Forum Discussion
Deploying Azure VM via DevOps pipeline and ARM template -- how to join to the domain?
Hello,
I am working on a DevOps pipeline that is able to deploy an Azure VM with an ARM template I've put together. The server is part of a workgroup when created, and I need to add a task to my pipeline that will join it to the domain. The problem is the VM is on an island -- it has a NIC and an IP assigned to it making it accessible via RDP but Windows firewall is on and this prevents any Powershell task in the pipeline from being able to remotely connect to it and run a script to join it to the domain. I would think this is a common issue encountered when setting up deployments in this way -- does anyone have a solution for this issue? Or does anyone have a slightly different method for deploying servers in this way and running remote scripts on them? Any help is greatly appreciated!
To join an Azure VM to a domain via DevOps.
Add Domain Join in ARM Template -
In the osProfile section of the ARM template, set domainToJoin, domainUsername, and domainPassword.
Use Custom Script Extension -If domain join can't be added directly, use Custom Script Extension with PowerShell -
Temporarily disable the firewall.
Run Add-Computer to join the domain.
Restart the VM and re-enable the firewall if needed.
Pipeline Task -In your DevOps pipeline, add an Azure CLI or PowerShell task to execute the Custom Script on the VM.
This approach joins the VM to the domain and manages firewall settings as needed.Try below:
# Disable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False# Join the domain
Add-Computer -DomainName "yourdomain.com" -Credential (Get-Credential) -Restart# Re-enable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
