How to Build/Provision a Windows Server for hosting Domain Services on Microsoft Azure

How to Build/Provision a Windows Server for hosting Domain Services on Microsoft Azure

Product Line:  VERDE

1)            Build Gold image with Windows 2012 / Windows 2016 Server.ISO

2)            Create a custom Session Settings to be assigned to this Gold image with:  4 Gig RAM, 4-vCPU, 40Gig to 50Gig System image, 5Gig User image

3)            Install Windows Server and perform normal Windows updates

NOTE:  Do NOT install Domain Services in the Gold image (this will be installed after you provision this as a virtual Server)

4)            Add a local Admin account to login for managing the Windows Server / Domain – my Admin user is:  adadmin  (for AD Admin)

5)            Install Verde Guest Tools

6)            Shutdown Gold image and perform a ‘Check-in’

7)            Edit the Session Settings and change the NETWORK Tab from ‘NAT’ to ‘Bridge’, otherwise, you will NOT be able to IMPORT a Static IP address for Windows Domain services

NOTE:  You will have to request the available IP addresses in your Azure hosted IP Sub-net, so you can pick a Static IP address to assign your Windows server (after ‘Check-in’)

8)            Create a NETCFG import file to statically configure an IP address, Netmask, Default GW and Computer name (this is important)

9)            EXAMPLE:   adadmin,W2016STD_Jan2017,192.168.1.98,255.255.255.0,192.168.1.1,W2016AD1,,,

10)        IMPORT your NETCFG file

11)        Create a local Verde User/Password that matches the Admin account you created within the Gold image, for managing your Windows server / Domain

This local Verde User is a normal Verde User and NOT a Verde MC Admin.  You will use this local User account to login to your Windows server / Domain and it will have Administrative rights within the Windows server for configuring / managing your Server and Domain

12)        Create a Desktop Policy Rule to provision the Windows Server VM with:  local Verde User, Windows server Gold image, custom Session Settings from Step 2 above

NOTE:  This VM will be provisioned with ‘Static’ Deployment and NOT ‘Dynamic’.

This means that going forward, ALL management of this VM will be done as the local Verde Admin User that you created to login to the VM

         You will NO LONGER be able to perform a Gold image ‘Check-out’

13)        Login to the VM as the local Verde Admin User (this User should match the Admin account you added in Step 4 above)

14)        At this point, you will use the normal Steps to Install/setup Domain Services and DNS server within your virtual Windows server (reboot VM after installing Domain services)

15)        Login to the Verde server as ‘root’ and edit the /etc/resolv.conf file and create a ‘nameserver’ entry that points to the Static IP of your new Windows AD server

EXAMPLE:     1st entry:          nameserver 192.168.1.98  (this matches my Static IP address from Step 9 above)

                     2nd entry:         nameserver 8.8.8.8   (this points to a Public DNS server in the event that the Windows AD Server is not active)
    • Related Articles

    • Windows Server VM Creation for Verde Servers In-a-Box

      Product Line:  VERDE In order to support a one-system/all in one setup, VERDE supports building a Windows Domain/Active Directory server as a Virtual Machine (VM) within the VERDE system's own Gold Image Collection. The following Knowledge Base ...
    • Windows Server 2019. vSpace sessions disconnect every 60 minutes.

      We have received reports from customers that after they set up their vSpace Pro Enterprise Edition environment on Windows Server 2019, the sessions disconnect every 60 minutes.    This is related to a known restriction regarding Remote Desktop (RDS) ...
    • Best Practices for Installing vSpace with other Active Microsoft Server Roles.

      Best Practices for Installing vSpace with other Active Microsoft Server Roles. This article is to address commonly seen symptoms when installing vSpace on a Server OS with already existing Active Server roles. It is recommended as a best practice ...
    • Windows Server 2019. vSpace sessions disconnect every 60 minutes.

      We have received reports from customers that after they set up their vSpace Pro Enterprise Edition environment on Windows Server 2019, the sessions disconnect every 60 minutes.    This is related to a known restriction regarding Remote Desktop (RDS) ...
    • LDAP - Active Directory - Global Catalog

      Authenticating users from Active Directory forests (not only from a single domain) is possible in NoTouch Center. The NTC appliance needs to be configured to talk with the Active Directory Global Catalog server then though. The LDAP Server URL in ...