In this article, we are going to discuss two items:
1. Creating users in AWS Windows Server Active Directory and
2. Installing Azure AD connect.
First, you should have basic knowledge of virtual machine creation in AWS and Installation and configuration Active directory in windows server. If not, I would recommend you read my previous article.
Prerequisites
- Virtual machine creation in AWS
- Installation and configuration Active directory in windows server
Azure AD Connect is a tool and guided experience for connecting an on-premises identity infrastructure to Microsoft Azure AD. The wizard deploys and configures pre-requisites and components required for the connection, including sync and sign on.
Source: Wikipedia
Step 1
Download and Install the Azure AD Connect in AWS’s virtual machine (In this article we are using windows server 2012)
Step 2
Choose installation type. (In this article we are using express settings)
Express Settings
- Set everything to be the default
- You will not be able to choose sync account and groups in AD
- You will not be able to choose the SQL server, by default SQL Expression edition will be installed
Customize
- By default AD connect will be installed in “C:\Program Files\Microsoft Azure AD Sync” but you are able to set custom installation location
- By giving Server name and Instance name you able to use existing SQL server
- You can able to the existing service account
- You can able to select custom sync group like,
- Administrators
- Operators
- Browse
- Password Reset
Step 3
Both AWS and Azure Domain Controllers should trust each other,
Connect to Azure AD
- Provide username & password of Azure AD User (User Should be part of Global Administrator Role)
- Login into Azure Portal and then in right side blade click on the Azure Active Directory
- Click on the User under Manage Menu
- Click on the New User button
- Fill in the name and User Name. Password will be generated by default, so make sure you have noted the password, by using the same you will be able to log in the portal.
- Once the user is generated, the same will be reflected in the users section. In that select the user and then select Directory role and the Click on the Add button.
- Select the Global administrator role, without this the user will not be able to connect from the On-Premises AD then click on the Select button.
- Login to the Azure portal with newly created AD user’s credential, for the first login the system will ask us to reset the password.
Connect to AD DS (On Premises)
- Provider Domain\ User Name and Password of On-Premises local system.
- Click on install to complete the setup.
Step 4
Create New AD User, Open Server Manager then click Tools, Select Active Directory User and Computers option,
- Select your own domain, Right-click on the User folder, select New and then User
- Enter the User login name and then click the next button
- Set Password for the new user and click finish.
- Then newly created users will be displayed on the User Folder