The first thing that we need to do is deploy and configure Azure Active Directory domain services. I’m going to step you through this as I walk through the exercise myself. The first thing I’m going to do is sign up for an account on Azure. You can sign-up for 12 months free at https://azure.microsoft.com. I’m using my richhornberger.com domain for all of this. I’d recommend that you sign up for a .com and do the same.
Signing up for an account is simple. If you don’t already have a live.com account, you’ll want to register for one. You simply provide your region, name, email, and telephone # to verify your identity and accept the terms and conditions. The telephone # must be valid to receive a text message or phone call. The next part can be tricky as you will NEED a credit card number for identity verification purposes (and of course for somewhere to charge you if you upgrade your account!).
It may take a few minutes with the spinning wheel of death as your account is set up. After you are set up, you get a big button to “Go to Azure Portal”.
After you are in your Azure Admin portal, you’ll want to click on the hamburger button or menu button denoted as ≡ and enter Azure Active Directory.
Upon entering Azure Active Directory, you can see the primary domain name is the domain name that you’ve set up your test account with. We are going to change this to reflect the domain for the .com that we registered. This will allow us to set up test users and other provision domain services for our virtual machines.
To change the primary domain, we will go to “Custom domain names” on the left manage menu.
Please note, at this point, you also need access to your DNS management for your registered domain name. This will be required to verify the ownership of the domain that you’ve registered with Microsoft. In my case, that registrar is Cloudflare for their security and load balancing features! Once inside of Custom domain names, we’ll click “Add custom domain”.
At this point, you’ll type in the name of the .com that you’ve registered. In my case, richhhornberger.com.
Now we’ll need to start flipping tabs in our browser. Microsoft will provide you with a TXT or Text record to add to your DNS management. This will allow you to verify the domain membership as noted earlier. They provide all the fields you should need with your DNS host. I’ve provided a before and after screenshot of adding those settings within my DNS provider Cloudflare. The @ indicates that you’re placing a record in the root of the domain. The TTL is in seconds so 3600 seconds is 1 hour. I’ve found you can leave the TTL as auto but, I’m going to make it one hour for good measure!
After you’ve added the TXT record, you will move back over to the Azure portal tab and click Verify. If all is well, you should see verification succeeded! There are some options here like “Download Azure AD Connect,” which isn’t needed for this demo. If you wished to extend your internal active directory environment to the cloud, that’s one of the directions you could head in but, that’s more in-depth than we need to set up some quick test desktop VM’s. If the verification fails, sometimes DNS takes a few hours to propagate, you’ll see a red warning message about DNS changes taking up to 72 hours to propagate, fortunately, mine passed immediately.
Next, you’ll want to make the domain primary for the lab environment. The system will ask you if you are sure that you want to make it your primary domain, you’ll hit Yes.
If we move back out by pressing Default Directory, we’ll see our new domain is verified and ready to use!
Returning to the overview page may show the Microsoft default domain as primary. Just wait a few minutes and hit refresh and that overview should update to show your .com as the primary!