Microsoft Adds Virtual Network Support to Azure AD

Microsoft has launched a public preview of a new capability within Azure Active Directory (AD) Domain Services that adds support for virtual networks using Azure Resource Manager.

Released late last year, Azure AD Domain Services gives users a means of authenticating older applications running on Azure virtual machines on Microsoft's cloud infrastructure. Azure AD Domain Services supports applications that aren't using newer authentication protocols, such as OAuth 2.0, OIDC, SAML and REST. Users can access these applications by logging in with their corporate credentials. As part of this service, Microsoft maintains the domain controller infrastructure for organizations.

Azure Resource Manager, on the other hand, is Microsoft's tooling for deploying complex application workloads that depend on spread-out cloud resources, such as virtual networks, virtual machines, and storage. The resources required by these applications get logically assigned into "resource groups" using templates. This approach supposedly makes it easier for IT pros to remove applications without worrying about all of the cloud-resource dependencies.

This week's preview announcement brings Azure AD Domain Services closer to Azure Resource Manager with regard to virtual network application dependencies.

"This new public preview lets you create a managed AD domain in a Resource Manager virtual network from the Azure portal," Microsoft's announcement explained. The Azure Portal is Microsoft’s browser-based solution for managing various Azure services.

A "Resource Manager virtual network" is a type of virtual network that's currently at the preview stage right now. The Azure AD Domain Services preview of Azure Resource virtual network support also will work with so-called "classic virtual networks." However, Microsoft's announcement signaled it will be shifting away from classic virtual network support going forward.

"We're going all in on Resource Manager virtual networks," Microsoft declared in its announcement.

In the near future, classic virtual network support will be going away:

When support for Resource Manager virtual networks becomes generally available, you won't be able to create new managed AD domains in classic virtual networks anymore. Resource Manager-based virtual networks will be the only supported deployment model for newly created managed AD domains.

Microsoft is promising that it will provide a means to "easily switch from a classic virtual network to a Resource Manager-based virtual network" in the near future. Supposedly, this migration capability, coming in preview form before the end of December, won't require organizations to delete a managed AD domain.

The preview of Azure Active Directory Domain Services support for virtual networks using Azure Resource Manager isn't for production environments yet. Microsoft's announcement flatly stated that "if the existing managed AD domain is a production instance, you won't be able to use this preview."

In other words, the preview is just for test networks. Moreover, Microsoft's announcement has different instructions to follow, along with caveats, for enabling the preview based on whether the test network is using Resource Manager virtual networks or classic virtual networks.

About the Author

Gladys Rama (@GladysRama3) is the editorial director of Converge360.


  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • Microsoft Sets September Launch for Purview Data Governance

    Microsoft's AI-powered Purview solution to address governance and security challenges is set to become generally available on Sept. 1.

  • An image of planes flying around a globe

    2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • End of the Road for Kaspersky in the United States

    Kaspersky on Monday said it is shuttering its U.S. operations, just days before a nationwide ban on sales of its security software was set to take effect.