c# - Managing machine AD accounts for scaled roles in a cloud service -

c# - Managing machine AD accounts for scaled roles in a cloud service -

we domain-join virtual machines associated our cloud service roles. of course, process of joining domain forces reboot. and, when scaling up, fine. however, when scaling-down want automatically remove machines advertisement business relationship domain. don't see way execute "before or after" event in azure auto-scaling. current prescription override roles onstop event. however, there no way tell if simple reboot or actual deallocation. of course, can hack-in process, myself.

however, else out there doing this? how accomplish elegantly?

updated rephrase question... best way manage machine identities when have paas based role instances beingness domain joined iaas domain controller.

imho, there 2 approaches can taken: passive approach inventory of paas role instances taken , changes applied dc; , active approach on shut-down, role instances need actively notify dc beingness removed.

for passive solution, best alternative might have process periodically queries paas cloud service topology via "get deployment" service management api. response operation includes list of current role instances , status.

the active solution require placing code roleentrypoint actively send status alert notification message dc role instance removed. approach, trap in number of possible hooks: roleenvironment.changing, roleenvironment.changed, roleenvironment.stopping, roleenvironment.onstop.

the challenge either method differentiating deprovisioning of role instance when 1 beingness rebooted (say invitee os update).

c# azure active-directory azure-virtual-machine azure-cloud-services