TFS Dual-Tier on Azure with Azure Active Directory - azure

So, I'm trying to setup TFS 2017 on Azure with separate App tier VM and DB tier VM. I'm trying to connect them but apparently you can only do multi-tier when in an AD. Am I able to use solely Azure Active Directory for this? If so, how do I set it up? I've not see any instructions on how to properly do this.
Thanks!

Your issue is similar to this case on ServerFault. Usually, you need follow the steps below:
create virtual network
put your vms into that virtual network so they will be in the same network and domain works
join the domain
install TFS AT server and DT server.
Note: If you get error An Active Directory Domain Controller (AD DC) for the domain “x.x.com” could not be contacted when join a Windows 2012 R2 server to a domain in Windows Azure, check the solution here: http://www.itexperience.net/2014/06/06/an-active-directory-domain-controller-ad-dc-for-the-domain-x-x-com-could-not-be-contacted-windows-azure/
Useful guide can be downloaded from: http://vsarplanningguide.codeplex.com/downloads/get/842516

Related

Azure migrate from VMware host not found

I am trying to migrate a VM from VMWare to Azure portal. the VM appliance is configured . But the hosts are not recognized . What is the solution for this.
When you mention 'Hosts are not recognized', are you unable to discover them via the Portal? or do you receive any specific error message? Are you using agentless or agent-based migration? Please do more details on your scenario:
Couple of things you could try to isolate the issue:
Review the "Status" in the Azure Portal.
If this doesn't work and you're discovering VMware servers:
Verify that the vCenter account you specified has permissions set
correctly, with access to at least one VM.
Azure Migrate can't discovered VMware VMs if the vCenter account has
access granted at vCenter VM folder level. Learn more about scoping
discovery. Kindly review the requirement and common app discovery errors to tackle any errors you may be receiving.

How to add AD FS Server to authenticate against AD

I'm trying set up a Primary AD FS 3.0 Server in Windows Azure for Office 365 Single Sign-On. I have no idea how to add a VM I provisioned to the local domain.
I've been following the directions here http://office365support.ca/setting-up-the-primary-ad-fs-3-0-server-in-windows-azure-for-office365-single-sign-on/ and can't proceed because I can't figure this out. Can someone please help me?
Not sure if you want to Promote a Windows 2012R2 Server to Domain Controller or Install a new Active Directory forest on an Azure virtual network but these two articles should cover everything.

Azure Website connecting to Virtual Machine

I have an Azure Website and it is required to consume an elastic search service that's running on a VM.
Although I need to be able to lock the access to elastic search down so only the Azure Website can access it, I can't seem to work out how to do this using the endpoint configuration on the VM.
Am I looking in the wrong place?
Thanks
Carl
You will need to setup a Hybrid Connection between your Web Site and the VM:
Hybrid Connections create a safe tunnel between your Web Site and a VM for example. The screenshot shows the integration between a Web Site and the corporate network, but this also works for VMs running in Azure.
The only requirement is that you install the Hybrid Connection Manager on your VM. More information:
http://azure.microsoft.com/en-us/documentation/articles/integration-hybrid-connection-overview/

Can we integrate with Cloud Service and internal AD environment

I would like to ask one question as title. In some requirements we want to use internal AD account to run an application pool which was hosted in cloud service. And we found the instance of the cloud service does not in internal AD environment. Seems we should do some integration configuration before, but I don’t have any idea about it. Any suggestions?
Jeff, you would need to do the following:
1) Setup a Virtual Network in Azure.
Virtual Network: http://msdn.microsoft.com/en-us/library/azure/jj156007.aspx
2) Setup a VPN from your on-premise network to the Azure Virtual Network (VNET). You can use either a Point-to-Site (basically server-to-network) or Site-to-Site (network-to-network) VPN.
Site-to-Site: https://azure.microsoft.com/documentation/articles/vpn-gateway-site-to-site-create/
Point-to-Site: https://azure.microsoft.com/documentation/articles/vpn-gateway-point-to-site-create/
3) Create at least one Virtual Machine and configure it as a Domain Controller that is joined to your on-premise Domain. This DC will no different to any other DC you'd setup on-premise.
Stand-alone DC in Azure: http://msdn.microsoft.com/en-us/library/dn275963.aspx
4) Domain-join your Virtual Machines or Paas Web / Worker roles. Web / Worker Roles are slightly tricky but it can be done.
A bit old, but gives you an idea: http://blogs.msdn.com/b/windows_azure_connect_team_blog/archive/2010/12/10/domain-joining-windows-azure-roles.aspx
Then the last thing is to setup App Pool user's as you would normally.
HTH
You can integrate your on-premise Active Directory with your Azure Active Directory.
See: Azure Active Directory

Azure Cloud Domain Controller servicing mobile desktops with Azure Connect?

Given the recent updates to Windows Azure I am wondering if it is possible to create a domain controller and file server on Azure, then connect 10 to 20 remote workers using Azure Connect to this "virtual office".
My primary interest is whether or not a domain controller can exist in the cloud and service desktops with Active Directory as they roam. This would eliminate the need for an onprem server for a small business. Active Directory would be used for desktop logins and group policies, and potentially to authenticate a hosted file server, sharepoint instance, etc.
I see a lot of posts about domain controllers servicing offices over a VPN, and replicated azure domain controllers to onprem domain controllers, but nothing about whether a domain controller can run in the cloud and service roaming desktops (presumably with azure connect).
I am excited and ready for someone to tell me it's not possible. LOL
Yes this is possible, there are 2 tutorials that can help you with this:
The first one will help you setup a virtual network: Create a Virtual Network for Cross-Premises Connectivity
The second one will help you to install a new AD Forest in Windows Azure: Install a new Active Directory forest in Windows Azure

Resources