Join a VM to existing AD Domain using ARM template in Azure Dev Test Lab

May 17, 2016 | Tarun Arora | 3 min read

DevOps Azure AzureDevTestLabs ARM

Twitter Facebook Linkedin Email WhatsApp

---

Learn how to domain join your Azure DevTestLab VM to with an Active Directory Domain Controller using a powershell artifact. We’ll trigger this process from VSTS. The private artifact repository will also be available & exposed in DevTestLab for virtual machines in the lab.

Scenario

While provisioning a virtual machine in the AzureDevTest Lab you would like the newly provisioned virtual machine to be joined up to an existing Active Directory Domain Controller. This can be achieved by running a PowerShell script, that is wrapped up as an artifact. This artifact can be exposed in the DevTestLab via a private artifact repository.

In this blogpost I’ll show you how you can leverage a private artifact repository which intern uses powershell script to join your newly created Azure virtual machine in Azure DevTest Lab to an existing active directory domain.

Domain Join Artifact

The JoinDomain PowerShell script and Artifactfile json file is available for download on my gitHub repository

• Artifactfile.json
• JoinDomain.ps1

Download the artifact and use the instructions here to set up your private artifact repository. DevTestLabs support both Git and VSTS as artifact repository endpoints…

Once you have the private artifact repository set up and the Join Domain Artifact added, in the Azure Portal you should see something like this…

Plug in Domain Join Artifact to your ARM template

We’ll see how easy it is to add this private artifact script into your Azure DevTestVM ARM template. If you don’t already have an ARM template then refer to my blogpost here that shows you how to achieve this.

In your AzureDevTestLab ARM template add the following three parameters…

    /* Join Domain Parameters */
        "Join_Domain_Domain": {
        "type": "string",
        "defaultValue": "myDomain.net"
        },
        "Join_Domain_UserName": {
        "type": "string"
        },
        "Join_Domain_Password": {
        "type": "string"

Supplement the artifact section of the template with the following artifact…

        "artifacts": 
        [          
            /* Join Domain */
            {
                "artifactId": "[resourceId('Microsoft.DevTestLab/labs/
                        artifactSources/artifacts', parameters('labName'), 
                        'privaterepo170', 'JoinDomain')]",
                        
                "parameters": 
                [
                    {
                        "name": "Domain",
                        "value": "[parameters('Join_Domain_Domain')]"
                    },
                    {
                        "name": "UserName",
                        "value": "[parameters('Join_Domain_UserName')]"
                    },
                    {
                        "name": "Password",
                        "value": "[parameters('Join_Domain_Password')]"
                    }
                ]
            }
        ]

Commit the changes to the repository…

Provision a new virtual machine in DevTestLab & trigger Join Domain artifact

I will use VSTS to trigger the deployment of the Azure DevTestLab ARM template. If you don’t want to use VSTS, you could deploy from this template directly from the Azure portal. In case you want to use VSTS to deploy a new Virtual Machine in an existing Azure DevTestLab then follow these instructions

Ammend the build definition to include the values for the three variables added to the ARM template.

Ensure that you add these variables into the template parameters section of the task.

Trigger a new build to create a new VM in an Azure DevTestLab to provision a new VM that runs the private artifact to domain join the newly provisioned virtual machine…

Validate that the JoinDomain artifact worked successfully

To validate the execution of the JoinDomain artifact navigate to the resource group of the newly deployed virtual machine. Click on deployments from the settings blade to load the history of all deployments that have taken place against this resource group.

The deployments blade will show you the full history of all deployments as well as the details of the artifacts run up against the resource group. You also have the ability to rerun the deployments of the artifacts from here. As you can see in the below screen shot, it is also possible to see the actual parameters passed to the artifact.

Voila! Now that the artifact has successfully been run, you’ll see the virtual machine registered in active directory under the computers OU. You will also be able to use domain credentials to log into the virtual machine.

Check out other posts on AzureDevTest labs:

• Deploy new VM in an existing AzureDevTestLab using VSTS
• Copy custom images (VHD) between AzureDevTestLabs
• Configure WinRm with ARM template using PowerShell artifact

Happy Deployments!

Tarun