Configuring Azure virtual network DNS for deploying Windows Server Active Directory

Until recently I was not involved much with cloud computing, although I’ve been experimenting with some of the cloud technologies for quite some time. This was mainly due to type of customers I work for and specific demands presented to IT infrastructure I deal with. Anyway, I’ve just started to explore different scenarios and I came across a strange problem when I tried to deploy my DC and some Windows failover clusters in Azure using IaaS. I won’t tell you how to deploy above mentioned scenario (there is a lot of official Microsoft documentation out there), but rather what was and how I solved the problem. Here I must say thank you to my colleagues Marin Franković and Tomica Kaniški who actually told me how they configured Virtual Network – that was the solution.

For any Windows Server Active Directory deployment scenario that includes more than a single VM, it is necessary to use an Azure virtual network –  you must create virtual network and place the servers in it. I created Virtual Network, then my first VM, promoted it to DC and then I configured DNS for my virtual network. In Azure all VMs are assigned dynamic IP addresses – in your virtual network from the address space you defined when creating network. First available address in any subnet is always x.x.x.4 and this is the IP of your just installed DC. Since that DC is also a DNS for your domain you must configure it as DNS for your virtual network.

If you configure DNS for your virtual network after you installed your DC it won’t work. At least it didn’t for me. I couldn’t add any later created VMs to domain, they couldn’t access internet, couldn’t activate Windows and so on. Of course they were all in the same virtual network. I tried several times from scratch – no luck. The solution is to configure DNS (IP x.x.x.4) just after you created the virtual network and then install all the VMs you have to. It doesn’t seem logical to configure DNS before you actually have it in place, but it was the only way I could make it work. Go to virtual networks in your Azure portal and configure DNS as described. You can give it any name you like – I prefer FQDN of my DC/DNS.

Azure-virtual-network-DNS

Please remember that you must ensure that the same IP address is assign to your DC every time it reboots. It can only be configured by using Azure PowerShell – see Configure a Static Internal IP Address (DIP) for a VM. I recommend that you do that for every server you have. If you shut down DC for what ever reason and start some other VM, without static IP, before that DC it will be assign first available IP – your DC IP. This is something you don’t want to happen.