Hands-on Lab: Build a SharePoint Dev-Test Farm in the Cloud (Part 4 – Configure Windows Server Active Directory in a Windows Azure VM)


Windows Azure Infrastructure Services provides cloud-based storage, virtual networks and virtual machines that can be provisioned on-demand to support lab, pilot or production application workloads. In this multi-part Step-By-Step hands on lab format we will walk you through the entire process.  The introduction and index post can be found at: Hands-on Lab: Build a SharePoint Dev-Test Farm in the Cloud using Windows Azure Infrastructure Services (Part 0 – Introduction and Series Index)

Prior Step: Define a Virtual Network in Windows Azure

 

 

Exercise 4: Configure Windows Server Active Directory in a Windows Azure VM

Provision a new Windows Azure VM to run a Windows Server Active Directory domain controller in a new Active Directory forest by performing the following steps:

1)      Sign in at the Windows Azure Management Portal with the logon credentials used when you signed up for your Free Windows Azure Trial.

2)      Select Virtual Machines located on the side navigation panel on the Windows Azure Management Portal page.

3)      Click the +NEW button located on the bottom navigation bar and select
Compute | Virtual Machines | From Gallery.

4)      In the Virtual Machine Operating System Selection list, select Windows Server 2012 Datacenter and click the  button.

5)      On the Virtual Machine Configuration page, complete the fields as follows:

Version Release Date: Select the latest version release date to build a new VM with the latest OS updates applied.

Virtual Machine Name: XXXlabad01
 
Size: Small (1 core, 1.75GB Memory)

New User Name: Choose a secure local Administrator user account to provision.

New Password and Confirm Password fields: Choose and confirm a new local Administrator password.

Click the  button to continue.

Note: It is suggested to use secure passwords for Administrator users and service accounts, as Windows Azure virtual machines could be accessible from the Internet knowing just their DNS.  You can also read this document on the Microsoft Security website that will help you select a secure password: http://www.microsoft.com/security/online-privacy/passwords-create.aspx.

6)      On the Virtual Machine Configuration page, complete the fields as follows:

Cloud Service: Create a new cloud service

Cloud Service DNS Name: XXXlabad.cloudapp.net

Region/Affinity Group/Virtual Network: Select XXXlabnet01 – the Virtual Network defined in Exercise 3 above.

Virtual Network Subnets: Select Subnet-1 (10.0.0.0/23)
 
Storage Account: Select the Storage Account defined in Exercise 1 above.
 
Availability Set: Create an availability set
 
Availability Set Name: XXXlabad

Click the  button to continue.

7)      On the Virtual Machine Configuration – Endpoints page, click the  button to accept the default firewall endpoint values and begin provisioning the new virtual machine.

As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Windows Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning).  When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.

8)      After the new virtual machine has finished provisioning, click on the name (XXXlabad01) of the new Virtual Machine displayed on the Virtual Machines page of the Windows Azure Management Portal.

9)      On the virtual machine Dashboard page for XXXlabad01, make note of the Internal IP Address displayed on this page located on the right-side of the page.  This IP address should be listed as 10.0.0.4If a different internal IP address is displayed, the virtual network and/or virtual machine configuration was not completed correctly.  In this case, click the DELETE button located on the bottom toolbar of the virtual machine details page for XXXlabad01, and go back to Exercise 2 and Exercise 3 to confirm that all steps were completed correctly.

10)   On the virtual machine Dashboard page for XXXlabad01, click the Attach button located on the bottom navigation toolbar and select Attach Empty Disk.  Complete the following fields on the Attach an empty disk to the virtual machine form:

File Name: XXXlabad01-data01

Size: 10 GB

Host Cache Preference: None

Click the  button to create and attach the new virtual hard disk to virtual machine XXXlabad01.

11)   On the virtual machine Dashboard page for XXXlabad01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.  Logon at the console of your virtual machine with the local Administrator credentials defined in Step 5 above. Accept authorization message(s)

 

12)   From the Remote Desktop console of XXXlabad01, create a new partition on the additional data disk attached above in Step 10 and format this partition as a new F: NTFS volume.  This volume will be used for NTDS DIT database, log and SYSVOL folder locations.  Step-By-Step: Once inside Server Manager, go to Tools (upper right corner menu) then select Computer Management. Inside Computer Management select Disk Management.  An “Initialize Disk” window will pop up, make sure the new disk is selected and click OK. Right click unallocated space on Disk 2 and select “New Simple Volume…” Click Next: then Next for the Specify Volume Size. The drive letter should be preconfigured to “F”, click Next: Change the Volume Label to DATA and click Next: Click Finish.  
(it may take a bit to see the drive in computer explorer).  Once you see the new F: drive in the upper volume window you can close computer management.

 

13)   Using the Server Manager tool, install Active Directory Domain Services Step-by-Step:

a)     Active Directory domain services is installed by simply adding the role:

b)     In Server Manager, click Manage (upper right corner menu) then click Add Roles and Features to start the Add Roles & Features Wizard.

c)     On the Before you begin page, click Next.

d)     On the Select installation type page, click Role-based or feature-based installation and then click Next.

e)     The current server should already be selected, click Next.

f)      On the Select server roles page, click Active Directory Domain Services, then on the Add Roles and Features Wizard dialog box, click Add Features, and then click Next.

g)     On the Select features page, click Next.

h)     On the Active Directory Domain Services page, click Next.

i)      On the Confirm installation selections page, Turn on the “Restart the destination server automatically if required” check box. On the restart popup alert, select Yes. Then click Install.  It could take a few minutes to do the install.

j)      Once installation finishes, Click Close. We will configure AD in the next step.

 

14)   Promote this server to a domain controller in a new forest with the following parameters:

Active Directory Forest name: contoso.com
Volume Location for NTDS database, log and SYSVOL folders: F:

Step-By-Step:

a)     Server MangerFlag (upper right corner near Manage) – Post deployment configuration – Click  “Promote this server to a domain controller”

b)     On the Deployment Configuration page click Add a new forest then type contoso.com for the Root domain name. then click Next

c)     On the Domain Controller options page type a secure password and confirm password (you will have to remember this) then click Next.

d)     On the DNS page, click Next (you can ignore the warning)

e)     On the Additional Options page, click Next

f)      On the Paths page, change the C:… paths to F:… then click Next

g)     On the Review Options page click Next

h)     On the Prerequisites Check page, review issues then click install. You can ignore the warnings; the last line should say all prerequisites checks passed successfully.

i)      This will take some time to complete and will reboot your server once complete

15)   After Active Directory has been installed, create the following user accounts that will be used when installing and configuring SharePoint Server 2013 later in this hands-on lab:

CONTOSOsp_farm – SharePoint Farm Data Access Account

CONTOSOsp_serviceapps – SharePoint Farm Service Applications Account

Step-By-Step:

a)      Login to server (Connect)

b)      Server ManagerToolsActive Directory Users and Computers

c)      Create sp_farm: Expand contoso.com; Right-Click Users Select New then User

i)       On the New Object – User page:

(1)    Last name: sp_farm

(2)    User logon name: sp_farm

(3)    Full name: SharePoint Farm Data Access Account

ii)      Click Next

iii)     Enter a secure password in password and confirm password fields

iv)     Turn off checkbox User must change password at next logon

v)      Click Next; then Finish

d)      Create sp_serviceapps: Right-Click Users (under contoso.com) Select New then User

i)       On the New Object – User page:

(1)    Last name: sp_serviceapps

(2)    User logon name:sp_serviceapps

(3)    Full name: SharePoint Farm Service Applications Account

ii)      Click Next

iii)     Enter a secure password in password and confirm password fields

iv)     Turn off checkbox User must change password at next logon

v)      Click Next; then Finish

vi)      

The configuration for this virtual machine is now complete, and you may continue with the next exercise in this hands-on lab guide.

Next Step: Configure SQL Server 2012 in a Windows Azure VM