Forum Discussion

abhvp's avatar
abhvp
Copper Contributor
Jul 11, 2020

Getting error while provisioning managed domain using PowerShell

Hi All,   I am trying to provision Azure ADDS managed domain to prepare POC for my client. I used the same set of command earlier multiple times and didn't get any error. But today when I tried doi...
Azure AD Domain Services
Charbelhanna's avatar
Charbelhanna
Brass Contributor
Jul 14, 2020
Allow me to add, can you share the full set of commands that you have ran, before the ones that you have shared? did you confirm the dedicated subnet creation to host the ADDS domain services?

Thank you,
Charbel HANNA
  • abhvp's avatar
    abhvp
    Copper Contributor
    Jul 17, 2020

    Charbelhanna 

    Thank you for your reply. I can provision from console but cannot do so using PowerShell from my system and PowerShell prompt of console. I have created dedicated subnets as well. Here is full script that I am trying.

    Connect to Azure AD

    Create Group, user and add user to group

    Register-AzResourceProvider -ProviderNamespace Microsoft.AAD

    $ResourceGroupName = "abhayadadds"
    $AzureLocation = "eastus"

    # Create the resource group.
    New-AzResourceGroup `
    -Name $ResourceGroupName `
    -Location $AzureLocation

    $VnetName = "abhayVnet"

    # Create the dedicated subnet for AAD Domain Services.
    $AaddsSubnet = New-AzVirtualNetworkSubnetConfig `
    -Name DomainServices `
    -AddressPrefix 10.0.0.0/24

    $WorkloadSubnet = New-AzVirtualNetworkSubnetConfig `
    -Name Workloads `
    -AddressPrefix 10.0.1.0/24

    # Create the virtual network in which you will enable Azure AD Domain Services.
    $Vnet= New-AzVirtualNetwork `
    -ResourceGroupName $ResourceGroupName `
    -Location $AzureLocation `
    -Name $VnetName `
    -AddressPrefix 10.0.0.0/16 `
    -Subnet $AaddsSubnet,$WorkloadSubnet


    $AzureSubscriptionId = "My Subscription ID"
    $ManagedDomainName = "Managed domain name"

    # Enable Azure AD Domain Services for the directory.
    New-AzResource -ResourceId "/subscriptions/$AzureSubscriptionId/resourceGroups/$ResourceGroupName/providers/Microsoft.AAD/DomainServices/$ManagedDomainName" `
    -Location $AzureLocation `
    -Properties @{"DomainName"=$ManagedDomainName; `
    "SubnetId"="/subscriptions/$AzureSubscriptionId/resourceGroups/$ResourceGroupName/providers/Microsoft.Network/virtualNetworks/$VnetName/subnets/DomainServices"} `
    -Force -Verbose

    • Steve Parankewich's avatar
      Steve Parankewich
      Copper Contributor
      Sep 30, 2020

      abhvpThe fix is to specify the ApiVersion when you kick off New-AzResource... the code would be:

       

      New-AzResource -ResourceId "/subscriptions/$AzureSubscriptionId/resourceGroups/$ResourceGroupName/providers/Microsoft.AAD/DomainServices/$ManagedDomainName" `
      -Location $AzureLocation `
      -Properties @{"DomainName"=$ManagedDomainName; `
      "SubnetId"="/subscriptions/$AzureSubscriptionId/resourceGroups/$ResourceGroupName/providers/Microsoft.Network/virtualNetworks/$VnetName/subnets/DomainServices"} ` -ApiVersion "2017-06-01" -Force -Verbose

Resources