How to join a Windows Server computer
to AzureAD


Since Windows Server VMs cannot be directly joined to Azure AD, you need to setup an Azure AD Domain Service (AAD DS). • It will be synchronized with your Azure AD and allow the VM to join the domain. In fact, AAD DS is an online Domain Controller allowing us to join computers to azure using the standard way like with an on-premises domain. Therefore, it requires also a VPN between the VMs and the Azure Network. Here is a good link explaining AAD DS.



Build a Windows Server based VM


Setup AAD DS in your Azure account by following these 5 steps.

1- Task 1 Enable Azure AD Domain Services

2- Task 2 Configure network settings

3- Task 3 Configure administrative group and Deploy your managed domain

4- Task 4 Update DNS settings for the Azure virtual network

5- Task 5 Enable password hash synchronization to your managed domain for cloud-only user accounts

Note that the Azure AD user will have to reset the password in order to synchronize it to AAD DS and be able to join a computer to the domain.


In your Azure portal,

Add members in the AAD DC Administrator group. These users will be authorized to join a VM to the domain.

1. Click on Azure Active Directory then Groups and select ADD DC Administrator group

2. Then add the wanted users as member

Ask the added members to reset their password in order to synchronize it to the created domain. It will take about 20 minutes before they can join a computer to the domain


In your V2Cloud dashboard, create a Windows Server AD Directory

Note that a number has been added to the entered domain name to create the identifier. This happen because a directory having the same domain name already exists.


Add Domain User Accesses to your VMs

There is multiple way to add a Domain User Access to a VM:

Directly from the Directories pages, click on the Actions button of the directory, click on Add VM access then select the VM you want to link to this directory. Note that you can add VM access in bulk by selecting multiple VMs.

Or from the VM details page, click on the Add user access button, select Domain tab then Select the directory you want to bind the VM to.

You can allow all the users of your directory by checking the option include all users from this directory or only a specific user by entering his email and information.

To add multiple specific user accesses just re-do this step.

A flag telling you that the VM is linked to the Directory will appear.


You are done!

You can log as you AD user from the V2Cloud Login page using your directory identifier and your email.