Share via

ad on prem join with private resolver

ares 206 Reputation points
2024-09-04T18:55:50.44+00:00

Hi,

I have this scenario, i need to join azure vm to an active directory domain that has all the domain controllers on premises, the connection is with exspress route, i don't have dns or dc on cloud, can i use azure private resolver to query the active directory dns on prem for domain join and future queries? then the ad dns on prem can also use private resolver for query azure services?

can't find this use case any doc on this?

thanks

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
776 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,035 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,773 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sai Prasanna Sinde 6,645 Reputation points Microsoft External Staff Moderator
    2024-09-06T06:22:15.2766667+00:00

    Hi @ares,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    You can use Azure Private Resolver to query the Active Directory DNS on-premises for domain join and future queries. This is possible because Azure Private Resolver allows you to configure hybrid DNS resolution, which enables you to forward DNS queries from Azure to your on -premises DNS servers and vice versa.

    Here are the steps you can follow to achieve that:

    Configure Azure Private Resolver

    • Create an Azure DNS Private Resolver
    • Create a virtual network link in the zone to the virtual network where you deploy your Azure DNS Private Resolver
    • Create a DNS forwarding ruleset in the same region as your private resolver

    Configure On-Premises DNS Conditional Forwarders

    • Configure on-premises DNS conditional forwarders to forward queries to the Azure DNS Private Resolver

    Join Azure VM to Active Directory Domain

    • Join the Azure VM to the Active Directory domain using the Azure DNS Private Resolver to query the Active Directory DNS on-premises

    Note that you need to ensure that your ExpressRoute connection is properly configured to allow communication between your on-premises network and Azure.

    For reference: https://learn.microsoft.com/en-us/azure/dns/private-resolver-hybrid-dns

    https://learn.microsoft.com/en-us/azure/architecture/networking/architecture/azure-dns-private-resolver

    Kindly let us know if the above helps or you need further assistance on this issue.

    If the answer is helpful, please click "Accept Answer" and "Upvote it" so that other community members can find the right answers.

    Thanks,

    Sai Prasanna.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.