Azure Active Directory - ADDS - VM Windows Server 2016 ADAC - Domain join account RRS feed

  • Question

  • Hi,

    I'am trying to plug Horizon Cloud VMware with Azure. 

    I must create domain join account requires requires the following Active Directory permissions: List Contents, Read All Properties, Read Permissions, Reset Password, Create Computer Objects, Delete Computer Objects, and Write All Properties.

    The account is well created but I am not able to give him permission to reset the passwords. But I add the other rights, and when Horizon tries to use the account it tells me that this right is required.

    I use Control Delegation on OU but even if i give the right to reset user password nothing happens.

    Any suggestions

    Thank you
    Wednesday, May 22, 2019 1:00 AM

All replies

  • Hello,

    Are you following any guide to set this up ?

    If you are giving permissions in on-premise AD, how is Azure coming in to the picture ?  are you synchronizing these user accounts to Azure AD using AD Connect ?

    Wednesday, May 22, 2019 4:08 AM
  • Hi,

    Yes but the VMware documentation about this is not clear.

    So i created in Azure :

    • Azure AD Domain Services
    • VM with Windows Server 2016 ADAC

    It's not important to synchronise AD, because i work on POC. I don't have on-premise AD, just a VM with AD Administrative Center. 

    I realise that VMware want to connect to AADDC Computers OU on my domain.

    The domain join account have all rights except "Reset Password".

    I have no solution for the moment.


    Wednesday, May 22, 2019 12:50 PM