Azure – You can now migrate your Azure AD Domain Service to ARM and use templates

You may already know Azure AD Domain Services, an Azure service which extends your on-premises directory service (AD DS) to a managed domain service, allowing you to deliver AD DS domain join, group policies, LDAP and/or Kerberos/NTLM authentication capabilities within your Azure environment without the need to deploy domain controllers virtual machine on Azure (to know more

Well, if you were an early adopter of Azure AD DS, your service has been deployed using the ‘old’ Azure deployment mode called Azure Classic.

Since then, Microsoft has moved on to the Azure ARM model, leaving your Azure AD DS in classic mode, restricting you to enjoy all the benefits of the ARM deployment and management mode.

Well, good news, you can now migrate your ‘classic’ Azure AD DS to ARM using PowerShell commands:

  • Install-Script -Name Migrate-Aadds to install the migration script from the PowerShell Gallery
  • Migrate-Aadds -Prepare –ManagedDomainFqdn <your domain services FQDN> -Credentials $creds​ to prepare the domain for the migration
  • Migrate-Aadds -Commit -ManagedDomainFqdn <your domain services FQDN> –VirtualNetworkResourceGroupName <resource group where the vNet resides>     -VirtualNetworkName <your vNet> -VirtualSubnetName DomainServices -Credentials $creds​

During the migration process, there will be a downtime as the ‘back-end’ domain controllers will be offline during the migration; it is expected a downtime period between 1 to 3 hours.

In addition, of this you can now use ARM template to deploy Azure AD DS – you can download a sample of Azure AD DS ARM template by using the Azure AD Domain Services creation wizard and then use the Download a template for automation option at the end of the wizard.


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies