Step 3. Deploy Active Roles Administration Service
Perform the following tasks to deploy the Active Roles Administration Service:
- Create a virtual machine based on a Windows Server 2016 image published in Windows Azure.
When creating the virtual machine, on the Virtual machine configuration page, select the Cloud Service that you created for the SQL Server virtual machine in Deploying Microsoft SQL Server. This will automatically select the correct Virtual Network as this Cloud Service is already used to host the SQL Server virtual machine. For further information, see Create Virtual Machine and Deploy to Virtual Network in Add a Virtual Machine to a Virtual Network.
- Join the newly created virtual machine to your Active Directory domain.
- Connect to the virtual machine using Remote Desktop, and run the Active Roles Setup wizard to install the Active Roles Administration Service (see Steps to deploy the Administration Service earlier in this document).
When prompted for the service account, specify the appropriate user account defined in your Active Directory domain. Ensure that this user account is a member of the Administrators local group on the virtual machine where you are installing the Administration Service. For example, this could be a domain user account that belongs to the Domain Admins group of your Active Directory domain.
When prompted for SQL Server, specify the name of the SQL Server you deployed in Deploying Microsoft SQL Server.
- Run the following Windows PowerShell command on the virtual machine where you have installed the Active Roles Administration Service, to configure Windows Firewall:
$allowedClientSubnets = @('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
New-NetFirewallRule -DisplayName "Active Roles" -Direction Inbound `
-Action Allow -Service 'aradminsvc' -RemoteAddress $allowedClientSubnets `
-Enabled True