finish and then click Restart Now to complete the installation.
Step 3: Create subnets and sites
Click Sites, right-click Subnets, and then click New Subnet.
In Prefix::, type 10.1.0.0/24, select the Default-First-Site-Name site object and click OK.
Right-click Sites and click New Site.
In Name, type CloudSite, select DEFAULTIPSITELINK and click OK.
Click OK to confirm the site was created.
Right-click Subnets, and then click New Subnet.
In Prefix::, type 10.4.2.0/24, select the CloudSite site object and click OK.
Step 4: Install an additional domain controller in the CloudSite
Log on to YourVMachine, click Start, type dcpromo, and press ENTER.
On Choose a Deployment Configuration page, click Existing forest, click Add a domain controller to an existing domain, and click Next.
On the Network Credentials page, make sure you are installing the domain controller in corp.contoso.com domain and type credentials of a member of the Domain Admins group (or use corp\administrator credentials).
On the Select a Domain page, click Next.
On the Select a Site page, make sure that CloudSite is selected and click Next.
On the Additional Domain Controller Options page, click Next.
On the Static IP assignment warning, click Yes, the computer will use an IP address automatically assigned by a DHCP server (not recommended)
Although the IP address on the Windows Azure Virtual Network is dynamic, its lease lasts for the duration of the VM. Therefore, you do not need to set a static IP address on the domain controller that you install on the virtual network. Setting a static IP address in the VM will cause communication failures.
When prompted about the DNS delegation warning, click Yes.
On the Location for Active Directory database, log files and SYSVOL page, click Browse and type or select a location on the data disk for the Active Directory files and click Next.
On the Summary page, click Next.
Step 5: Validate the installation
Reconnect to the VM.
Click Start, right-click Command Prompt and click Run as Administrator.
Type the following command and press ENTER: 'Dcdiag /c /v'
Verify that the tests ran successfully.
After the DC is configured, run the following Windows PowerShell cmdlet to provision additional virtual machines and have them automatically join the domain when they are provisioned. The DNS client resolver settings for the VMs must be configured when the VMs are provisioned. Substitute the correct names for your domain, VM name, and so on.
For more information about using Windows PowerShell, see Getting Started with Windows Azure PowerShell and Windows Azure Management Cmdlets.
Step 6: Provisioning a Virtual Machine that is Domain Joined on Boot
To create an additional virtual machine that is domain-joined when it first boots, open Windows Azure PowerShell ISE, paste the following script, replace the placeholders with your own values and run it.
To determine the Internal IP address of the domain controller, click the name of virtual network where it is running.
In the following example, the Internal IP address of the domain controller is 10.4.3.1.The Add-AzureProvisioningConfig also takes a -MachineObjectOU parameter which if specified (requires the full distinguished name in Active Directory) allows for setting Group Policy settings on all of the virtual machines in that container.
After the virtual machines are provisioned, log on by specifying a domain account using User Principal Name (UPN) format, such as firstname.lastname@example.org.
#Deploy a new VM and join it to the domain#-------------------------------------------#Specify my DC's DNS IP (10.4.3.1) $myDNS =New-AzureDNS-Name'ContosoDC13'-IPAddress'10.4.3.1'# OS Image to Use $image ='MSFT__Sql-Server-11EVAL-11.0.2215.0-08022012-en-us-30GB.vhd' $service ='myazuresvcindomainM1' $AG ='YourAffinityGroup' $vnet ='YourVirtualNetwork' $pwd ='p@$$w0rd' $size ='Small'#VM Configuration $vmname ='MyTestVM1' $MyVM1 =New-AzureVMConfig-name $vmname -InstanceSize $size -ImageName $image |Add-AzureProvisioningConfig-WindowsDomain-Password $pwd -Domain'corp'-DomainPassword'p@$$w0rd'-DomainUserName'Administrator'-JoinDomain'corp.contoso.com'|Set-AzureSubnet-SubnetNames'BackEnd'New-AzureVM-ServiceName $service -AffinityGroup $AG -VMs $MyVM1 -DnsSettings $myDNS -VNetName $vnet
Step 7: Backup the domain controller
Connect to YourVMachine.
Click Start, Click Server Manager, click Add Features, and then select Windows Server Backup Features. Follow the instructions to install Windows Server Backup.
Click Start, Click Windows Server Backup, click Backup once.
Click Different options and click Next.
Click Full Server and click Next.
Click Local drives and click Next.
Select the destination drive that does not host the operating system files or the Active Directory database, and click Next.
Confirm the backup settings you selected and then click Backup.
Step 8: Test authentication and authorization
In order to test authentication and authorization, create a domain user account in Active Directory. Log on to the client VM in each site and create a shared folder on the VM
Test access to the shared folder using different accounts and groups and permissions.
Learn more support features Windows Azure has to offer and have a chance in winning your own lab computer by participating in the free Microsoft offered Virtual Academy. Complete two TechNet evaluations, and take the selected Microsoft Virtual Academy courses for your chance at a $5,000 grand prize or a chance to win a HP EliteBook Revolve and two chances to win 400 Microsoft Points.