How to use Update-AzADDomainService in Azure Active Directory

A managed domain in Azure Active Directory (Azure AD) is a cloud-based Active Directory domain that is fully managed by Microsoft. This is useful for environments where modern authentication methods can't be used or legacy applications from your on-premises environment need to be used without needing to manage the AD DS environment in the cloud. The Update-AzADDomainService PowerShell cmdlet allows you to update the properties of an existing managed domain, like Name of the domain, the IP addresses of the domain controllers, the subnet, the domain's functional level, and more.

Azure PowerShell syntax

-Name <String>
-ResourceGroupName <String>
[-SubscriptionId <String>]
[-DomainConfigurationType <String>]
[-DomainName <String>]
[-DomainSecuritySettingNtlmV1 <NtlmV1>]
[-DomainSecuritySettingSyncKerberosPassword <SyncKerberosPasswords>]
[-DomainSecuritySettingSyncNtlmPassword <SyncNtlmPasswords>]
[-DomainSecuritySettingSyncOnPremPassword <SyncOnPremPasswords>]
[-DomainSecuritySettingTlsV1 <TlsV1>]
[-Etag <String>]
[-FilteredSync <FilteredSync>]
[-ForestTrust <IForestTrust[]>]
[-LdapSettingExternalAccess <ExternalAccess>]
[-LdapSettingLdaps <Ldaps>]
[-LdapSettingPfxCertificateInputFile <String>]
[-LdapSettingPfxCertificatePassword <SecureString>]
[-Location <String>]
[-NotificationSettingAdditionalRecipient <String[]>]
[-NotificationSettingNotifyDcAdmin <NotifyDcAdmins>]
[-NotificationSettingNotifyGlobalAdmin <NotifyGlobalAdmins>]
[-ReplicaSet <IReplicaSet[]>]
[-ResourceForest <String>]
[-Sku <String>]
[-Tag <String>]
[-DefaultProfile <String>]
Click to copy entire script


The following is an example script for update the properties of an existing managed domain. In this example, we will be updating the domain name, the domain's TLS V1 security status, and the location of the domain.

Update-AzADDomainService -Name <domainname> -DomainSecuritySettingTlsV1 < settingstatus> -Location <location>

where <domainname> refers to the name of your domain, <settingstatus> refers to the setting specified and can have the values True or False, and <location> specifies the location of the replica set.

Click to copy entire script

About ManageEngine ADManager Plus

ManageEngine ADManager Plus is a unified Active Directory (AD), Microsoft 365, Exchange, and Google Workspace management and reporting solution. With ADManager Plus, you can use the following features to improve your organizational workflow:

  • 360 degree user provisioning for Azure AD and other directory services like Active Directory and Google Workspace.
  • Pre-packaged reports with built-in management actions for increased productivity of administrators.
  • Automate routine tasks like stale group cleanup, bulk user provisioning, and more.
  • Reset passwords, unlock user accounts, and create custom reports in bulk swiftly without PowerShell scripts.
  • Approval-based workflow for Azure AD management.

To learn more about ADManager Plus, click here.

Unified Active Directory, Exchange, and Microsoft 365 management and reporting solution

  Get 30-day free trial.
  • Embark on your script-free AD management, reporting, and automation journey with ADManager Plus.
  • By clicking 'Start your free trial now', you agree to processing of personal data according to the Privacy Policy.
  • Thanks
  • Your download should begin automatically in 15 seconds. If not, click here to download manually.

Related Powershell How-to Guides:

The one-stop solution toActive Directory Management and Reporting

Email Download Link