Lab 1: Getting Started with Windows Azure Virtual Machines

To prepare for exploring Windows Azure IaaS, complete these 5 tasks to make sure you have access to the necessary resources and tools:

  1. Sign-up for your FREE Windows Azure 90-day Trial Account.
    Sign-up for a FREE 90-day trial of Windows Azurehereso that you have a subscription for completing this lab.
    During the Free Trial sign-up process, you will be asked for credit card information to confirm that you are a legitimate free trial subscriber.Your credit card information is only used to confirm your identity and you will NOT be charged for any Windows Azure services unless you explicitly convert your trial subscription to a paid subscription at a later date.
    NOTE: If you already have a paid subscription or MSDN subscription for Windows Azure,please ensure that you have activated the Windows Azure Virtual MachinesPreview Feature at Whensigning up for a new free trial account, this feature will automatically be activated.

2.Login to the Windows Azure Management Portal.

Login to the web-based Windows Azure Management Portalat the same logon credentials you used to sign-up for the FREE 90-day Trial above.Once you’ve logged in, you should see the main Windows Azure Management portal dashboard.

Windows Azure Management Portal dashboard
On the Windows Azure Management Portal, you’ll find the options (highlighted in the image above) for managing Virtual Machines, Virtual Networks and Storage in the cloud. These are the items you’ll be primarily working with in this lab series.

  1. Define a new Windows Azure Affinity Group.
    Affinity Groups in Windows Azure are used to group your cloud-based services together, such as Virtual Machines, Virtual Networks and Storage, in order to achieve optimal performance.When you use an affinity group, Windows Azure will keep all services that belong to your affinity group running within the same data center as close as possible to each other to reduce latency and increase performance.
    Create a new Affinity Group by selecting Settingsfrom the side navigation bar in the Windows Azure Management Portal.
    On the Settings page, select Affinity Groupsfrom the navigation bar.
    Click the +CREATE button on the bottom navigation bar.

    Creating a new Affinity Group in Windows Azure
    On the Create Affinity Group form, enter the following details:
    Name: Enter a unique name for your new Affinity Group, such as XXXlab01 (where XXX is replaced with your initials)
    Region: Select the closest Windows Azure data center region to your locale.This is the data center region in which your services will be provisioned. Be sure to select one of the Windows Azure data center regions in which theVirtualMachines preview offer is currently enabled:
    Select East US or West US based on proximity to your physical location.
  2. Create a new Windows Azure Storage Account.
    Virtual Machines that are provisioned in Windows Azure are stored in the world-wide cloud-based Windows Azure Storage service.In terms of high availability, the Storage service provides built-in storage replication capability – where every VM is replicated to three separate locations within the Windows Azure data center region you select.In addition, Windows Azure Storage provides a geo-replication feature for also replicating your VMs to a remote data center region.
    Create a new Storage account by clicking the +NEW button on the bottom toolbar in the Windows Azure Management Portal and then select Data Services | Storage | Quick Create.

    Creating a new Storage account in Windows Azure
    Complete the following fields for creating your Storage account:
    URL: Enter a unique name for your new storage account, such as XXXlabstor01 (where XXX is replaced with your initials)
    Region/Affinity Group: Select the Affinity Group you created in Step 3 above.
    Enable Geo-Replication: By default, this option is selected.Leave the default option in place.
    Click the CREATE STORAGE ACCOUNT button to create your new Windows Azure Storage account.

Lab 2: Building a Windows Server 2012 Active Directory Forest in the Cloud with Windows Azure

In this Step-by-Step guide, you will learn how to:

  • Register a DNS Server in Windows Azure
  • Define a Virtual Network in Windows Azure
  • Deploy a new Windows Server 2012 VM in Windows Azure
  • Configure a Windows Server Active Directory Forest in a Windows Azure VM

Exercise 1: Register a DNS Server in Windows Azure

Register the internal IP address that our domain controller VM will be using for Active Directory-integrated Dynamic DNS services by performing the following steps:

  1. Sign in at the Windows Azure Management Portal with the logon credentials used when you signed up for your Free 90-Day Windows Azure Trial.
  2. Select Networks located on the side navigation panel on the Windows Azure Management Portal page.
  3. Click the +NEW button located on the bottom navigation bar and select Networks | Virtual Network | Register DNS Server.
  4. Complete the DNS Server fields as follows:
    NAME: XXXlabdns01
    DNS Server IP Address: 10.0.0.4
  5. Click the REGISTER DNS SERVER button.

Exercise 2: Define a Virtual Network in Windows Azure

Define a common virtual network in Windows Azure for running Active Directory, Database and SharePoint virtual machines by performing the following steps:

  1. Sign in at the Windows Azure Management Portal with the logon credentials used when you signed up for your Free 90-Day Windows Azure Trial.
  2. Select Networks located on the side navigation panel on the Windows Azure Management Portal page.
  3. Click the +NEW button located on the bottom navigation bar and select Networks | Virtual Network | Quick Create.
  4. Complete the Virtual Network fields as follows:
    NAME: XXXlabnet01
    Address Space: 10.---.---.---
    Maximum VM Count: 4096 [CIDR: /20]
    Affinity Group: Select the Affinity Group defined in the Getting Started steps from the Prerequisites section above.
    Connect to Existing DNS: Select XXXlabdns01 – the DNS Server registered in Exercise 1 above.
  5. Click the CREATE A VIRTUAL NETWORK button.

Exercise 3: Deploy a New Windows Server 2012 VM in Windows Azure

In this exercise, you will provision a new Windows Azure VM to run a Windows Server 2012 on the Windows Azure Virtual Network provisioned in Exercise 2.

  1. Sign in at the Windows Azure Management Portal with the logon credentials used when you signed up for your Free 90-Day Windows Azure Trial.
  2. Select Virtual Machines located on the side navigation panel on the Windows Azure Management Portal page.
  3. Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machines | From Gallery.
  4. In the Virtual Machine Operating System Selection list, select Windows Server 2012Datacenter and click the button.
  5. On the Virtual Machine Configuration page, complete the fields as follows:
    Virtual Machine Name: XXXlabad01
    New Password and Confirm Password fields: Choose and confirm a new local Administrator password.
    Size: Small (1 core, 1.75GB Memory)
    Click the button to continue.
    Note: It is suggested to use secure passwords for Administrator users and service accounts, as Windows Azure virtual machines could be accessible from the Internet knowing just their DNS.You can also read this document on the Microsoft Security website that will help you select a secure password:
  6. On the Virtual Machine Mode page, complete the fields as follows:
    Standalone Virtual Machine: Selected
    DNS Name: XXXlabad01.cloudapp.net
    Storage Account: Select the Storage Account defined in the Lab 1.
    Region/Affinity Group/Virtual Network: Select XXXlabnet01 – the Virtual Network defined in Exercise 2 above.
    Virtual Network Subnets: Select Subnet-1 (10.0.0.0/23)

Click the button to continue.

  1. On the Virtual Machine Options page, complete the field as follows:

Availability Set: Select None

Click the button to begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Windows Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning).When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next exercise in this guide.

  1. After the new virtual machine has finished provisioning, click on the name ( XXXlabad01 ) of the new Virtual Machine displayed on the Virtual Machines page of the Windows Azure Management Portal to open the Virtual Machine Details Page for XXXlabad01.

Exercise 4: Configure a Windows Server Active Directory Forest in a Windows Azure VM

In this exercise, you will install and configure a new Windows Server 2012 Active Directory Forest on the VM deployed in Exercise 3.

  1. On the Virtual Machine Details Page for XXXlabad01, make note of the Internal IP Address displayed on this page.This IP address should be listed as 10.0.0.4.
    If a different internal IP address is displayed, the virtual network and/or virtual machine configuration was not completed correctly.In this case, click the DELETE button located on the bottom toolbar of the virtual machine details page for XXXlabad01, and go back to Exercise 2 and Exercise 3 to confirm that all steps were completed correctly.
  2. On the virtual machine details page for XXXlabad01, click the Attach button located on the bottom navigation toolbar and select Attach Empty Disk.Complete the following fields on the Attach an empty disk to the virtual machine form:
    Name: XXXlabad01-data01
    Size: 10 GB
    Host Cache Preference: None
    Click the button to create and attach the new virtual hard disk to virtual machine XXXlabad01.
  3. On the virtual machine details page for XXXlabad01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.Logon at the console of your virtual machine with the local Administrator credentials defined in Exercise 3 above.
    Wait for the Server Manager tool to launch before continuing with the next step.
  4. In the Server Manager window, format the disk attached in Step 2 above by launching the Computer Management tool from the Tools menu located on the top navigation bar.
  5. In the Computer Management window, click on Disk Management in the left navigation pane.
  6. When prompted with the Initialize Disk dialog box, click the OK button to continue.
  7. Right-click on the unallocated disk space on Disk 2 and select New Simple Volume… from the pop-up menu.
  8. In the New Simple Volume Wizard, click the Next button on each page to accept all default values.
  9. Click the Finish button on the last page of the wizard to create a new F: volume.
  10. When the new volume has finished the formatting process, close the Computer Management window.
  11. In the Server Manager window, install Active Directory Domain Services by launching the Add Roles and Features wizard from the Manage menu located on the top navigation bar.
  12. In the Add Roles and Feature Wizard dialog box, click the Next button three times to advance to the list of Roles to install.
  13. In the list of roles, check the checkbox for the Active Directory Domain Services role.When prompted to add additional features, click the Add Features button.
  14. Click the Next button until you advance to the Confirm installation selections page of the wizard.Click the Install button to begin the installation process.
  15. When the installation of Active Directory Domain Services has completed, do not click the Close button.Instead, click the link titled Promote this server to a domain controller.
    This will launch the Active Directory Domain Services Configuration Wizard.
  16. In the Active Directory Domain Services Configuration Wizard dialog box, select the deployment operation for Add a new forest.
  17. In the Root domain name: field, enter contoso.comas the name of the root domain in the new Active Directory forest.Click the Next button.
  18. On the Domain Controller Options page of the wizard, enter and confirm a recovery password in the Directory Services Restore Mode (DSRM) password fields.Click the Next button.
  19. On the DNS Options page of the wizard, ignore the warning message and click the Next button to continue.
  20. On the Additional Options page of the wizard, accept the default value for NetBIOS domain name and click the Next button.
  21. On the Paths page of the wizard, change the Database folder, Log files folder and SYSVOL folder paths to begin with F: instead of C:.Click the Next button.
  22. On the Review Options page, click the View Script button.A PowerShell script snippet will be displayed in a Notepad window.This snippet includes the cmdlets needed to Install a new Active Directory forest via PowerShell with the options selected in the wizard.Save this snippet to your Documents folder for future reference as a file named PSSnippet-Install-ADDSForest.ps1 and close the Notepad window.
  23. On the Review Options page, click the Next button.
  24. On the Prerequisites Check page, ignore the warnings displayed and click the Install button.The warnings displayed are due to the dynamic IP addressing used within Windows Azure Virtual Networks and do not apply to this cloud environment.
    The Active Directory Domain Services configuration process will be begin for the new AD Forest.
    When the Active Directory configuration process is complete, the server will automatically restart.

Lab 3: Adding a Windows Server 2012 Replica Domain Controller to Active Directory in the Cloud with Windows Azure

In this lab, you’ll be working through the approach of adding a new Windows Server 2012 Replica Domain Controller to the Windows Server Active Directory Forest built in the prior Step-by-Step guide referenced above.When complete, the cloud-based lab environment will resemble the below diagram with two Active Directory DCs.


Lab Scenario: Active Directory DCs on Windows Azure

This lab scenario will serve also serve as the basis for future labs, where you will be adding Member Servers to this same Virtual Network in the Windows Azure cloud.

In this lab, you will learn how to:

  • Deploy a new Windows Server 2012 VM in Windows Azure
  • Configure a Windows Server Active Directory Replica Doman Controller in a Windows Azure VM
  • Configure an Availability Set in Windows Azure
  • Export / Import Lab Virtual Machines

Exercise 1: Deploy a New Windows Server 2012 VM in Windows Azure

In this exercise, you will provision a new Windows Azure VM to run a Windows Server 2012 on the Windows Azure Virtual Network provisioned in Lab 2.

  1. Sign in at the Windows Azure Management Portal with the logon credentials used when you signed up for your Free 90-Day Windows Azure Trial.
  2. Select Virtual Machines located on the side navigation panel on the Windows Azure Management Portal page.
  3. Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machines | From Gallery.
  4. In the Virtual Machine Operating System Selection list, select Windows Server 2012, December 2012 and click the button.
  5. On the Virtual Machine Configuration page, complete the fields as follows:
    Virtual Machine Name: XXXlabad02
    New Password and Confirm Password fields: Choose and confirm a new local Administrator password.
    Size: Small (1 core, 1.75GB Memory)
    Click the button to continue.
    Note: It is suggested to use secure passwords for Administrator users and service accounts, as Windows Azure virtual machines could be accessible from the Internet knowing just their DNS.You can also read this document on the Microsoft Security website that will help you select a secure password:
  6. On the Virtual Machine Mode page, complete the fields as follows:
    Connect to an Existing Virtual Machine: Selected
    Virtual Machine name to Connect: XXXlabad01
    Storage Account: Select the Storage Account defined in Lab 1.
    Region/Affinity Group/Virtual Network: Select XXXlabnet01 – the Virtual Network defined in Lab 2.
    Virtual Network Subnets: Select Subnet-1 (10.0.0.0/23)
    Click the button to continue.
  7. On the Virtual Machine Options page, click the button to begin provisioning the new virtual machine.
    As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Windows Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning).When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next exercise in this guide.
  8. After the new virtual machine has finished provisioning, click on the name ( XXXlabad02 ) of the new Virtual Machine displayed on the Virtual Machines page of the Windows Azure Management Portal to open the Virtual Machine Details Page for XXXlabad01.

Exercise 2: Configure a Windows Server 2012 Replica Domain Controller

In this exercise, you will install and configure a new Windows Server 2012 Replica Domain Controller on the VM deployed in Exercise 1.