Merge pull request #104046 from iainfoulds/azureadds-dnsnaming

[AzureADDS] Update sample DNS name space

Author: American-Dipper

articles/active-directory-domain-services/change-sku.md

@@ -44,7 +44,7 @@ For more information on these limits, see [Azure AD DS SKU features and limits][
 
 To change the SKU for an Azure AD DS managed domain using the Azure portal, complete the following steps:
 
-1. At the top of the Azure portal, search for and select **Azure AD Domain Services**. Choose your managed domain from the list, such as *aadds.contoso.com*.
+1. At the top of the Azure portal, search for and select **Azure AD Domain Services**. Choose your managed domain from the list, such as *aaddscontoso.com*.
 1. In the menu on the left-hand side of the Azure AD DS page, select **Settings > SKU**.
 
     ![Select the SKU menu option for your Azure AD DS managed domain in the Azure portal](media/change-sku/overview-change-sku.png)

articles/active-directory-domain-services/check-health.md

@@ -25,7 +25,7 @@ This article shows you how to view the Azure AD DS health status and understand
 The health status for an Azure AD DS managed domain is viewed using the Azure portal. Information on the last backup time and synchronization with Azure AD can be seen, along with any alerts that indicate a problem with the managed domain's health. To view the health status for an Azure AD DS managed domain, complete the following steps:
 
 1. In the Azure portal, search for and select **Azure AD Domain Services**.
-1. Select your Azure AD DS managed domain, such as *aadds.contoso.com*.
+1. Select your Azure AD DS managed domain, such as *aaddscontoso.com*.
 1. On the left-hand side of the Azure AD DS resource window, select **Health**. The following example screenshot shows a healthy Azure AD DS managed domain and the status of the last backup and Azure AD synchronization:
 
     ![Health page overview in the Azure portal showing the Azure Active Directory Domain Services status](./media/check-health/health-page.png)

articles/active-directory-domain-services/create-gmsa.md

@@ -61,32 +61,32 @@ First, create a custom OU using the [New-ADOrganizationalUnit][New-AdOrganizatio
 > [!TIP]
 > To complete these steps to create a gMSA, [use your management VM][tutorial-create-management-vm]. This management VM should already have the required AD PowerShell cmdlets and connection to the managed domain.
 
-The following example creates a custom OU named *myNewOU* in the Azure AD DS managed domain named *aadds.contoso.com*. Use your own OU and managed domain name:
+The following example creates a custom OU named *myNewOU* in the Azure AD DS managed domain named *aaddscontoso.com*. Use your own OU and managed domain name:
 
 ```powershell
-New-ADOrganizationalUnit -Name "myNewOU" -Path "DC=contoso,DC=COM"
+New-ADOrganizationalUnit -Name "myNewOU" -Path "DC=aaddscontoso,DC=COM"
 ```
 
 Now create a gMSA using the [New-ADServiceAccount][New-ADServiceAccount] cmdlet. The following example parameters are defined:
 
 * **-Name** is set to *WebFarmSvc*
 * **-Path** parameter specifies the custom OU for the gMSA created in the previous step.
-* DNS entries and service principal names are set for *WebFarmSvc.aadds.contoso.com*
-* Principals in *CONTOSO-SERVER$* are allowed to retrieve the password use the identity.
+* DNS entries and service principal names are set for *WebFarmSvc.aaddscontoso.com*
+* Principals in *AADDSCONTOSO-SERVER$* are allowed to retrieve the password use the identity.
 
 Specify your own names and domain names.
 
 ```powershell
 New-ADServiceAccount -Name WebFarmSvc `
-    -DNSHostName WebFarmSvc.aadds.contoso.com `
-    -Path "OU=MYNEWOU,DC=contoso,DC=com" `
+    -DNSHostName WebFarmSvc.aaddscontoso.com `
+    -Path "OU=MYNEWOU,DC=aaddscontoso,DC=com" `
     -KerberosEncryptionType AES128, AES256 `
     -ManagedPasswordIntervalInDays 30 `
-    -ServicePrincipalNames http/WebFarmSvc.aadds.contoso.com/aadds.contoso.com, `
-        http/WebFarmSvc.aadds.contoso.com/contoso, `
-        http/WebFarmSvc/aadds.contoso.com, `
-        http/WebFarmSvc/contoso `
-    -PrincipalsAllowedToRetrieveManagedPassword CONTOSO-SERVER$
+    -ServicePrincipalNames http/WebFarmSvc.aaddscontoso.com/aaddscontoso.com, `
+        http/WebFarmSvc.aaddscontoso.com/aaddscontoso, `
+        http/WebFarmSvc/aaddscontoso.com, `
+        http/WebFarmSvc/aaddscontoso `
+    -PrincipalsAllowedToRetrieveManagedPassword AADDSCONTOSO-SERVER$
 ```
 
 Applications and services can now be configured to use the gMSA as needed.

articles/active-directory-domain-services/create-ou.md

@@ -62,11 +62,11 @@ To create a custom OU, you use the Active Directory Administrative Tools from a
 1. Sign in to your management VM. For steps on how to connect using the Azure portal, see [Connect to a Windows Server VM][connect-windows-server-vm].
 1. From the Start screen, select **Administrative Tools**. A list of available management tools is shown that were installed in the tutorial to [create a management VM][tutorial-create-management-vm].
 1. To create and manage OUs, select **Active Directory Administrative Center** from the list of administrative tools.
-1. In the left pane, choose your Azure AD DS managed domain, such as *aadds.contoso.com*. A list of existing OUs and resources is shown:
+1. In the left pane, choose your Azure AD DS managed domain, such as *aaddscontoso.com*. A list of existing OUs and resources is shown:
 
     ![Select your Azure AD DS managed domain in the Active Directory Administrative Center](./media/active-directory-domain-services-admin-guide/create-ou-adac-overview.png)
 
-1. The **Tasks** pane is shown on the right side of the Active Directory Administrative Center. Under the domain, such as *aadds.contoso.com*, select **New > Organizational Unit**.
+1. The **Tasks** pane is shown on the right side of the Active Directory Administrative Center. Under the domain, such as *aaddscontoso.com*, select **New > Organizational Unit**.
 
     ![Select the option to create a new OU in the Active Directory Administrative Center](./media/active-directory-domain-services-admin-guide/create-ou-adac-new-ou.png)
 

articles/active-directory-domain-services/delete-aadds.md

@@ -31,7 +31,7 @@ If you no longer need a managed domain, you can delete an Azure Active Directory
 To delete an Azure AD DS managed domain, complete the following steps:
 
 1. In the Azure portal, search for and select **Azure AD Domain Services**.
-1. Select the name of your Azure AD DS managed domain, such as *aadds.contoso.com*.
+1. Select the name of your Azure AD DS managed domain, such as *aaddscontoso.com*.
 1. On the **Overview** page, select **Delete**. To confirm the deletion, type the domain name of the managed domain again, then select **Delete**.
 
 It can take 15-20 minutes or more to delete the Azure AD DS managed domain.

articles/active-directory-domain-services/deploy-azure-app-proxy.md

@@ -70,7 +70,7 @@ With a VM ready to be used as the Azure AD Application Proxy connector, now copy
         > [!NOTE]
         > The global administrator account used to register the connector must belong to the same directory where you enable the Application Proxy service.
         >
-        > For example, if the Azure AD domain is *contoso.com*, the global administrator should be `admin@contoso.com` or another valid alias on that domain.
+        > For example, if the Azure AD domain is *aaddscontoso.com*, the global administrator should be `admin@aaddscontoso.com` or another valid alias on that domain.
 
    * If Internet Explorer Enhanced Security Configuration is turned on for the VM where you install the connector, the registration screen might be blocked. To allow access, follow the instructions in the error message, or turn off Internet Explorer Enhanced Security during the install process.
    * If connector registration fails, see [Troubleshoot Application Proxy](../active-directory/manage-apps/application-proxy-troubleshoot.md).
@@ -95,16 +95,16 @@ For more information, see [Configure Kerberos constrained delegation (KCD) in Az
 
 Use the [Get-ADComputer][Get-ADComputer] to retrieve the settings for the computer on which the Azure AD Application Proxy connector is installed. From your domain-joined management VM and logged in as user account that's a member of the *Azure AD DC administrators* group, run the following cmdlets.
 
-The following example gets information about the computer account named *appproxy.contoso.com*. Provide your own computer name for the Azure AD Application Proxy VM configured in the previous steps.
+The following example gets information about the computer account named *appproxy.aaddscontoso.com*. Provide your own computer name for the Azure AD Application Proxy VM configured in the previous steps.
 
 ```powershell
-$ImpersonatingAccount = Get-ADComputer -Identity appproxy.contoso.com
+$ImpersonatingAccount = Get-ADComputer -Identity appproxy.aaddscontoso.com
 ```
 
-For each application server that runs the apps behind Azure AD Application Proxy use the [Set-ADComputer][Set-ADComputer] PowerShell cmdlet to configure resource-based KCD. In the following example, the Azure AD Application Proxy connector is granted permissions to use the *appserver.contoso.com* computer:
+For each application server that runs the apps behind Azure AD Application Proxy use the [Set-ADComputer][Set-ADComputer] PowerShell cmdlet to configure resource-based KCD. In the following example, the Azure AD Application Proxy connector is granted permissions to use the *appserver.aaddscontoso.com* computer:
 
 ```powershell
-Set-ADComputer appserver.contoso.com -PrincipalsAllowedToDelegateToAccount $ImpersonatingAccount
+Set-ADComputer appserver.aaddscontoso.com -PrincipalsAllowedToDelegateToAccount $ImpersonatingAccount
 ```
 
 If you deploy multiple Azure AD Application Proxy connectors, you must configure resource-based KCD for each connector instance.

articles/active-directory-domain-services/deploy-kcd.md

@@ -52,7 +52,7 @@ Resource-based KCD is configured using PowerShell. You use the [Set-ADComputer][
 
 ## Configure resource-based KCD for a computer account
 
-In this scenario, let's assume you have a web app that runs on the computer named *contoso-webapp.aadds.contoso.com*. The web app needs to access a web API that runs on the computer named *contoso-api.aadds.contoso.com* in the context of domain users. Complete the following steps to configure this scenario:
+In this scenario, let's assume you have a web app that runs on the computer named *contoso-webapp.aaddscontoso.com*. The web app needs to access a web API that runs on the computer named *contoso-api.aaddscontoso.com* in the context of domain users. Complete the following steps to configure this scenario:
 
 1. [Create a custom OU](create-ou.md). You can delegate permissions to manage this custom OU to users within the Azure AD DS managed domain.
 1. [Domain-join the virtual machines][create-join-windows-vm], both the one that runs the web app, and the one that runs the web API, to the Azure AD DS managed domain. Create these computer accounts in the custom OU from the previous step.
@@ -63,8 +63,8 @@ In this scenario, let's assume you have a web app that runs on the computer name
 1. Finally, configure resource-based KCD using the [Set-ADComputer][Set-ADComputer] PowerShell cmdlet. From your domain-joined management VM and logged in as user account that's a member of the *Azure AD DC administrators* group, run the following cmdlets. Provide your own computer names as needed:
 
     ```powershell
-    $ImpersonatingAccount = Get-ADComputer -Identity contoso-webapp.aadds.contoso.com
-    Set-ADComputer contoso-api.aadds.contoso.com -PrincipalsAllowedToDelegateToAccount $ImpersonatingAccount
+    $ImpersonatingAccount = Get-ADComputer -Identity contoso-webapp.aaddscontoso.com
+    Set-ADComputer contoso-api.aaddscontoso.com -PrincipalsAllowedToDelegateToAccount $ImpersonatingAccount
     ```
 
 ## Configure resource-based KCD for a user account

articles/active-directory-domain-services/deploy-sp-profile-sync.md

@@ -58,7 +58,7 @@ From your Azure AD DS management VM, complete the following steps:
 
 1. From the Start screen, select **Administrative Tools**. A list of available management tools is shown that were installed in the tutorial to [create a management VM][tutorial-create-management-vm].
 1. To manage group membership, select **Active Directory Administrative Center** from the list of administrative tools.
-1. In the left pane, choose your Azure AD DS managed domain, such as *aadds.contoso.com*. A list of existing OUs and resources is shown.
+1. In the left pane, choose your Azure AD DS managed domain, such as *aaddscontoso.com*. A list of existing OUs and resources is shown.
 1. Select the **Users** OU, then choose the *AAD DC Service Accounts* security group.
 1. Select **Members**, then choose **Add...**.
 1. Enter the name of the SharePoint service account, then select **OK**. In the following example, the SharePoint service account is named *spadmin*:

articles/active-directory-domain-services/join-centos-linux-vm.md

@@ -59,13 +59,13 @@ sudo vi /etc/hosts
 
 In the *hosts* file, update the *localhost* address. In the following example:
 
-* *aadds.contoso.com* is the DNS domain name of your Azure AD DS managed domain.
+* *aaddscontoso.com* is the DNS domain name of your Azure AD DS managed domain.
 * *centos* is the hostname of your CentOS VM that you're joining to the managed domain.
 
 Update these names with your own values:
 
 ```console
-127.0.0.1 centos.aadds.contoso.com centos
+127.0.0.1 centos.aaddscontoso.com centos
 ```
 
 When done, save and exit the *hosts* file using the `:wq` command of the editor.
@@ -82,30 +82,30 @@ sudo yum install realmd sssd krb5-workstation krb5-libs oddjob oddjob-mkhomedir
 
 Now that the required packages are installed on the VM, join the VM to the Azure AD DS managed domain.
 
-1. Use the `realm discover` command to discover the Azure AD DS managed domain. The following example discovers the realm *AADDS.CONTOSO.COM*. Specify your own Azure AD DS managed domain name in ALL UPPERCASE:
+1. Use the `realm discover` command to discover the Azure AD DS managed domain. The following example discovers the realm *AADDSCONTOSO.COM*. Specify your own Azure AD DS managed domain name in ALL UPPERCASE:
 
     ```console
-    sudo realm discover AADDS.CONTOSO.COM
+    sudo realm discover AADDSCONTOSO.COM
     ```
 
    If the `realm discover` command can't find your Azure AD DS managed domain, review the following troubleshooting steps:
 
-    * Make sure that the domain is reachable from the VM. Try `ping aadds.contoso.com` to see if a positive reply is returned.
+    * Make sure that the domain is reachable from the VM. Try `ping aaddscontoso.com` to see if a positive reply is returned.
     * Check that the VM is deployed to the same, or a peered, virtual network in which the Azure AD DS managed domain is available.
     * Confirm that the DNS server settings for the virtual network have been updated to point to the domain controllers of the Azure AD DS managed domain.
 
 1. Now initialize Kerberos using the `kinit` command. Specify a user that belongs to the *AAD DC Administrators* group. If needed, [add a user account to a group in Azure AD](../active-directory/fundamentals/active-directory-groups-members-azure-portal.md).
 
-    Again, the Azure AD DS managed domain name must be entered in ALL UPPERCASE. In the following example, the account named `contosoadmin@aadds.contoso.com` is used to initialize Kerberos. Enter your own user account that's a member of the *AAD DC Administrators* group:
+    Again, the Azure AD DS managed domain name must be entered in ALL UPPERCASE. In the following example, the account named `contosoadmin@aaddscontoso.com` is used to initialize Kerberos. Enter your own user account that's a member of the *AAD DC Administrators* group:
 
     ```console
-    kinit contosoadmin@AADDS.CONTOSO.COM
+    kinit contosoadmin@AADDSCONTOSO.COM
     ```
 
-1. Finally, join the machine to the Azure AD DS managed domain using the `realm join` command. Use the same user account that's a member of the *AAD DC Administrators* group that you specified in the previous `kinit` command, such as `contosoadmin@AADDS.CONTOSO.COM`:
+1. Finally, join the machine to the Azure AD DS managed domain using the `realm join` command. Use the same user account that's a member of the *AAD DC Administrators* group that you specified in the previous `kinit` command, such as `contosoadmin@AADDSCONTOSO.COM`:
 
     ```console
-    sudo realm join --verbose AADDS.CONTOSO.COM -U 'contosoadmin@AADDS.CONTOSO.COM'
+    sudo realm join --verbose AADDSCONTOSO.COM -U 'contosoadmin@AADDSCONTOSO.COM'
     ```
 
 It takes a few moments to join the VM to the Azure AD DS managed domain. The following example output shows the VM has successfully joined to the Azure AD DS managed domain:
@@ -150,11 +150,11 @@ To grant members of the *AAD DC Administrators* group administrative privileges
     sudo visudo
     ```
 
-1. Add the following entry to the end of */etc/sudoers* file. The *AAD DC Administrators* group contains whitespace in the name, so include the backslash escape character in the group name. Add your own domain name, such as *aadds.contoso.com*:
+1. Add the following entry to the end of */etc/sudoers* file. The *AAD DC Administrators* group contains whitespace in the name, so include the backslash escape character in the group name. Add your own domain name, such as *aaddscontoso.com*:
 
     ```console
     # Add 'AAD DC Administrators' group members as admins.
-    %AAD\ DC\ Administrators@aadds.contoso.com ALL=(ALL) NOPASSWD:ALL
+    %AAD\ DC\ Administrators@aaddscontoso.com ALL=(ALL) NOPASSWD:ALL
     ```
 
     When done, save and exit the editor using the `:wq` command of the editor.
@@ -163,10 +163,10 @@ To grant members of the *AAD DC Administrators* group administrative privileges
 
 To verify that the VM has been successfully joined to the Azure AD DS managed domain, start a new SSH connection using a domain user account. Confirm that a home directory has been created, and that group membership from the domain is applied.
 
-1. Create a new SSH connection from your console. Use a domain account that belongs to the managed domain using the `ssh -l` command, such as `contosoadmin@contoso.com` and then enter the address of your VM, such as *centos.aadds.contoso.com*. If you use the Azure Cloud Shell, use the public IP address of the VM rather than the internal DNS name.
+1. Create a new SSH connection from your console. Use a domain account that belongs to the managed domain using the `ssh -l` command, such as `contosoadmin@aaddscontoso.com` and then enter the address of your VM, such as *centos.aaddscontoso.com*. If you use the Azure Cloud Shell, use the public IP address of the VM rather than the internal DNS name.
 
     ```console
-    ssh -l contosoadmin@AADDS.CONTOSO.com centos.aadds.contoso.com
+    ssh -l contosoadmin@AADDSCONTOSO.com centos.aaddscontoso.com
     ```
 
 1. When you've successfully connected to the VM, verify that the home directory was initialized correctly: