To deploy the Active Roles Administration Service on an Azure VM
-
Create a virtual machine (VM) based on a supported Windows Server image published in Microsoft Azure. For the list of Windows Server versions supported by Active Roles, see System requirements in the Active Roles Release Notes.
When creating the VM, on the Virtual machine configuration page, select the cloud service that you created for the SQL Server virtual machine in Deploying Microsoft SQL Server on an Azure VM. This will automatically select the correct virtual network as this cloud service is already used to host the SQL Server virtual machine.
-
Connect the newly-created VM to your Active Directory domain.
-
Connect to the VM using Remote Desktop, and run the Active Roles Setup wizard to install the Active Roles Administration Service. For more information, see Deploying the Administration Service.
When prompted for the service account, specify the appropriate user account defined in your Active Directory domain. Ensure that this user account is a member of the Administrators local group on the VM where you are installing the Administration Service. For example, this could be a domain user account that belongs to the Domain Admins group of your Active Directory domain.
When prompted for SQL Server, specify the name of the SQL Server you deployed in Deploying Microsoft SQL Server on an Azure VM.
-
To configure the Windows Firewall, run the following Windows PowerShell command on the VM where you installed the Active Roles Administration Service:
$allowedClientSubnets = @('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
New-NetFirewallRule -DisplayName "Active Roles" -Direction Inbound `
-Action Allow -Service 'aradminsvc' -RemoteAddress $allowedClientSubnets `
-Enabled True
To deploy the Active Roles Web Interface on an Azure VM
-
Create a virtual machine (VM) based on a supported Windows Server image published in Microsoft Azure. For the list of Windows Server versions supported by Active Roles, see System requirements in the Active Roles Release Notes.
When creating the VM, on the Virtual machine configuration page, select the cloud service that you created for the SQL Server virtual machine in Deploying Microsoft SQL Server on an Azure VM. This will automatically select the correct virtual network as this cloud service is already used to host the Active Roles Administration Service and SQL Server VMs. For more information, see Create Virtual Machine and Deploy to Virtual Network in Add a Virtual Machine to a Virtual Network.
-
Connect the newly-created VM to your Active Directory domain.
-
Connect to the VM using Remote Desktop, and run the Active Roles setup to install the Active Roles Web Interface. For more information, see Installing the Web Interface and Performing the initial configuration of the Web Interface.
When prompted, choose the option to connect to the Administration Service on the specified computer, and specify the fully qualified domain name of the VM you deployed in Deploying the Active Roles Administration Service on an Azure VM.
Configuring Active Roles for AWS Managed Microsoft AD
NOTE: This feature is officially supported starting from Active Roles 8.1.3 SP1 (build 8.1.3.10). It is not supported on Active Roles 8.1.3 (build 8.1.3.2) and earlier versions.
Active Roles supports deployment and configuration in the Amazon cloud to manage AWS Managed Microsoft AD instances hosted via AWS Directory Service.
This allows you to:
-
Synchronize directory data from an on-premises AD environment to AWS Managed Microsoft AD.
-
Synchronize passwords from an on-premises Active Directory to AWS Managed Microsoft AD (with certain limitations).
For more information about the Active Roles features supported with AWS Managed Microsoft AD, see Support for AWS Managed Microsoft AD in the Active Roles Feature Guide.
To manage AWS Managed Microsoft AD environments, you must deploy Active Roles in Amazon Web Services (AWS) in the following configuration:
-
Active Roles must be deployed on an Amazon Elastic Compute Cloud (EC2) instance or instances. For more information, see the Amazon Elastic Compute Cloud documentation.
-
The SQL Server required by Active Roles Administration Service must run on a separate Amazon Relational Database Service for Microsoft SQL Server (RDS for SQL Server) instance. For more information, see the Amazon RDS documentation.
-
The Active Directory environment must be hosted in AWS via AWS Directory Service. For more information, see the AWS Directory Service documentation.
NOTE: Support for AWS Managed Microsoft AD by Active Roles was tested only in this configuration. Active Roles does not officially support managing AWS Managed Microsoft AD environments in a hybrid deployment, that is, using an on-premises Active Roles and/or SQL Server installation and hosting AD via AWS Directory Service.