Thanks for another great video! Entra DS is all about taking those last few apps that depend on Kerberos for authentication and getting them out of the data center. It would be nice to see the next step of setting up app proxy and Kerberos constrained delegation. It would be interesting in a cloud native, passwordless world to see what's possible. Do we still need to reset passwords?
Travis, I've found, if I deploy EIDDS to a spoke identity network, I have to add routing back to the hub firewall, or resources can't resolve dns. Resources can query dns on EIDDS, but EIDDS doesn't have a route back to the resources for resolution. Have you seen this?
I have a Server 2022 VM that i Entra-ID joined, but under domain is still say workgroup? how can i change it to say "Entra-ID Joined" or do i have to create a workgroup call that?
Hi Travis, I wanted to do the same and and I did it to setup RADIUS server but seems its not syncing the user accounts and i was looking for any solution which will help us in this as we wanted to create RADIUS server without local ADDS or ADDS in cloud as well.
if we add the VM ip-address when creating the VM, or in the portal, then that IP address becomes a DHCP reserved address for that VM. - is it possible to access that DHCP service using the RSAT tools?
Azure VM's get their IP from the WireServer IP, not from Windows DHCP. The only way to set a static private IP in Azure VM's is by setting it on the virtual NIC in Azure.
Hi, thanks for the Video Tutorial. I however have a problem. I noticed that the AD DS and AD LDS tools after I installed them... I get Access Denied when I try to make basic changes to users in the Active Directory Users and Computers container. I am very certain the User I am logged into is part of the AAD DC Administrators group. Any assistance or pointers will be appreciated.
Add the DNS Server tools to the management computer; it's a feature that is not part of the AD DS tools. DNS on the managed domain can be managed from there.
Thanks for another great video! Entra DS is all about taking those last few apps that depend on Kerberos for authentication and getting them out of the data center. It would be nice to see the next step of setting up app proxy and Kerberos constrained delegation. It would be interesting in a cloud native, passwordless world to see what's possible. Do we still need to reset passwords?
Travis, I've found, if I deploy EIDDS to a spoke identity network, I have to add routing back to the hub firewall, or resources can't resolve dns. Resources can query dns on EIDDS, but EIDDS doesn't have a route back to the resources for resolution. Have you seen this?
Will Azure also provide an "Entra Enterprise CA" like service ???
- with auto-enrollment & renewals for the VM & connected devices?
I have a Server 2022 VM that i Entra-ID joined, but under domain is still say workgroup?
how can i change it to say "Entra-ID Joined" or do i have to create a workgroup call that?
Hi Travis,
I wanted to do the same and and I did it to setup RADIUS server but seems its not syncing the user accounts and i was looking for any solution which will help us in this as we wanted to create RADIUS server without local ADDS or ADDS in cloud as well.
if we add the VM ip-address when creating the VM, or in the portal, then that IP address becomes a DHCP reserved address for that VM.
- is it possible to access that DHCP service using the RSAT tools?
Azure VM's get their IP from the WireServer IP, not from Windows DHCP. The only way to set a static private IP in Azure VM's is by setting it on the virtual NIC in Azure.
Hi, thanks for the Video Tutorial. I however have a problem. I noticed that the AD DS and AD LDS tools after I installed them... I get Access Denied when I try to make basic changes to users in the Active Directory Users and Computers container. I am very certain the User I am logged into is part of the AAD DC Administrators group. Any assistance or pointers will be appreciated.
If the users are sourced from Entra ID, they may need to be updated in Entra ID and the changes will replicate to Entra DS.
hi, what is the password for dcaasadmin? becuause i cannot create any users in entra domain services using entra id admin user.
How does one manually add DNS entry???
How to add a TXT/A/AAA/CNAME record, or a SRV record when using Entra-DS?
Add the DNS Server tools to the management computer; it's a feature that is not part of the AD DS tools. DNS on the managed domain can be managed from there.
Great
list of reasons to use entra domain services:
1.