问题
Is it possible to use an Azure virtual machine as an Active Directory server with ADFS 2.0 and integrate it with ACS ?
Regards ,
James Roeiter
回答1:
Having AD server (with RMS also) in cloud is an ask which I have heard time to time from Azure users and it sure is a great addition to have it running in Windows Azure or any cloud. Various organization's IT is asking the same as well however As of now with current Windows Azure it is not possible.
A few might suggest that using Windows Azure VM Role however, I would say that there are concern over that as well do to persistence and other issues so I would say it is not possible with Windows Azure VM Role as well and there are other issues related with Active Directory product as well to run in Cloud scenarios.
If I answer it directly, I would say as of now it is not supported and suggested scenario to have AD on Windows Azure and will not work due to various reasons.
回答2:
You can now install AD on Azure in a persistent state. Its still preview but I have just got an standalone AD on a separate network on Azure. I haven't finished wiring up ADFS and ACS but given a little time to get my head around it and I will be there.
回答3:
Why would you like to put your AD server in Azure? If it just for testing - you can. However the current state of Windows Azure only allows you to have a VM Role, which is Stateless. That means, you may prepare your VM with the AD, all configured for ACS and fill up with users. However you can't rely on any changes to be persisted (including password changed, user edits). VM Role is stateless, which means you will lose your changes once the role is recycled or rebooted, or healed.
So the final answer for the current Windows Azure offering would be - don't do that now, unless you want to just play around and see if it works.
** EDIT **
I am not an AD expert, what I managed to do and have an "in-house-virtualized" lab is to have ADFS on VM integrated with ACS. Another VM running Windows 7, which is domain joined to my AD. Then a web deployed application which leverage ACS with ADFS integration. Everything works fine.
As for storing AD data on external persistent storage - I don't know if it is possible, and how to configure that (already told you I am not AD expert). But if you know how to configure the storage for AD, and if you can store it in an SQL Azure, it is worth to give it a try.
And, finally, as Sandrino mentioned read the provided link to ZDNet's blog post, which has information you might find helpful.
来源:https://stackoverflow.com/questions/10816075/deploy-active-directory-and-adfs-2-0-in-azure-virtual-machine-and-integrate-it-w