Forum Discussion
Requirement to have an on-prem AD
HandA
on-prem AD is not required.
AD requirements:
Option 1: Domain controller that is synchronized with Azure Active Directory. The domain controller can be on-prem or in cloud. To synchronize with Azure Active Directory install Azure Active Directory Connect.
Option 2: Azure AD Domain Services domain in Azure (automatically synced with Azure Active Directory)
ADDS by itself we just retired on premise 3 weeks ago we use cloud authentication now and not having those noisy servers running all the time has been great! 415Group_Ray
The key things to ensure are
1. Make sure you have DNS set up on your vNet to point to the DNS IP's of the AADDS Dc's\DNS
2. Make sure you force a password change on the account you are using to join the wvd's to the domain
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization
"For cloud-only Azure AD environments, https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-instance#enable-user-accounts-for-azure-ad-ds in order for the required password hashes to be generated and stored in Azure AD. For any cloud user account created in Azure AD after enabling Azure AD Domain Services, the password hashes are generated and stored in the NTLM and Kerberos compatible formats. All cloud user accounts must change their password before they're synchronized to Azure AD DS."
3. The account used for the domain join doesn't have MFA enabled
I had problems with the domain join also for months but once i figured out I had to setup the environment in powershell first I got past it! 415Group_Ray
- I swear I've tried every article I could find on the matter (including those with PS commands). I still could not get passed domain joining my instance. I spent almost an entire day on it. Azure support was little help. If you could find the article you used I could give it a shot.
