Organizations looking to modernize their infrastructure often ask whether ADManager Plus can be hosted on Microsoft Azure. Hosting ADManager Plus on Azure helps centralize Active Directory management, improve availability, and support hybrid environments. This guide explains how to deploy ADManager Plus on an Azure virtual machine, configure connectivity to on-premises Active Directory, and ensure a secure and scalable setup.
Before deploying ADManager Plus on Azure, ensure the following are in place:
Azure virtual machine requirements
OS: Windows Server 2016 or later
Size: Minimum 4vCPUs and 8GB RAM
Static private IP (public IP if external access is needed)
Remote access secured via VPN, Azure Bastion, or network security group (NSG) rules
Active Directory connectivity
Azure VM must reach on-premises domain controllers over:
LDAP/LDAPS: TCP 389 or 636
RPC: TCP 135 and dynamic range 49152–65535
DNS: TCP/UDP 53
Domain DNS server must be configured on the VM's NIC
Firewall and network configuration
Allow traffic from Azure VM to on-premises AD and DNS servers
It is recommended to use a site-to-site VPN or Azure ExpressRoute
Installation files
Latest ADManager Plus installer
Java JDK (bundled with installer)
Use the Azure Portal to create a VM with the above specs.
Assign a static private IP.
Enable RDP (port 3389) for remote access.
Join the VM to your on-premises or hybrid Active Directory domain.
Ensure domain connectivity via a VPN or ExpressRoute.
Download the installer from here.
Run the installer and follow the setup instructions.
Use default settings or customize ports and paths as needed.
Log in to ADManager Plus
Navigate to Directory/Application Settings > Active Directory > Add Domain.
Enter your Domain Name and domain controller IP.
Provide domain admin credentials in the Domain Username and Domain Password fields.
Click Add.
Ensure the following ports are allowed in Azure NSGs and the VM’s firewall:
TCP 389 and 636 (LDAP/LDAPS)
TCP 445 and 135 (SMB/RPC)
TCP/UDP 53 (DNS)
HTTP/HTTPS: Default ports 8080 or 8443 for web UI access
Set up SSL/TLS for secure browser access (optional).
Use Azure Bastion, just-in-time RDP access, or a jump server to securely access the VM.
Enable HTTPS access using a trusted SSL certificate to protect web-based connections.
Set up regular backups using Azure Backup or third-party tools to safeguard the ADManager Plus database and configuration files.
Deploy a load balancer and enable high availability in ADManager Plus to ensure continuous service.
Monitor system performance with Azure Monitor or Log Analytics to track CPU, memory, and network usage effectively.