How to use Update-AzADDomainService in Azure Active Directory
A managed domain in Azure Active Directory (Azure AD) is a cloud-based Active Directory domain that is fully managed by Microsoft. This is useful for environments where modern authentication methods can't be used or legacy applications from your on-premises environment need to be used without needing to manage the AD DS environment in the cloud. The Update-AzADDomainService PowerShell cmdlet allows you to update the properties of an existing managed domain, like Name of the domain, the IP addresses of the domain controllers, the subnet, the domain's functional level, and more.
Azure PowerShell syntax
Copied
Update-AzADDomainService
-Name <String>
-ResourceGroupName <String>
[-SubscriptionId <String>]
[-DomainConfigurationType <String>]
[-DomainName <String>]
[-DomainSecuritySettingNtlmV1 <NtlmV1>]
[-DomainSecuritySettingSyncKerberosPassword <SyncKerberosPasswords>]
[-DomainSecuritySettingSyncNtlmPassword <SyncNtlmPasswords>]
[-DomainSecuritySettingSyncOnPremPassword <SyncOnPremPasswords>]
[-DomainSecuritySettingTlsV1 <TlsV1>]
[-Etag <String>]
[-FilteredSync <FilteredSync>]
[-ForestTrust <IForestTrust[]>]
[-LdapSettingExternalAccess <ExternalAccess>]
[-LdapSettingLdaps <Ldaps>]
[-LdapSettingPfxCertificateInputFile <String>]
[-LdapSettingPfxCertificatePassword <SecureString>]
[-Location <String>]
[-NotificationSettingAdditionalRecipient <String[]>]
[-NotificationSettingNotifyDcAdmin <NotifyDcAdmins>]
[-NotificationSettingNotifyGlobalAdmin <NotifyGlobalAdmins>]
[-ReplicaSet <IReplicaSet[]>]
[-ResourceForest <String>]
[-Sku <String>]
[-Tag <String>]
[-DefaultProfile <String>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
Click to copy entire script
Example:
The following is an example script for update the properties of an existing managed domain. In this example, we will be updating the domain name, the domain's TLS V1 security status, and the location of the domain.
Copied
Update-AzADDomainService -Name <domainname> -DomainSecuritySettingTlsV1 < settingstatus> -Location <location>
where <domainname> refers to the name of your domain, <settingstatus> refers to the setting specified and can have the values True or False, and <location> specifies the location of the replica set.
Click to copy entire script
About ManageEngine ADManager Plus
ManageEngine ADManager Plus is a unified Active Directory (AD), Microsoft 365, Exchange, and Google Workspace management and reporting solution. With ADManager Plus, you can use the following features to improve your organizational workflow:
- 360 degree user provisioning for Azure AD and other directory services like Active Directory and Google Workspace.
- Pre-packaged reports with built-in management actions for increased productivity of administrators.
- Automate routine tasks like stale group cleanup, bulk user provisioning, and more.
- Reset passwords, unlock user accounts, and create custom reports in bulk swiftly without PowerShell scripts.
- Approval-based workflow for Azure AD management.
To learn more about ADManager Plus, click here.
Unified Active Directory, Exchange, and Microsoft 365 management and reporting solution
Get 30-day free trial.