Manage authorized networks

This topic shows you how to add or remove authorized networks from your Managed Service for Microsoft Active Directory domain. Authorized networks are Virtual Private Cloud (VPC) networks that are permitted to access the domain. VPC peering enables this access. Managed Microsoft AD supports adding up to 5 VPC networks to the authorized network list. These networks must meet VPC peering requirements.

Adding authorized networks during domain creation

To add an authorized network when you're creating a new Managed Microsoft AD domain, complete the following steps.

Console

  1. Go to the Managed Microsoft AD page in the Google Cloud console.
    Go to the Managed Microsoft AD page
  2. Select Create new AD domain.
  3. On the Create new domain page, under Network details, open the Select networks list. Select the name of the VPC network you want to authorize.
  4. Select OK.
  5. Complete creating a new domain.

gcloud

Run the following gcloud CLI command.

gcloud active-directory domains create domain-name \
 --region=region --reserved-ip-range="ip-range" \
 --authorized-networks=projects/project-name/global/networks/network

Adding authorized networks to an existing domain

To add an authorized network to an existing Managed Microsoft AD domain, complete the following steps.

Console

  1. Go to the Managed Microsoft AD page in the Google Cloud console.
    Go to the Managed Microsoft AD page
  2. From the domain list, select the domain name.
  3. On the Basic details page, select Edit.
  4. Under Network details, open the Select networks list. Select the networks you want to authorize.
  5. Select Save Changes.

gcloud

Run the following gcloud CLI command.

gcloud active-directory domains update domain-name \
 --add-authorized-networks=projects/project-name/global/networks/network

Removing authorized networks

To remove an authorized network from a Managed Microsoft AD domain, complete the following steps.

Console

  1. Go to the Managed Microsoft AD page in the Google Cloud console.
    Go to the Managed Microsoft AD page
  2. From the domain list, select the domain name.
  3. On the Basic details page, select Edit.
  4. Under Network details, open the Select networks list. Select the networks you want to remove.
  5. Select Save Changes.

gcloud

Run the following gcloud CLI command.

gcloud active-directory domains update domain-name \
 --remove-authorized-networks=projects/project-name/global/networks/network