locked
Join Azure Stack VM to domain RRS feed

  • Question

  • Hi, I am looking for a way to integrate an ASDK VM into an on-premise active directory domain.

    In my case, the DC is on the same network as the Azure Stack Host. However  the VM are in an isolated private network. (10.1)
    How to allow the VM to access the target domain controller ?

    I guess we can do something similar to https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-create-vpn-connection-one-node

    Thanks for your help,
    Pierre

    Friday, November 10, 2017 1:54 PM

Answers

  • Hello,

    AD FS integration with Azure Stack and your On Prem Domain Controller is only supported in Azure Stack Integrated Systems and I don’t see it road mapped as feature for the ASDK.  

      

    NOTE: In the ASDK (1-Node environment) the internal private IP spaces are simply NATed outbound to provide internet connectivity but there is no inbound NAT. 

      

    The ASDK is intended to be development environments that trades the complexity of full network integration for the ability to get developers up and running on a single server with just two externally visible IP addresses.  Currently the supported methods for connecting to Azure Stack endpoints and VMs in a One-Node deployment are detailed in the article below.

     

    https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-azure-stack

      

      

      *** The following ASDK article details a scenario that may provide a solution for what you are trying to accomplish.

     

    Create a site-to-site VPN connection between two virtual networks in different Azure Stack Development Kit environments

       

    Let us know how it goes

       

    We apologize for any inconvenience and appreciate your time and interest in Azure Stack.

    If you continue experience any issues with the ASDK release, feel free to contact us.

          

     Thanks


    Gary Gallanes



    Friday, November 10, 2017 6:14 PM

All replies

  • Hello,

    AD FS integration with Azure Stack and your On Prem Domain Controller is only supported in Azure Stack Integrated Systems and I don’t see it road mapped as feature for the ASDK.  

      

    NOTE: In the ASDK (1-Node environment) the internal private IP spaces are simply NATed outbound to provide internet connectivity but there is no inbound NAT. 

      

    The ASDK is intended to be development environments that trades the complexity of full network integration for the ability to get developers up and running on a single server with just two externally visible IP addresses.  Currently the supported methods for connecting to Azure Stack endpoints and VMs in a One-Node deployment are detailed in the article below.

     

    https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-azure-stack

      

      

      *** The following ASDK article details a scenario that may provide a solution for what you are trying to accomplish.

     

    Create a site-to-site VPN connection between two virtual networks in different Azure Stack Development Kit environments

       

    Let us know how it goes

       

    We apologize for any inconvenience and appreciate your time and interest in Azure Stack.

    If you continue experience any issues with the ASDK release, feel free to contact us.

          

     Thanks


    Gary Gallanes



    Friday, November 10, 2017 6:14 PM
  • Hi Gary,

    Thanks for the fast answer.
    I understand the limitation.

    In our case, ASDK is used to showcase the potential of Azure Stack solution before deploying it at a larger scale if the audience is convinced.

    Having a VM integrated into the domain is a basic functionality and it would make sense to be have it unlocked.

    Best regards,

    Pierre

    Monday, November 13, 2017 8:23 AM
  • Thank you for your feedback, If you'd like to see this functionality in a future release of Azure Stack do leave a feedback here: http://aka.ms/AzureStack/Feedback -- All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

    --------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Thursday, November 16, 2017 6:30 PM