This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 69%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Hello, I am trying to test the managed domain services to solve a current need. We currently have an on-prem data center where we have vCenter. We decided we wanted to be able to use SSO using our Azure identities and stop using local accounts. I want to be able to use the managed domain to create an ADFS on-prem and have my cloud identities synced over to on-prem and be able to then connect vcenter and use SSO with those identities. In the articles and guides, Microsoft recommends another subnet in the vnet and launching a Windows server to join the domain. What if I want to use the existing Windows server VM in my on-prem vCenter to join the domain? How would I accomplish this? I do not want to launch and pay for a Windows server when I already have an on-prem environment with resources to deploy VMs. Additional questions I have: How does one connect and manage the domain controllers after creating the managed domain service? Does the first Windows server to connect to the domain become a DC?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
@Peniel Bikila
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.
first, you need to set up a network connection between your on-prem environment and Azure, configure domain services in Azure, and then join your on-premises VM to the Azure domain.
to complete this steps you need to follow this documents
https://learn.microsoft.com/en-us/entra/identity/domain-services/join-windows-vm
https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/azure/
Hi Peniel Bikila,
If you want to use the existing Windows server VM in my on-prem vCenter and join to a domain you can follow below recommendations:
ping aaddscontoso.com. If the ping request fails, try to ping the IP addresses for the managed domain, such as ping 10.0.0.4. The IP address for your environment is displayed on the Properties page when you select the managed domain from your list of Azure resources.ipconfig /flushdns command.After that you connect and manage the domain controllers after creating the managed domain service, you can use the same Remote Server Administration Tools (RSAT) as with an on-premises Active Directory Domain Services domain. As Domain Services is a managed service, there are some administrative tasks that you can't perform, such as using remote desktop protocol (RDP) to connect to the domain controllers.
Regarding your additional questions:
References and additional help:
Let me know if you have additional doubts, Luis
If the information helped address your question, please Accept the answer.