Excited about the Microsoft Marketplace?
Good morning, as the former BizApps PDM at Microsoft driving 100's of ISV solutions to the marketplace I wanted to ensure the community realized that the marketplace is now driving leads directly to partners from customers around the world exploring the marketplace. If you have been in the marketplace for a few months and are seeing little interest or leads it should guide you to further optimize your listing and also do a competitive analysis of other solutions in the marketplace. I am and have always been excited about the Microsoft Marketplace and hope you are too! - John O'Donnell https://www.linkedin.com/in/johnodonnellmsft/December edition of Microsoft Marketplace Partner Digest
Microsoft Ignite 2025 - Marketplace highlights Microsoft Ignite was packed with announcements and insights for Marketplace partners. From new commerce capabilities to AI-driven innovations, here are some key takeaways: Global expansion of Microsoft Marketplace - Microsoft announced that the reimagined Microsoft Marketplace, which launched in the U.S. earlier this year, is now globally available. This expansion includes new APIs for distribution partners, enabling them to link their own cloud marketplace with Microsoft’s, opening significant opportunities for software companies in SMB and mid-market segments. 🎬 Watch a recorded webinar with TD SYNNEX on the power of distribution to accelerate SMB marketplace sales. Global availability of Resale Enabled Offers - This capability allows software development companies to and channel partners to resell software solutions directly through Marketplace, simplifying transactions, expanding reach, and scaling revenue. 👉 Read more about this announcement and get started Introducing App Accelerate - A unified offer that brings together incentives, benefits, and co-sell support across the Microsoft Cloud. App Accelerate provides end-to-end technical guidance, developer tools, and go-to-market resources so software development companies can innovate and scale. Previews are beginning now, with full availability planned for 2026. ✅ Sign up to receive updates Enhanced Partner Marketing Center - Discover, customize, and launch campaigns faster with intelligent search and AI-powered tools—all on one connected platform. The current Partner Marketing Center will remain available as the new and enhanced Marketing Center platform launches in early 2026 with 24 campaigns-in-a-box, aligned to FY26 solution plays. ✨ Get ready for the new era of partner marketing Frontier Partner badge – New customer-facing badges recognize top services, channel, and software development company partners that are driving AI transformation with customers and offer them an opportunity to differentiate themselves from the competition. 🛡️Differentiate your AI-first leadership Catch up on Microsoft Ignite sessions Ignite 2025 delivered powerful insights and announcements for Marketplace partners, and now you can catch up on the sessions you missed. Explore these recorded keynotes to learn about new capabilities, partner programs, and strategies to accelerate growth through Microsoft’s ecosystem. Ignite opening keynote Ignite partner keynote: Powering Frontier Partnerships Additionally, we’ve compiled recordings of relevant Marketplace partner and customer sessions so you can watch on-demand. Revisit Marketplace-focused sessions and resources. Just look for the ✨ icon below. Partner sessions: PBRK415 Grow your business with Microsoft AI Cloud Partner Program Find out how the Microsoft AI Cloud Partner Program helps you grow with new benefits, designations, and skilling opportunities. This session covers updates like the Frontier Partner Badge, Copilot specialization, and streamlined Marketplace engagement—all designed to accelerate your AI transformation journey. PBRK416 Accelerate Growth through Partner Incentives Explore how Microsoft is boosting partner growth with streamlined incentives, AI-first strategies, and new designations like Frontier Distributor. This session covers expanded investments in Azure Accelerate, Copilot solutions, and security practices—plus insights on how to capitalize on evolving programs and co-sell opportunities. PBRK417 Partner: Connect, Plan, Win – Enhancing Co-sell Engagement Discover how to enhance collaboration, optimize joint efforts, and drive success in shared initiatives. Gain insights into improving interactions with Microsoft sellers and leveraging opportunities, along with guidance on proactive co-selling to align your goals with Microsoft's for sustained growth. PBRK418 Partner: Benefits for Accelerating Software Company Success Learn about the resources and benefits available for software development companies across all stages of the build, publish and grow journey in MAICPP. Whether you’re developing a new agent solution or working toward a certified software designation, there are targeted skilling opportunities, technical resources, and GTM benefits to help. Tap into new investments for AI apps and agents and hear from your peers on how they’ve used rewards such as customer propensity scores and Azure sponsorship. PBRK419 SI & Advisory Partner Readiness: Accelerating the Journey to Frontier Understand how Microsoft is empowering our SI and advisory partners to accelerate frontier firm readiness for our Enterprise customers by driving AI transformation with agentic solutions and services. ✨PBRK420 Executing on the channel-led marketplace opportunity for partners See how Microsoft’s unified Marketplace drives partner growth with resale-enabled offers, creating scalable channel sales and co-sell opportunities. This session shares practical steps to build a sustainable Marketplace practice and leverage the partner ecosystem for greater reach and profitability. PBRK421 Enabling a thriving partner ecosystem: New CSP Authorization Criteria Dive into what’s new for Cloud Solution Providers, including updated authorization requirements and designations that help you stand out. This session covers steps to choose the right tier, build trust as a customer advisor, and prepare for growth with AI-driven solutions and Copilot offerings. PBRK422 The Future of Partner Support: Customer + Partner + Microsoft Discover ‘Unified for Partners,’ Microsoft’s new support model designed for CSP partners to deliver customer success at scale. This session introduces the Support Services designation, offering faster response times, financial incentives, and integrated tools to strengthen your support capabilities. PBRK423 Partner Execution at Scale with SME&C Explore growth opportunities in the high-potential SME&C segment. This session highlights investments in co-selling, AI-first strategies, and what it means to become ‘customer zero,’ with examples of frontier firms driving innovation at scale. ✨PBRK424 Marketplace Success for Partners—from SMB to Enterprise Learn how to build, publish, and monetize AI-powered solutions through Microsoft Marketplace. This session shares a proven approach to align your Marketplace strategy with your sales motion and unlock new revenue opportunities. PBRK272 Accelerate Secure AI: Microsoft’s Security Advantage for Partners Explore Microsoft’s integrated security solutions and learn how to help customers strengthen their defenses in the AI era. This session highlights partner opportunities, resources to grow your security practice, and what it takes to lead as a next-generation security partner. Customer Sessions: ✨Microsoft Marketplace: Your trusted source for cloud solutions, AI apps, and agents | STUDIO47 Hear from Cyril Belikoff, VP of Commercial Cloud & AI Marketing, sharing the reimagined Microsoft Marketplace—the gateway to thousands of AI-powered apps, agents and cloud solutions—all built to accelerate innovation and drive business outcomes. Discover how customers benefit from faster deployment, seamless integration with Microsoft tools, and trusted solutions, and how partners can scale their reach, accelerate sales, and tap into Microsoft’s global ecosystem. Azure Accelerate in action: Confidently migrate, modernize, and build faster Join Cyril Belikoff for a rapid Q&A that spotlights real-world customer success and the transformative impact of Azure Accelerate. Hear how customers like Thomson Reuters achieved breakthrough results with our powerful offering that provides access to Microsoft experts and investments throughout your Azure and AI journey. ✨BRK213 Microsoft Marketplace: Your trusted source for cloud and AI solutions Discover how the reimagined Microsoft Marketplace is reshaping the future of cloud and AI innovation. In this session, we’ll explore how Microsoft Marketplace—unifying Azure Marketplace and Microsoft AppSource—empowers organizations to become Frontier Firms by streamlining the discovery, purchase, and deployment of tens of thousands of cloud solutions, AI apps, and agents. ✨BRK215 Boost cloud and AI ROI using Microsoft Marketplace As organizations embrace an AI-first future, cloud adoption is accelerating to drive innovation and efficiency. This session explores practical strategies to optimize cloud investments—balancing performance, scalability, and cost control. Learn how Microsoft Marketplace enables rapid solution deployment while maintaining governance, compliance, and budget discipline. Build a resilient, cost-effective cloud foundation that supports AI and beyond. Community Recap Partner of the Year Award Winners Congratulations to the winners and finalists of the 2025 Microsoft Partner of the Year Awards in the Marketplace category! 🏆 Explore all winners and finalists Fivetran earned the top honor as Marketplace Partner of the Year for its innovation in automating data movement on Microsoft Azure, enabling enterprises to accelerate AI and analytics initiatives. Varonis Systems Inc. and Bytes Software Services were recognized as finalists for delivering exceptional solutions and driving customer success through Marketplace. What’s Coming Up AI-powered acceleration: Scale faster in Microsoft Marketplace 📆 Thursday, December 04, 2025, at 9:00 AM PST Microsoft Marketplace is no longer just a procurement convenience; it’s a strategic revenue engine. Dive into operational readiness, CRM-native automation, seller engagement, trust signals, and AI-enabled acceleration. Whether you're just getting started or looking to optimize your Marketplace motion, this session will provide you with information that will turn your first sale into a repeatable growth engine. Scale smarter: Discover how resale enabled offers drive growth 📆 Friday, December 05, 2025, from 11:00 - 12:00 PM GTM+1 Discover how resale enabled offers help software development companies to scale through the Microsoft Marketplace by simplifying transactions, expanding reach and accelerating co-sell opportunities. Chart your AI app and agent strategy with Microsoft Marketplace 📆 Thursday, December 11, 2025, from 8:30 - 9:30 AM PST Organizations exploring AI apps and agents face a critical choice: build, buy, or blend. There’s no one-size-fits-all—each approach offers unique benefits and trade-offs. Tune in for insights into the pros and cons of each approach and explore how the Microsoft Marketplace simplifies adoption by providing a single source for trusted AI apps, agents, and models. Office hours for partners: Marketplace resale-enabled offers 📆 Thursday, December 18, 2025, at 8:30 AM PST Tune in to explore resale enabled offers through Microsoft Marketplace. This recently announced capability enables software companies to expand into new markets globally, at scale, and without additional operational overhead. Dive deep into the workflow and requirements for these deals. Learn about reporting and best practices from those that are already selling globally with resale enabled offers. Microsoft Ignite will return to San Francisco next year 📆 November 17-20, 2026 Sign up now to join the Microsoft Ignite early-access list and be eligible to receive limited‑edition swag at the event. 💬 Share Your Feedback! We truly appreciate your feedback and want to ensure these Partner Digests deliver the information you need to succeed in the marketplace. If you have any feedback or suggestions on how we can continue to improve the content to best support you, we’d love to hear from you in the comments below!Transitioning SaaS Offers with Multi-Year Pricing from AppSource to Azure Marketplace
When a SaaS transactable offer on Microsoft AppSource includes a pricing plan for more than 1 year, the offer is delisted from AppSource and becomes available on Azure Marketplace. This is due to the platform's structure: AppSource primarily supports monthly or annual subscription models for SaaS offers. Any pricing model that exceeds 1 year (e.g., 2-year, 3-year plans) is outside the scope of AppSource’s transaction capabilities. When a SaaS solution introduces https://learn.microsoft.com/en-us/partner-center/marketplace-offers/marketplace-commercial-transaction-capabilities-and-considerations, it is automatically transitioned to Azure Marketplace, which can accommodate longer-term contracts and subscription models (such as 2-year, 3-year, or longer terms). Azure Marketplace is designed for more complex transactions, including multi-year deals, and supports deeper infrastructure integration and contract management features compared to AppSource. Thus, any SaaS offer that requires multi-year pricing terms will shift from AppSource to Azure Marketplace, where such transactions can be handled effectively.Building an Agentic, AI-Powered Helpdesk with Agents Framework, Azure, and Microsoft 365
The article describes how to build an agentic, AI-powered helpdesk using Azure, Microsoft 365, and the Microsoft Agent Framework. The goal is to automate ticket handling, enrich requests with AI, and integrate seamlessly with M365 tools like Teams, Planner, and Power Automate.How we talk about the value of Microsoft Marketplace with customers
At Microsoft Ignite 2025, we introduced the reimagined Microsoft Marketplace to our customers as your trusted source for cloud solutions, AI apps, and agents. This brief, 20-minute breakout session talked about how Marketplace is empowering organizations to become Frontier Firms by streamlining the discovery, purchase, and deployment of tens of thousands of partner solutions. You can watch the session on the Ignite site or on YouTube and read the synopsis below to see how our team pitches Marketplace to our shared customers. We encourage you to provide this and our other customer-focused session on cost optimization to your customers! They can watch a Marketplace demo and learn more at Microsoft.com/Marketplace. BRK213 Microsoft Marketplace: Your trusted source for cloud and AI solutions How Microsoft Marketplace empower the shift to AI-first Frontier Firms are leading the shift to AI-first. Microsoft Marketplace, as an extension of the Microsoft Cloud, is empowering this Frontier transformation by connecting our customers to our partner ecosystem. Marketplace is unique in that customers can discover and purchase solutions in our storefront, in Microsoft products, and through distributed marketplaces through channel partners. Marketplace offers the largest catalog of AI apps and agents in the industry (4,000+ and growing), including so many of the leading innovators in this category. We’re seeing incredible momentum with customers adopting Marketplace: 2X+ sales growth again this year, 75% increase in average spend, and ~2X increase in AI solutions purchased. Microsoft Marketplace value AI apps and agents for every use case Marketplace allows you to choose thousands of AI apps and agents that match your scenario and stack, which simplifies deployment and decreases time-to-value. When you need to ground your AI solution, Marketplace has more than 11,000 models to choose from to ensure you get fast, relevant, and accurate context. You have confidence that solutions integrate natively so that employees can get what they need in the flow of work when using Microsoft products. Comprehensive catalog across cloud solutions and industries As organizations transition to becoming Frontier Firms, it fuels more cloud adoption. Marketplace has the most comprehensive catalog of solutions. Additionally, there are a host of business applications that meet exact needs in functions like HR, legal, and project management. You can access everything from Microsoft – a business partner you know and trust. Solutions come from vetted Microsoft partners which gives peace of mind with purchase. As tech buying responsibilities grow outside of IT, Marketplace keeps teams on the same page while allowing them to get what they need and supports try-before-you-buy scenarios with trials and POCs. Everything your organization buys through Marketplace is consolidated in a single view. Maximize investments with a consumption commitment A Microsoft Azure Consumption Commitment (MACC) commits your organization to a certain dollar amount of cloud spend. When you fulfill that commitment, it unlocks discounts on Azure infrastructure. Microsoft is unique in that we offer a 100% match on eligible solutions through Marketplace with no limit. Today, 85% of Microsoft customers with MACCs are buying through Marketplace. We have 3,800+ eligible solutions and that number grows every day. Integrated experience from discovery to deployment You can find and deploy solutions in our storefront but also in the Microsoft products you know and use every day -- agents in Microsoft 365 Copilot, apps in Teams, models in Microsoft Foundry, a host of solutions in Azure portal, and more. We’re continuing to build out capabilities that allow you to use AI for an even better Marketplace experience. For example, you can now get Marketplace recommendations using Copilot in Azure portal. As we look to make an AI-infused commerce platform, you’ll continue to see improvements here. Empower your channel, get the benefits of Marketplace We aim to empower customers to buy how they want to buy, whether that’s through us and our Marketplace or relying on the channel. If you procure technology through a channel partner, you can bring that partner to source Marketplace solutions on your behalf. One way to do that is through resale enabled offers, which allow partners to work together so software companies can defer the sales and integration of their products to their channel partners. This means your IT provider can better service you. We have several other channel-led Marketplace opportunities in our portfolio, and all a partner has to do is enroll.APAC Fabric Engineering Connection call
Are you a Microsoft partner that is interested in data and analytics? After a two-week break for Ignite and Thanksgiving, be sure to join us for this week's Fabric Engineering Connection calls! Yitzhak Kesselman will be presenting on the brand-new Microsoft Fabric IQ, just announced during Ignite, followed by Shuaijun Ye with Environment Best Practices. The Americas & EMEA call will take place Wednesday, December 3, from 8-9 am PT and the APAC call is Thursday, December 4, from 1-2 am UTC/Wednesday, December 3, from 5-6 pm PT. This is your opportunity to learn more, ask questions, and provide feedback. To participate in the call, you must be a member of the Fabric Partner Community Teams channel. To join, complete the participation form at https://aka.ms/JoinFabricPartnerCommunity. We look forward to seeing you at the calls!Americas & EMEA Fabric Engineering Connection call
Are you a Microsoft partner that is interested in data and analytics? After a two-week break for Ignite and Thanksgiving, be sure to join us for this week's Fabric Engineering Connection calls! Yitzhak Kesselman will be presenting on the brand-new Microsoft Fabric IQ, just announced during Ignite, followed by Shuaijun Ye with Environment Best Practices. The Americas & EMEA call will take place Wednesday, December 3, from 8-9 am PT and the APAC call is Thursday, December 4, from 1-2 am UTC/Wednesday, December 3, from 5-6 pm PT. This is your opportunity to learn more, ask questions, and provide feedback. To participate in the call, you must be a member of the Fabric Partner Community Teams channel. To join, complete the participation form at https://aka.ms/JoinFabricPartnerCommunity. We look forward to seeing you at the calls!Ushering in the Next Era of Cloud-Native AI Capabilities for Radiology
Introducing Dragon Copilot, your AI companion for PowerScribe One For radiologists, the reporting workflow of the future is here. At RSNA 2025, in Chicago, we’re showcasing Dragon Copilot, a cloud-native companion for PowerScribe One. Currently in preview, Dragon Copilot builds on the trusted capabilities of PowerScribe One to accelerate innovation and modernize reporting workflows while unlocking extensibility for radiology teams and partners. Why we built it: Technical drivers for a new era With growing demand for imaging services coupled with a workforce shortage, healthcare professionals face increased workloads and burnout while patients experience greater wait times. With our breadth of healthcare industry experience combined with our AI expertise and development at Microsoft, we immediately understood how we could help address these challenges. For radiologists, we sought to plugin into existing reporting workflows with rapid innovation, scalable AI, and open extensibility. How we built it: Modern architecture and extensibility By delivering Dragon Copilot as cloud-native solution built on Azure, we can enable new services globally. We apply the full capabilities of Azure for compute, storage, and security for high availability and compliance. Our modular architecture enables fast delivery of new features with APIs at the core to allow seamless integration, extensibility, and partner innovation. To imbue the workflow with AI through our platform, we harness the latest generative, multimodal, and agentic AI (both internal and through our partners) to support clinical reporting, workflow automation, and decision support. Key architectural highlights: AI services: Integrated large language models (LLMs) and vision-language models (VLMs) for multimodal data processing. API-first design: RESTful APIs expose core functions (draft report content generation, prior summarization, quality checks and chat) enabling partners and developers to build extensions and custom workflows. Extensibility framework: Open platform for 1st- and 3rd-party extensions, supporting everything from custom AI models to workflow agents. Inside the innovation Dragon Copilot alongside PowerScribe provides a unified AI experience. Radiologists can take advantage of the latest AI advancements without disruption to their workflows. They do not need another widget taking up room on their desktop. Instead, they need AI that fits seamlessly into existing workflows connecting their data to the cloud. Our cloud-first approach brings increased reliability, stability, and performance to a radiologists’ workflow. I’m thrilled to highlight the key capabilities of this dynamic duo: PowerScribe One with Dragon Copilot. Prior report summary: Automatically summarizes relevant prior reports, surfacing key findings, and context for the current study. AI-generated draft reports and quality checks: The most transformative aspect of Dragon Copilot is its open, extensible architecture for AI integration. We don’t limit radiology teams to a single set of AI tools. We enable seamless plug-ins for AI apps & agents from both Microsoft and our growing ecosystem of 3rd-parties. We provide a single surface for all your AI needs. This approach will enable radiology departments to discover, acquire, & deploy new AI-powered extensions. We’re enthusiastic about embarking on this journey with partners. We're also excited about collaborations with developers and academic innovators to bring their own AI models and services directly into the Dragon Copilot experience. Integrated chat experience with credible knowledge sources and medical safeguards: This chat interface connects radiologists to credible, clinically validated sources from Radiopedia and Radiology Assistant. It enables agentic orchestration and safeguards provided by Azure's Healthcare Agent Services for PHI and clinical accuracy. In the future, we expect to have a variety of other sources for radiology customers to choose from as well as the ability for organizations to add their own approved policies and protocols. This chat is designed to route questions to the right agent, provide evidence for claims, and filter responses for clinical validity. Over time, it will include extensions with custom agents powered by Copilot Studio. Help us shape what’s next As we continue to evolve Dragon Copilot alongside PowerScribe One, we invite innovators, developer partners, and academics to join us in shaping the future of radiology workflow. Dragon Copilot is more than a product; it’s a solution for rapid, responsible innovation in radiology. By combining cloud-native architecture, advanced AI capabilities, and open extensibility, we’re enabling radiology teams to work smarter, faster, and with greater confidence. Ready to see it in action? Visit us at RSNA 2025 (November 30–December 4), booth #1311 South Hall. Or contact our team to join the journey.Microsoft Entra Domain Services: Deploy, Join a VM, and Use Classic AD Tools
Microsoft Entra Domain Services (Entra DS) provides you with the functionality of managed domain controllers in Azure. This allows you to domain-join Windows Server VMs, use Group Policy, and manage DNS on a specially prepared vNet subnet without deploying and patching your own DC VMs. This post walks through: • Preparing your virtual network • Deploying Entra DS • Configuring DNS • Joining a Windows Server VM to the managed domain • Using AD DS and Windows Server DNS tools from that VM Prerequisites • An Azure subscription. • A Microsoft Entra tenant with a custom DNS domain verified (for example, zava.support). Entra DS uses this custom domain as the managed domain name. • Permission to create resource groups, VNets, and Entra DS. • Permission to manage Entra groups in the tenant (add administrators/configure RBAC). Step 1 – Create a resource group and virtual network 1. Create a new resource group in your chosen region to hold all Entra DS resources and VMs. 2. Create a virtual network (for example, zava-entra-dsvn) in that resource group (for example, address space: 172.16.0.0/16 (or a range that fits your environment). 3. Add a subnet dedicated to the Entra DS domain controllers (for example, zava-entra-dc). This subnet will host the managed domain controller resources created by Entra DS and you won’t actually deploy VMs there. Important Keep this DC subnet separate from your workload subnets. You can use NSGs, but avoid blocking Entra DS management traffic. Step 2 – Add a workload subnet for VMs 1. In the same virtual network, create a second subnet (for example, zava-domain-vms) for domain-joined workloads such as IIS VMs. This special subnet is where you’ll deploy the Windows Server VM that joins the Entra DS domain. Step 3 – Deploy Microsoft Entra Domain Services In the Azure portal, create a new Microsoft Entra Domain Services managed domain by performing the following steps: 1. Select the resource group you created earlier. 2. Confirm the DNS domain name (for example, zava.support)—this comes from your Entra tenant’s custom domain. 3. Choose the region (same region as the virtual network). 4. Keep the default Enterprise SKU unless you have a specific need for another. 5. On the Networking page: · Select the virtual network you created. · Select the DC subnet for the managed domain controllers. 6. On the Administration page note that the AAD DC Administrators group (legacy name shown in the portal) is effectively the Domain Admins equivalent for the managed domain. Any user you add to this group in Entra becomes a domain admin in Entra DS. 7. Configure synchronization scope between Entra and Entra DS. · All accounts (default) – synchronizes both cloud-only and synchronized users. · Cloud-only accounts – useful when you’re already syncing on-prem identities and you only want specific cloud accounts in Entra DS. 8. Review the Security settings page. By default: · NTLMv1 disabled. · You can enable/disable NTLM password sync, or effectively disable NTLM entirely. · RC4 encryption disabled by default. · Kerberos armoring enabled by default. · LDAP signing and LDAP channel binding enabled by default. 9. Review your configuration and create the Entra DS managed domain. Note after deployment, you cannot change: • The managed domain DNS name • Subscription • Resource group • Virtual network and subnet used by Entra DS Step 4 – Fix virtual network DNS with Entra DS health checks 1. Once deployment completes, open the Entra DS resource and go to View health. 2. Run the health checks. If the diagnostic reports that the virtual network DNS servers are not set to the Entra DS managed DC IPs, select Fix to automatically configure the VNet’s DNS servers. · In Entra DS, note the DNS server IPs (for example, 172.16.0.4 and 172.16.0.5). · In the virtual network’s DNS settings, confirm these IPs are configured as custom DNS servers. Tip Any VM in this virtual network that needs to join the managed domain must use these Entra DS DNS addresses. Step 5 – Add administrators to the AAD DC Administrators group 1. In the Entra admin center, go to Groups > All groups and locate AAD DC Administrators. 2. Open the group and add your primary admin account (for example, prime@zava.support) and add a dedicated domain admin–style account (for example, adds.prime@zava.support) to be the primary administrator for the managed domain. Important note: You’ll need to change the password of any Entra account you want to use in the managed AD DS domain after deploying Entra DS. This will configure password synchronization between Entra and Entra DS, allowing you to use the Entra account. If you don’t change the password, you’ll be unable to use the account with Entra DS even though it will function normally in other parts of Azure. This trips a lot of people up. Step 6 – Create a Windows Server IaaS VM on the workload subnet 1. In the Azure portal, create a new Windows Server VM (for example, an IIS server): 1. Place it in the same resource group. 2. Select the virtual network you created earlier. 3. Attach it to the workload subnet (for example, zava-domain-vms). 4. Configure a local administrator account (for example, username prime with a strong password). 2. On the Management blade, note the option “Login with Microsoft Entra ID”: 1. This enables direct Entra login to the VM but does not join the VM to the Entra DS domain. 2. For this walkthrough, you’ll join the VM to Entra DS using classic domain join so don’t need to enable this option. 3. Complete the wizard and deploy the VM. Step 7 – Connect to the VM and verify DNS 1. Once the VM is deployed, open the VM in the portal and select Connect > RDP. 1. Request a JIT RDP port opening if required. 2. Download the RDP file and open it with Remote Desktop Connection. 2. Sign in with the local administrator account you configured when deploying the VM and not your Entra account. 3. In the VM, open a command prompt and run: ipconfig /all 1. Confirm that the DNS servers are the Entra DS managed IPs (for example, 172.16.0.4 and 172.16.0.5). If DNS is wrong Double-check the VNet’s DNS settings and ensure the VM is attached to the correct virtual network and subnet, then restart the VM. Step 8 – Join the VM to the Entra DS domain 1. On the VM, open Server Manager and select Local Server. 2. Next to Workgroup, select the workgroup name to open System Properties (Computer Name tab). 3. Select Change… and then: · Under Member of, select Domain. · Enter the Entra DS domain name (for example, zava.support). 4. When prompted for credentials, use an account that’s a member of AAD DC Administrators, such as adds.prime@zava.support, and enter the password. 5. When you receive the confirmation that the computer has joined the domain, restart the VM. Step 9 – Sign in with an Entra DS domain account 1. After the VM restarts, reconnect via RDP using the VM’s public IP and: · Username: your domain UPN (for example, adds.prime@zava.support). · Password: the account’s password. 2. Confirm that you are signed in as a domain user in the Entra DS managed domain. Step 10 – Use AD DS and DNS tools on the domain-joined VM 1. Install and open Active Directory Users and Computers (RSAT) on the VM. · Browse the managed domain structure. · Notice containers such as AADDC Computers, AADDC Users, and groups like Domain Admins that map back to Entra groups. 2. Create an organizational unit (OU), for example IIS Servers, to contain IIS VMs. 3. Open Group Policy Management and: · Create a Group Policy Object targeting the IIS Servers OU. · Link and configure settings as required (hardening, IIS config, etc.). 4. Open the DNS Manager console on the VM, which now connects to the Entra DS–managed DNS servers. 5. Create a new Host (A) record, for example: · Name: iis3 · FQDN: iis3.zava.support · IP address: the appropriate internal address. 6. Open a command prompt and verify DNS resolution with: nslookup iis3.zava.support • Confirm it returns the correct IP address. Entra DS gives you familiar AD capabilities—domain join, Group Policy, and DNS—without the overhead of running and maintaining your own DC VMs in Azure. You can find out more at: https://learn.microsoft.com/en-us/entra/identity/domain-services/overviewSecure migration starts with trusted cloud and AI expertise
Modernizing legacy IT environments and moving securely to the cloud are top priorities for customers today. With the cloud migration market projected to reach $1.03 trillion 1 by 2030, representing an approximate 28% compound annual growth rate (CAGR), 2 organizations everywhere seek to strengthen their digital foundations—and they expect migrations to be secure, efficient, and tied to business outcomes. This is where partners make the difference. Your expertise speeds transformation and empowers customers to realize the full value of Microsoft Azure. Why modernizing legacy IT environments is essential Modernization is critical across industries. As software and hardware reach end of support, the risk of disruption rises. Unsupported systems create security gaps and operational challenges because they no longer receive essential updates. Meanwhile, regulatory pressure is mounting. Regulations like the EU’s Digital Operational Resilience Act (DORA) and mandates in financial services and data management demand secure, up-to-date infrastructure to stay compliant and avoid costly penalties. Modernization isn’t just about reducing risk; it’s about seizing the moment of innovation. Modern platforms support AI, automation, and advanced data capabilities. Customers can move faster, operate more efficiently, and respond rapidly to new opportunities by updating legacy systems. Your expertise positions them competitively at the frontier of AI and intelligent operations. Continue reading here
