I recently started an Azure subscription in order to move all the servers I use to test PowerShell code to the cloud. Right now I have only a couple Virtual Machines, one running Windows Server 2016, that’s my Domain Controller. I also have a Windows Server 2012 R2 Virtual Machine with Exchange 2013 installed. Obviously, both of these VMs are in the same domain.
For the purposes of testing, I wanted to be able to remote to the cloud VMs using PowerShell. The problem is since my local machine is not in the same domain as the VMs I couldn’t get authenticated. Now, you can stand up an Azure Active Directory and put the local machine in that domain and you’re good to go. I’m trying to keep costs as low as possible so I wasn’t willing to pay that extra expense for the Azure AD. I think you can also use a certificate in an Azure Keystore but again, extra expense plus I would have to figure out how to make it work… I’m an Azure n00b.
After some quality time consulting Professor Google, I came to the conclusion to create a certificate in each VM, then importing that certificate on my local laptop was the easiest way to make this work. Obviously, this is not a good enterprise solution although I guess you could probably do it a little more efficiently on a larger scale using Certificate Services. Anywho… this is how I did it.
If you have a better method, please let me know in the comments.