This section explains how to connect Azure Native Qumulo (ANQ) to Microsoft Entra Domain Services (DS).
On October 1, 2023, Microsoft renamed Azure Active Directory Domain Services to Microsoft Entra Domain Services.
Microsoft Entra DS provides managed domain services such as Windows Domain Join, Group Policy, LDAP, and Kerberos authentication. You can connect your ANQ to standard Active Directory (on-premises AD or self-managed AD in the cloud) or to Microsoft Entra DS.
For information about joining Microsoft Entra DS, see the following resources in the Microsoft Entra documentation.
-
Tutorial: Configure virtual networking for a Microsoft Entra Domain Services managed domain
-
Tutorial: Join a Windows Server virtual machine to a Microsoft Entra Domain Services managed domain
To Configure Microsoft Entra Domain Services (Microsoft Entra DS)
-
Create an instance of Microsoft Entra DS by entering the following details.
-
Name: Your domain name.
We recommend entering
$DOMAIN.onmicrosoft.comthat the system creates for you.You can also use your own custom domain name that acts as a routable or non-routable domain suffix.
-
VNet: A VNet and a resource group for your Microsoft Entra DS instance.
-
SKU: Standard
-
Forest: User
After the system completes deploying your managed domain (this takes 1-2 hours), it creates the VNet that you specified.
-
-
Configure DNS for your managed domain.
-
Log in to the Azure portal and search for
microsoft entra domain services. -
Click your domain.
-
In the Required configuration steps section, under Update DNS server settings for your virtual network, write down the domain controllers (DNS servers) that the managed domain deployment created for you, and then click Configure.
For more information, see Update DNS settings for the Azure virtual network in the Microsoft Entra Domain Services documentation.
-
-
(Optional) If the Microsoft Entra DS managed domain VNet is different from the VNet that you used for deploying ANQ, peer the two VNets.
For more information, see Configure virtual network peering in the Microsoft Entra Domain Services documentation.
-
Configure the ANQ DNS servers to point to the servers that the managed domain provided for you.
For more information, see Custom DNS Configuration on Qumulo Care.
-
To finish configuring your file system to work with Microsoft Entra DS, join your cluster ton AD by logging in to the Qumulo Core Web UI and clicking Cluster > Active Directory.
Note
We recommend giving an administrative role to the user who joins the domain. For newly created users, the system requires a password reset when the user logs in to the Azure portal.
Next Steps
After you deploy your Microsoft Entra DS instance and connect ANQ to it, you can configure SAML Single Sign-On (SSO) for your ANQ instance.