Azure Identity And Access Management Part 29 – Azure Active Directory – Domain Service ( Azure AD-DS) 4 – Install Management Tools In A Domain Joined VM

Hello Friends,
Hope you all are doing good !!!
In our last articles we have discussed , how to Join Windows Server VM To An Azure AD DS Managed Domain. Today In this article, we will continue with Azure AD DS and will see how to Install management tools in a domain joined Virtual machine ( VM ).
If you have missed our previous articles on Azure Identity And Access Management (IAM), please check it in following links.
Part 1 – Azure Active Directory – Overview
Part 2 – Azure Active Directory – Enterprise Users
Part 3 – Azure Active Directory – Create Custom Directory Role & Assign Role using Power-Shell
- *
- *
- *
Part 23 – Azure Active Directory – Terms Of Use
Part 25 – Azure Active Directory – Identity Governance
Part 26 – Azure Active Directory – Domain Service ( Azure AD-DS) 1 – Overview
Next Article : Part 30 – Azure Active Directory – Domain Service ( Azure AD-DS) 5 – Create An Organizational Unit (OU)
Management Tools For Domain Joined VM :
As we know, Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, we saw in our last article, group policy, LDAP, and Kerberos/NTLM authentication that is fully compatible with Windows Server Active Directory.
Install Active Directory Administrative Tools :
We can manage this managed domain using some tools. Let’s go through the following steps, to install the required tools to administer an Azure AD DS managed domain.
Step 1 – Login to Azure Portal. In our last article, we have joined our VM (Manas-AADDS ) with our domain (manasmohrana.onmicrosoft.com).

Step 2 – Let’s connect our domain joined VM. As we an see in the following figure, there are different ways to connect with VM. Here I am connecting the VM through BASTION ( Azure Bastion is a new fully platform-managed PaaS service you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your VMs directly in the Azure portal over SSL ) . In the Overview pane for our VM, select Connect, then Bastion => provide the credentials for VM that we specified, when created the VM and click Connect to connect the VM.

Step 3 – Once we connected with the VM through this web based RDP, let’s install the AD management tools to the VM. Select the Start menu => choose Server Manager as shown in the following figure.

Step 4 – In the Dashboard pane, select Add Roles and Features option from Manage Tab, as showing in the following figure. This will open Add Roles and Features Wizard.

Step 5 – Before you begin is the first section of Add Role and Feature Wizard. Just click Next button as shown in the following figure.

Step 6 – On the Installation Type section, select the Role-based or feature-based installation option checked and select Next button.

Step 7 – On the Server Selection section, select the current VM from the server pool, for example Manas-AADDS.manasmoharana.onmicrosoft.com, then click Next button as shown in the following figure.

Step 8 – On the Server Roles section, leave the default setting and click Next button and go to the next section.

Step 9 – On the Features section, expand the Remote Server Administration Tools node => expand the Role Administration Tools node => Select AD DS and AD LDS Tools feature from the list of role administration tools, then click Next button as shown in the following figure.

Step 10 – On the Confirmation section, click Install button to start installing the tool.

As showing in the following figure, the installation is going on. We can close the wizard once the installation is complete. I would suggest to restart the the computer for a fresh configuration.

Step 11 – This time let’s connect/login to the VM using a managed domain user.

Step 12 – Go to Start menu, select Windows Administrative Tools. We can see all administrative tools installed to manage Active directory like we are doing in on-premise as showing in the following figure.

Step 13 – Select Active Directory Administrative Center. To check our managed domain, let’s choose the domain name in the left pane,and we can see two containers named AADDC Computers and AADDC Users are at the top of the list as highlighted in green squire. As showing in the following figure, select Users => Domain Users and we can see all users of Azure Active Directory.

Hope this post helps you. As I am exploring the Azure Identity and Access Management (IAM) in a detail level specially with active directory . Please let me know if I missed anything important or if my understanding is not up to mark.
Next Article : Part 30 – Azure Active Directory – Domain Service ( Azure AD-DS) 5 – Create An Organizational Unit (OU)
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.
Thanks for reading 🙂
good