Time
14 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
15

Video Transcription

00:00
Hello, Siberians. Welcome to lesson one point for off money. One off this cuss titled. Is it visible? One Microsoft Azure architect design
00:10
This lesson is a demonstration of the concepts that were covered in the previous tree lessons off this model
00:17
had a consensus that I'll be showing you
00:20
so we'll start out by creating in new as your A D tenants.
00:25
Ah, nauseated tenants just means an instance off Jules 80.
00:30
Then we'll go ahead to see how to modify and adjust description to use a different as you're a D tenants.
00:38
Then I proceeded to show you howto conflict. Wait custom domain name, Financial lady, tenant. So instead of using the default on Microsoft that come domain name,
00:50
then go ahead to show you how to create an azure A. D. D. S instance on finally out of joining the Windows virtual machine in Hajer tow the azure, a tedious instance that would create it. So let's get right into this.
01:06
Here's the first concept that I'll be demonstrating to you.
01:08
How about demonstrating out? Create a new azure 80 tenant on? There's a visual representation of that.
01:17
I currently have an azure subscription. When I signed up for the azure subscription it created on as your a D tenant for me on the defaults. The main aim off Dodger a D tenant is super clouds 20 that on Microsoft that come
01:30
have also purchased a demanding from God a d,
01:34
which is super clouds that X y Z
01:38
that what I currently have, what I'm gonna be showing you now is how to create a new as your a D tenant which are called Super Clouds trying to wonder on Microsoft that come.
01:51
So let's go to the hospital where I showed this to you.
01:55
So here's my azure environment. I'm signed into the azure Pato
01:59
as David except clouds $20 on Microsoft that come
02:02
If I click on Azure Active directory here, you can see that I have this as your a d 10 and I was created when I signed up for this free subscription
02:12
on It's another 80 free addition
02:14
and the domain name is super clutch. $20 on Mike's off that come.
02:17
So what if I want to create a new as your lady tenant? It's very simple.
02:23
If I click on, create a resource
02:24
I can set for as your active directory is what I need to set for. So I have attractive directory differently, conducts
02:34
and then I can click on Creates.
02:36
It asks me to specify the name off my organization and our quiet and specify shipper clouds,
02:45
and then it asks me for the initial domain name and initial demand them. We have a suffix off that on Microsoft that come So I just quiet and put in
02:54
super clouds
02:58
tryingto one
02:59
that on Microsoft that come.
03:02
So once that that is accepted, I can specify the country or region. So I'm currently based in the United Kingdom, so quiet and specify that.
03:09
And then I'll quiet and click on create on that simple A stacks. Now I have a new instance, or how we'll have a new instance off. Attractive directory.
03:20
Let's move on to the next aspect of the demo. Why this is going on
03:24
in the next part of this demo?
03:27
How Go ahead and show you howto confit great custom domain for on as your lady tenant.
03:34
So here's a visual representation off what I'll be doing. So currently I have my Azure subscription currently uses this
03:42
Super Clouds 20 that on Mike's off that commercial a determinant as its identity provided.
03:49
And I have this newly created as your 80 tenants that I've that I've just created, right,
03:55
So what I want to do is I want to take my super cloud of X y Z domain name and configure Eat us.
04:03
Did the man name for this age I e. D tenants. So that's what that's gonna look like. I'm gonna configure that supper club about X y Z,
04:11
but after doing that, I have to modify Super Cloud of X y Z
04:15
Toby, the primary demand name for this tenants so that this becomes the secondary and not the primary. So let's go ahead and see that
04:28
back in the photo. You can see that my educated tenant has finished creating, and I have a link here that says, Click here to manage your new directory. If I click on that link,
04:39
it takes me to my super clouds 20 to 1
04:44
as your A D tenant, and you can see that my existing user has been automatically given permission.
04:50
Into these are my supper club 20
04:54
yousa as permissions into the seven year itch now
04:58
on original member off this tenant.
05:00
So if I go back to Super Clouds 21 I just created
05:04
What I can do is I have custom domain names in the left and sites of a click on that I can click on,
05:10
had a costumed, um in them.
05:12
And then I can specify the custom demanded that I want too hard. In this case,
05:16
I have super cloud starts, X y Z,
05:19
and
05:21
if I click on, add them in.
05:25
So now it's given me an option to use that use a T X T record or MMX records to verify ownership of this. Tremendous. So what I'll do is I'll copy in
05:35
this destination 2.2. So it's a text. If I could, I'd be using. I'll go on the gold of the my Super Cloud of X, y Z t and his own.
05:45
Now quiet an ad in new T X T record
05:48
and the host will be at the value, a bit of value that I copied.
05:54
So that's the hat and does the value of the time to live in a 3600 so I can quiet and specify custom on 3600 on, Then I can quiet and click safe. Two deaths.
06:04
So now that this has been created, this record,
06:09
just give it a few minutes to propagate. So it's gonna take a few minutes after it finished. Trouble getting out quiet and click on Verify.
06:18
I've given this a few minutes now, so let me quiet and click on Verify. It's gonna try to verify *** domain name. And now it's Detective, that record, which means I have access to this domain.
06:30
So once I've done that, I would need to do the other aspect, which is I want to make this my primary domain name. So I just quiet and click on Make primary and click on Yes,
06:41
on it changes this. Demand them to be the primary domain name for these as your A D tenants. So if I go back, you can say that it's verified. Is the primary one.
06:49
So what I'll do is how quickly create in new test. He's so great and creating new user
06:56
called Brenda. So let's quiet and had used the name Brenda
07:00
and the name. I would just call the name
07:03
when the Dow and the first name when the
07:09
nice name is
07:12
I ought to generate a password. So go ahead and
07:15
show the initial password.
07:23
How quiet And make this user a global that mean
07:28
in a sure Haiti
07:31
ah nde are specified. The use its location off this year's ER to be United Kingdom. Also
07:39
so United Kingdom.
07:41
The job played to our just say cloud
07:46
architect
07:50
and the department. I'll say 80
07:55
on a quiet and click. So if I go ahead, you can say that the user name is Brenda. But the domain name Because that's the primary. It's Brenda at Super Clouds with X y Z.
08:05
If I quiet and click on Creates
08:07
it successfully created my user account, and I can verify that
08:13
by going to the azure portal over here, and I can try to log in as Brenda.
08:18
That's
08:20
super clouds
08:22
dot x y Z
08:24
on directly. Come next to that's
08:28
attacks me for the password. So let's put in in this initial password
08:33
signing. It's gonna ask me to set the current pass water, put the hand, I modify the password,
08:46
are quiet and click on signing,
08:52
and now you can see that I'm signed in to the azure Pato and I can manage this
08:58
as your active directory tenant
09:01
as Brenda.
09:03
In the next part of this demo, I'll show you how to modify a Najar subscription to use a different as you're a D tenants.
09:13
So official representation of what I'll be showing you.
09:16
I'll be showing you
09:18
how to modify this azure subscription that I have here, which is currently using Super Clouds 20
09:26
as it identity provider.
09:28
I want to modify these to use by clouds of X y Z as your lady tenants as its identity provided. Now, when you do this, you have to be a bit careful cause you have to have users that have
09:41
Juries identities over here, so you may need to create the user's on, then ensure that you've set permissions for them on the side. Just description also
09:50
for each other. You said subscription permissions for them.
09:52
So let's quiet under this.
09:56
I'm currently still logged into the new super cloud. That's X Y Z, J D tenants. What if I want to switch that? I can click on that option here where I can see all the azure 80
10:07
um, tenants that I have. So if I want I can go back to Super Clouds. 20.
10:13
So make sure that your invites
10:16
as your lady tenants for you to be able to see the subscription sewn under them Back toe Ray the
10:20
and Super Clouds 20. I can quiet and click on the all service is,
10:26
and I can go ahead and click on subscriptions,
10:30
and I can see my subscription here.
10:31
So what I can do is if I click on that subscription,
10:37
I have the option to change the directory here.
10:39
So if I click on change directory,
10:43
I can see that I'm currently using Super Clouds $20 myself that come for the subscription on. I can switch that to use that
10:52
new tenant, which most likely is my new Super clouds,
10:56
not X y Z tenant. So that's ends with beat everyone. Let's just verify that. So if I go over here
11:03
Super cloud of X y Z that ends with Bee Tree once so that excellent. So I'll just go ahead and close these. I'll go ahead and click and change directory on our great and change that to super clouds that X y Z, and actually can change
11:18
and what that does it that switched around to destroy rectory from using Super cloud 22 years in super clouds. That X y z
11:28
One of the things that I like to emphasize before moving on
11:33
is that it does take upto one hour for the changes to propagate. When we change the azure lady turn and face description. So do remember to give it enough space for dash to propagate
11:46
in the next demo, I'll be showing you out to create an azure A D. D. S instance.
11:50
So here's the current setup that I have. I have an address description that uses the super clouds that X Y is the azure lady tenant. As his identity provided
12:01
DiMaggio subscription, I have a virtual network where currently have a submit that has a Windows virtual machine running in it.
12:11
What? I will be doing this. I will be creating a natural a. D. D. S service
12:16
that's gonna be linked to my super clouds that X y Z
12:22
as your a d tenant so that my identities can be synchronized from Madre de Tenants to the azure A. D. D. S service.
12:31
So let's get right into that.
12:35
I'm back in the House. You're part owner. But what I want to do is
12:39
instead off years in my David at Super Clouds. $20 on Mike's off that come account, I'm gonna switch over
12:46
to use
12:48
my new
12:50
user account. I created Alia for the user called Brain There,
12:54
Right. So I created the user called Bring Down Hey, Leah
12:58
and
13:00
I have given the user called Brenda permissions to the subscription. So if I go on, all service is and if I go on the
13:07
subscriptions,
13:09
Brenda at Super Cloud of X y Z should be able to see this description. What I can also do for future demos is I can go ahead to Azure A. D. And I can go create a new user called David at Super Club X Y Z. So let's do that very quickly.
13:28
So let's give the user name David,
13:33
and that's a big cloud of X Y Z. So the name will be David a Chiari
13:41
force named David last night. So quiet and click on creates
13:46
Andi. I have my new user, which I'll be using for future demos, but for now, we'll just carry on and use Brenda.
13:52
So what? I want to do is how just quiet and click on create a resource
13:56
and I was sent for
14:00
as you go
14:01
a D
14:03
domain service is. So if I click and that it gives me the option to click on creates
14:13
so clicking on the create option, I have the option to glide and with my conflagration. So first, I need to put this in the research group How? Put it in the same result school where I put my Windows machine that I've created earlier.
14:26
So the D. N a. Is the main name for this as your a d d. A. Service is what I need to specify. Hair.
14:33
So what I'm gonna do is to make it easy to identify. I'm gonna put as your a d the s
14:41
dot super clouds that X, y Z said. That's what I want to call it on. That's the demand that my machines will be able to join.
14:48
Location will be your case out. I click next on the next work in.
14:52
So now
14:54
is Detective Avenue network. Also, it's not detected that it's trying to create a new network here.
15:00
What I want to do is, I want two years, my existing network, which is this network over here. So I'll click on that network
15:07
on Dhe. You can see that it's identified my existence. Sub nets. Where have my Windows Retro mission? That's not the submit that I want to put the azure a d d A. Service.
15:18
So if I go ahead and click on Manage,
15:22
it gives me the option tohave a new sub net. So our creating your sub net called as your a d. D. S
15:31
submits on. I'll give it an I. P address of injured in my veteran network, which stand out one That's two that's over. My virtual network is standard Wonder DHS zero zero's last 16 so I'll just give it tender to wonder to not serious. Last rainfall,
15:45
for all the other options are lived as default on our way and click Okay,
15:50
so that should create my submit.
15:52
So I select the sub nights, and that's the sub. Next on my a d. D. A savage with living. So that's great.
16:00
So let's quiet and close this.
16:03
Oh, go ahead and close T is also on. Go ahead and select the subject's excellent. So let's move on fi great and click on next on the administration,
16:12
it says all global. That means so there's go to be notified when you have in a lot of one year critic off one in a critical severity. That's fine.
16:22
So there's a group in Azure 80 now be called a D D. C Administrators group
16:30
and the user that I want to be an administrator for this demand I'll be created. I'm needs toe have them into that group in Azure 80.
16:40
What I would do in this case is I can go ahead and manage the membership of that group. So how ad
16:47
One or two users? So let's add some members into that group. So how hot Brender,
16:53
Actually, let's just add about Brenda and David so that that Brender and that at David also
17:00
so but uses select.
17:04
So that's fine. And I'll go ahead and
17:08
close out of this. Self gods doesn't use us in that grip,
17:14
so I go next. Actually, I want to verify, can click on that again, and they're very fights at their members of that group, so quietly connects to synchronization,
17:22
says, Do I want to synchronize all these objects if I wanted to. I could scoop that re particulate group in a jury. 80. Just quiet and select all for this demonstration,
17:33
and then I'll go forward to review and creates
17:38
on. It's gonna validate my request. And once the request is validated, Andi, if everything is okay, I can click on Create. Now. One of the things I ain't saying is it's going to be synchronizing not only my his identities, but the password ashes for those whose identities.
17:56
One of the things to remember if you're using a jury they connect for on premises identity is that you need to be synchronizing the password ashes to Azure lady if that's gonna work with J. D. D s, but that's that's by the side. So why don't click on create here
18:11
on a quiet and click? Okay,
18:15
now, this takes from experience about 20 to 30 minutes to complete, so just give it some space. Lettuce completes successfully before proceeding to the next part of the system,
18:29
so my deployment completed successfully.
18:32
So what I'll do is I'll move on to the next pat off the demo
18:37
in the next part of this demo. I'll show you out to join the Windows Veteran mission in Azure to the Azure, a tedious instance that I just created.
18:45
So yes, if the shore representation of what are between
18:49
we currently have our Hajer a tedious instance in the sub nets that we deployed it into.
18:57
The next thing that I would be doing is I need to join My Windows retro mission, which is in the same virtual network, are beat in a different sub net toe, where the azure, a tedious instance, is on a need to join that virtual machine to remain. So let's go ahead and do that now.
19:15
Now, for me to be able to do that, the frostiness let's go to our service is
19:22
andare. Magnify this a bit, so you can be my Clara and I are such for Azure
19:30
Andy,
19:32
and you have as your a D domain service's years. If I click on that service
19:37
and I can see my service instance a. If I click on that instance,
19:41
so one thing that I want you to pay attention to is the health. So even after the deployment complete successfully, just give it enough time, make sure that the air say's that it's running before proceeding.
19:52
If I go over here to the left hand side, on the properties,
19:59
you have the high P addresses
20:00
off the back end veteran machines that are running in the sub net that have run in this service. So I have tendered wonder to that foreign tenders wonder to that five. And that's the D. N s. The main aim for this service. So what I need to the first of all this I need tohave this I p addresses
20:19
as the d. N s ever fall
20:22
my virtual network.
20:26
So if I go ahead and do that, let's go on the veteran networks I click on my virgin that work there
20:32
I go on the d n A service and I changed it from the default A job provided any service to costume on. I go ahead and just pasted in and separate them.
20:42
So Tender Wonder stood it for Andi. Tenders wonders through that Fife and I wide and click safety. That's
20:52
now, even after seven days, that's not going to apply to
20:56
my virtual machine. So this is the Windows virtual machine that I have running.
21:00
If I bring up the command prompt If I do on my p
21:07
config four slash home.
21:10
You see that it's two years in the azure provided Deion Sever Hi p address. So I need to restart this retro machine to pick up the new Dennis Conflagration shall just quiet and do that's now, So that's great. And which starts that.
21:22
And when this virtual mission comes back up, I expected tohave his i p addresses as it's Dennis ever on. Once that is done, then I'll go ahead and join needs to my domain measure a d d. Estimate
21:36
my veteran mission as we started successfully
21:38
for great and upon the command prompt. And if I go ahead and do an I p
21:44
config
21:45
space for slash home,
21:49
I can see that it's now picked up the Dennis configuration. So that's great.
21:53
That's quiet and joined this machine. Said domain.
21:56
If I click on local sever, if I click on work group
22:00
and frankly can change, I can put in my
22:03
a d d s d. N s demon named their fight Click on. Okay, it's gonna promise me for the user name and password
22:11
I created a user earlier called Bradley so quiet and used that user name so broadly acts
22:19
the D. N s name,
22:25
and I put the password for Bradley. Then right click okay to that
22:30
that goes to and joins this machine sediment. So if I go ahead and click, okay, and we starts this machine
22:40
so when this mission was start, I should be able to log into the machine
22:45
with the credential off one off. My azure 80 users has been synchronized to this as your a d d A. Service.
22:55
So hopefully the mission as we started. Now let's try to log in with how a user That's right. We're looking as Bradley
23:03
Huts.
23:04
It did the S
23:07
the super clouds
23:10
X Y Z
23:12
on dhe. If I go ahead, Stickley connects.
23:18
Fronts me for the passport for Bradley are great and puts in the password
23:25
on dhe. That's looking okay,
23:27
and you can see that I'm able to log in with Bradley's Creadon shows into this virtual machine.
23:38
So this concludes this demo. Thanks very much for watching this video on. In the very next lesson, I'll start talking about as your a d. I breed identity. So see you in the next lesson.

Up Next

AZ-301 Microsoft Azure Architect Design

This AZ-301 training covers the skills that are measured in the Microsoft Azure Architect Design certification exam. Learn strategies to plan for the exam, target your areas of study, and gain hands-on experience to prepare for the real world.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor