How to host ADManager Plus on Microsoft Azure

How to host ADManager Plus on Microsoft Azure

Objective 

Organizations looking to modernize their infrastructure often ask whether ADManager Plus can be hosted on Microsoft Azure. Hosting ADManager Plus on Azure helps centralize Active Directory management, improve availability, and support hybrid environments. This guide explains how to deploy ADManager Plus on an Azure virtual machine, configure connectivity to on-premises Active Directory, and ensure a secure and scalable setup.

Prerequisites   

Before deploying ADManager Plus on Azure, ensure the following are in place:

  1. Azure virtual machine requirements

    • OS: Windows Server 2016 or later

    • Size: Minimum 4vCPUs and 8GB RAM

    • Static private IP (public IP if external access is needed)

    • Remote access secured via VPN, Azure Bastion, or network security group (NSG) rules

  1. Active Directory connectivity

    • Azure VM must reach on-premises domain controllers over:

      • LDAP/LDAPS: TCP 389 or 636

      • RPC: TCP 135 and dynamic range 49152–65535

      • DNS: TCP/UDP 53

    • Domain DNS server must be configured on the VM's NIC

  1. Firewall and network configuration

    • Allow traffic from Azure VM to on-premises AD and DNS servers

    • It is recommended to use a site-to-site VPN or Azure ExpressRoute

  1. Installation files

    • Latest ADManager Plus installer

    • Java JDK (bundled with installer)  

Steps to follow 

 Step 1: Provision a Windows VM in Azure   

  1. Use the Azure Portal to create a VM with the above specs.

  2. Assign a static private IP.

  3. Enable RDP (port 3389) for remote access.

  1. Join the VM to your on-premises or hybrid Active Directory domain.

  2. Ensure domain connectivity via a VPN or ExpressRoute.

 Step 3: Install ADManager Plus   

  1. Download the installer from here.

  2. Run the installer and follow the setup instructions.

  3. Use default settings or customize ports and paths as needed.

 Step 4: Configure Directory/Application Settings in ADManager Plus   

  1. Log in to ADManager Plus

  2. Navigate to Directory/Application Settings > Active Directory > Add Domain.

  3. Enter your Domain Name and domain controller IP.

  4. Provide domain admin credentials in the Domain Username and Domain Password fields.

  5. Click Add.

 Step 5: Open required ports   

  1. Ensure the following ports are allowed in Azure NSGs and the VM’s firewall:

    • TCP 389 and 636 (LDAP/LDAPS)

    • TCP 445 and 135 (SMB/RPC)

    • TCP/UDP 53 (DNS)

    • HTTP/HTTPS: Default ports 8080 or 8443 for web UI access

  1. Set up SSL/TLS for secure browser access (optional).

 Tips 

  • Use Azure Bastion, just-in-time RDP access, or a jump server to securely access the VM.

  • Enable HTTPS access using a trusted SSL certificate to protect web-based connections.

  • Set up regular backups using Azure Backup or third-party tools to safeguard the ADManager Plus database and configuration files.

  • Deploy a load balancer and enable high availability in ADManager Plus to ensure continuous service.

  • Monitor system performance with Azure Monitor or Log Analytics to track CPU, memory, and network usage effectively.

                  New to ADSelfService Plus?

                    • Related Articles

                    • Can we host ADManager Plus on Azure AD?

                      Yes, it is possible. ADManager Plus is an on-premises, web-based application. It is also available in the Azure Marketplace, enabling you to use it on-demand, similar to any cloud-based or SaaS offering, on Microsoft's Azure platform. Click here to ...
                    • Microsoft 365 license management using ADManager Plus

                      This article will explain how you can assign and revoke Microsoft 365 licenses using ADManager Plus. With ADManager Plus, you can: Assign Microsoft 365 licenses while creating users. Modify Microsoft 365 licenses for existing users. Remove Microsoft ...
                    • How to integrate ADManager Plus with Azure SQL database

                      ADManager Plus can be integrated with a list of databases to facilitate efficient AD management. This specific integration with Azure SQL database allows administrators to synergistically manage AD objects from their Azure SQL instance itself. ...
                    • How to configure Microsoft 365 settings to perform Microsoft 365 management and reporting via ADManager Plus?

                      Objective: Configure Microsoft 365 settings to perform Microsoft 365 management and reporting via ADManager Plus. Solution: ADManager Plus empowers administrators to perform management and reporting across multiple platforms such as Active Directory ...
                    • Prerequisites to configure Microsoft 365 in ADManager Plus

                      Integrating Microsoft 365 with ADManager Plus requires the three modules listed below and TLS 1.2 to be enforced. Modules required: 1. AzureAD 2. MsOnline 3. ExchnageOnlineManagement Run "Get-InstalledModule" in PowerSehll as Admin, to view the list ...