Understanding Windows Azure’s Active Directory (AD) and PowerShell Tools

Understanding Windows Azure’s Active
Directory (AD) and PowerShell Tools

If deploying an application requires a developer’s involvement, it’s not IaaS

Broad & deep array of solutions enables customers to use cloud in their own way, at their own pace
Microsoft approach: hybrid cloud

SharePoint PaaS Roles
File Servers Local AD SQL VMs

openSUSE 12.3
CentOS 6.3
Ubuntu 12.04
Ubuntu 12.10
SUSE Linux Enterprise Server
SP2
and more!
Windows Server 2012
Datacenter
Windows Server 2008 R2 SP1
SQL Server 2012 SP1 (Std or
DC)
SharePoint Server 2013 Trial
BizTalk Server 2013
and more!

VM Size
CPU
Cores
RAM Bandwidth
# Data
Disks
Price Per Hour
(GA Price Starting Jun 1st)
Price Per Hour
(Promotional Price Until May 31st)
Extra Small (A0) Shared 768 MB 1 $0.02
(~$15/month)
$0.0133
(~$10/month)
Small (A1) 1 1.75 GB 100 2 $0.09
(~$67/month)
$0.08
(~$60/month)
Medium (A2) 2 3.5 GB 200 4 $0.18
(~$134/month)
$0.16
(~$119/month)
Large (A3) 4 7 GB 400 8 $0.36
(~$268/month)
$0.32
(~$238/month)
Extra Large (A4) 8 14 GB 800 16 $0.72
(~$536/month)
$0.64
(~$476/month)
A6 4 28 GB 1,000 8 $1.02
(~$759/month)
N/A
A7 8 56 GB 2,000 16 $2.04
(~$1,518/month)
N/A
Virtual Machine Sizes

DC DNS
Active
Directory
Persistent VM Role
DC DNS
Active
Directory
Persistent VM
Role
Persistent
VM Role
SQL
SharePoint

Overview of the Portal
When you first login to
Windows Azure you
have a blank slate to
work from. For today’s
lab we will be utilizing
the Virtual Machines
and Network sections
of Azure.

First we need to register a DNS Server that our lab will utilize. Register the internal IP address that our
domain controller VM will be using for Active Directory-integrated Dynamic DNS services.
Registering the DNS Server

Provide a name for the DNS server and for this exercise we will use the I.P. address of 10.0.0.4. Be
sure that the proper subscription is selected, then click Register DNS Server.
Registering the DNS Server

Now we will create a virtual network. This virtual network will serve as a subnet that all of
our virtual machines will connect to.
Building the Virtual Network

Provide a name for the
virtual network, and
also the affinity group
unless you have
already created one in
previous labs.
Be sure to select the
appropriate region as
this impacts where
your workloads will
run geographically.
Click on the arrow to
proceed.

Select the DNS Server
registered in the
previous steps.
Click on the check to
proceed.

We need to select a
proper subnet scheme,
for this lab we will be
choosing 4096
possible addresses.
The CIDR equivalent is
20.
proceed.

Notice that during any action sequences in the Azure Portal the operations will show up at the bottom
of the screen explaining the progress. When each process is complete you can clear the operation by
clicking on the OK checkmark. Minimize this panel and it can be recalled at any time by clicking on
the icon at the bottom of the screen.
Operations Status

Building the Storage Account
Now we need to create a storage account so that all of our new VMs will share the same container. This makes
matters much easier for moving, deprovisioning, and such. Click on Storage, then select New. Click on Quick
Create, provide a name for your storage. Geo-Replication has the ability to mirror data to other regions of the
U.S. However this costs additional money so for this lab we will uncheck the box, click on the checkmark to
finish:

Notice there are three
sub sections to the
Virtual Machines area
of the portal.
Instances, Images, and
Disks. We will select
Create a Virtual
Machine to proceed
Building the First Virtual Machine

Select Virtual Machine, and use the “From Gallery” option. Consider the “From Gallery” option as the more
advanced or custom option for deploying VMs.
Building the First Virtual Machine
Click on the Create A Virtual
Machine checkmark to proceed.

Select Windows Server 2012
Datacenter
Building the AD Virtual Machine
Click on the Arrow to proceed.

The Version Release Date is a
great feature in that you can
deploy Windows Server 2012
based on update rollups. So
the April 24th selection would
include all updates to that
point. Choose the most recent
version.
Provide a machine name, set
the Size of the VM to Small,
add an admin user account,
and password. Note the
password must have 8
characters and is utilizing a
more secure password(special
characters, upper and lower
case, numeric) is suggested.
Click on the arrow to proceed.

Provide a DNS name, this name
will be checked to see if it already
exists in the DNS database for
cloudapp.net. In the event the
name of the VM is already in user
append a character or modify the
DNS name. Select the previously
created Storage Account. Select
the Virtual Network we previously
set up. Check that the subnet
looks accurate.
proceed.

We will not be creating an
Availability Set in this session so as
to keep costs down. Availability
Sets are in place to insure that VMs
are available in other regions
geographically in the event of an
outage.
Ensure the “ENABLE POWERSHELL
REMOTING box is checked.
Click on the Check to
complete the creation
of the VM.

Scroll down on the Status screen for the newly created VM. Check to make sure the IP address is 10.0.0.4(this
was automatically assigned to the VM.) Notice that the Size is set to Small granting us 1.75 GB of Memory.

We need to add a disk to the
VMs now, so we will start with
the AD controller.
Why? Because Azure OS disks
have write cache enabled, so
in the event of an outage
some data might get lost. By
adding a new empty data
disk, these disks are safe from
data loss as the data is written
directly to the virtual disk.
From the summary page, click
on Attach and then select
“Attach Empty Disk”
Adding a Virtual Disk to the AD Machine

Rename the virtual disk by
appending data01 in place of
the random characters which
are normally auto-generated.
Make the disk 10GB in size.
Select “None” for the Host
Cache Preference
Click the Check to complete
the disk addition.
Adding a Virtual Disk to the AD Machine

Connecting to the AD server via RDP
Now we need to connect to
the AD server via RDP to
complete the disk addition
and kick off the Active
Directory role installation.
Click on the virtual machine
and then click on “Connect”

A RDP file will display at
the bottom of the screen.
This RDP connection
comes preconfigured
with the randomized
TCPIP port which is now
required for security
purposes.
Click on Open

Select the checkbox to disable this
warning if desired. Click “Connect”: Enter the admin credentials which were
supplied during the VM creation process
and then click OK:
Disable the warning if so
desired and click “Yes”:

Creating the Data Volume on the AD server
Once inside Server
Manager, go to Tools
then select Computer
Management.
Inside Computer
Management select Disk
Management.
An “Initialize Disk”
window will pop up,
make sure the new disk is
selected and click OK.

Right click Disk 2 and
select “New Simple
Volume…”
Click Next:

The drive letter should be
preconfigured to “F”, click Next:
Click Next: Change the Volume Label to
DATA and click Next:
Click Finish:

Installing Active Directory on the AD Server
Jump back into the RDP
Session for the AD Server,
click on Manage then
select “Add Roles and
Features”:
Click Next: Click Next:

Notice that the only server displayed is the local
server. Later on we will add other servers to
manage in this same Server Manager console.
Make sure the server is selected and click Next.
Select Active Directory Domain Services, the
subsequent pop-up window tells us that the
management tools will also be installed, click
“Add Features” then click “Next”:

Since no other features are required for this
server we will select “Next” to continue:
Now we click on “Next” to continue through the
Active Directory Domain Services configuration:

Server Manager will reboot the server automatically
if desired selected the checkbox, and click on Yes to
the pop-up window. Next click on Install: Be sure that the installation completes then click
on Close:

Server Manager will notify you that there are tasks left to be completed or if errors have occurred via the
Flag at the top of the screen. Click on the flag then notice it is prompting us to promote the server to a
domain controller. Since DCPromo has been deprecated in Server 2012 we will use this option to move
forward:

Select “Add a New Forest”, enter in a Domain
name, for this exercise I use “contoso.com”.
Click Next:
Enter a Password and then click Next:

Ignore the DNS error message and click Next:
Verify the NETBIOS name and click Next:

Change the drive path to the F drive for all 3
entries leaving the subfolders path intact.
Click Next: Notice that you can view the PowerShell script
for this installation by clicking “View script”,
otherwise click Next:

The prerequisites check will display any issues that might need to be addressed. The messages
you will see can be ignored during this installation. DNS will be installed automatically. Click
Install:
The server will automatically reboot when the
operation is completed.

Select Create a Virtual Machine to proceed:
Building the Web Virtual Machine

Datacenter

the April 24th selection would
version.
Provide a machine name
(xxxxlabweb01), set the Size to
Small, choose an admin
user account, and password.
Note the password must have
8 characters and is utilizing a

looks accurate.
proceed.

We will not be creating an
Availability Set in this session so as
to keep costs down. Availability
Sets are in place to insure that VMs
are available in other regions
geographically in the event of an
outage.
Ensure the “ENABLE POWERSHELL
REMOTING box is checked.
Click on the Check to
complete the creation
of the VM.

VMs now, so we will continue
with the Web controller.
Adding a Virtual Disk to the Web Machine

Cache Preference
the disk addition.
Adding a Virtual Disk to the Web Machine

Notice there are three
sub sections to the
Virtual Machines area
of the portal.
Instances, Images, and
Disks. We will select
Create a Virtual
Machine to proceed
Building the File Server Virtual Machine

Datacenter

The March 26th selection would
version.
Provide a machine name
(xxxxxlabfile01), user account,
and password. Note the
password must have 8
characters and is utilizing a
Set the size to Small.

looks accurate.
proceed.

VMs now, so we will finish
with the File controller.
Adding a Virtual Disk to the File Machine

Cache Preference
the disk addition.
Adding a Virtual Disk to the File Machine

PowerShell for Windows Azure
Allows IT Pros to leverage PowerShell in Windows
Azure VMs in the same manner PowerShell is used
locally
Requires installation of the Windows Azure
PowerShell Module and configuration with your
Pay-as-you-Go account
Allows scripted administration of Windows Azure
VMs and many other features of Windows Server
and Windows Azure

Leverage the same PowerShell ISE

Import YOUR VMs right into Azure

Understanding Windows Azure’s Active Directory (AD) and PowerShell Tools

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (8)

Similaire à Understanding Windows Azure’s Active Directory (AD) and PowerShell Tools

Similaire à Understanding Windows Azure’s Active Directory (AD) and PowerShell Tools (20)

Plus de EPC Group

Plus de EPC Group (20)

Dernier

Dernier (20)

Understanding Windows Azure’s Active Directory (AD) and PowerShell Tools