Register China Azure AAD for Azure Stack

  • Article

The first public technical preview of Azure Stack is around the corner. In this release, we require an Azure AD (AAD) for authentication. That might be a problem for the customers in China coz they would use China Azure instead of public Azure. This blog I will talk about how to register a free China Azure AAD account so that unblock you deploying Azure Stack TP1.

First of all, we would recommend customer request a 1RMB trial subscription from https://support.windowsazure.cn/zh-cn/pricing/1rmb-trial-full/ . If you don’t want to wait, you may also prepaid RMB1000 to register a account immediately. However obviously those are not the options we will explore here. Let's talk about how to get one for free.

Step 1: Create Customer Domain
-------------------------------

1. Go to https://account.windowsazure.cn/organization and in that page you may create your domain and a global admin (company admin) AAD account, which could be used as the service admin AAD credential.

Step 2: Create tenant admin AAD account
----------------------------------

In Azure Stack, basically you need at least two roles, one is the service admin, which we just created in the step 1. The other role is tenant admin. With the following steps you may create the additional AAD accounts in the above AAD domain. Those AAD accounts could be used as tenant admins (By default all those accounts are tenant admin but you may configure their role in Azure Stack portal later. For example, add one of them as the service admin.).

  1. Install the Microsoft Online Services Sign-In Assistant for IT Professionals RTW.
  2. Install the Azure Active Directory Module for Windows PowerShell (64-bit version) and open it.
  3. Run the following cmdlets:
  • $msolcred = get-credential (Now input the AAD account and password you will just created in the step 1)
  • connect-msolservice -credential $msolcred
  • $user = new-msoluser -DisplayName "Tenant Admin" -UserPrincipalName <username>@<yourdomainname> -Password <password>
  • Add-MsolRoleMember -RoleName "Company Administrator" -RoleMemberType User -RoleMemberObjectId $user.ObjectId

Now you may deploy Azure Stack. Enjoy it!