Not supported server roles and services

This section has been updated on 26/09/2018, for upto date information see 1.

The following roles are not supported on Microsoft Azure virtual machines:

• Dynamic Host Configuration Protocol Server
• Hyper-V (Hyper-V role is supported in Azure Ev3, and Dv3 series VMs only)
• Rights Management Services
• Windows Deployment Services
• Windows Server features

The following significant features are not supported:

• BitLocker Drive Encryption (on the operating system hard disk, may be used on data disks)
• Internet Storage Name Server
• Multipath I/O
• Network Load Balancing
• Peer Name Resolution Protocol
• RRAS
• DirectAccess
• SNMP Services
• Storage Manager for SANs
• Windows Internet Name Service
• Wireless LAN Service

Terminology

Azure subscription

Used to pay for Azure cloud services. You can have many subscriptions and they're linked to a credit card.

Azure tenant

A dedicated and trusted instance of Azure AD that's automatically created when your organization signs up for a Microsoft cloud service subscription, such as Microsoft Azure, Microsoft Intune, or Office 365. An Azure tenant represents a single organization.

Single tenant

Azure tenants that access other services in a dedicated environment are considered single tenant.

Multi-tenant

Azure tenants that access other services in a shared environment, across multiple organizations, are considered multi-tenant.

Azure AD directory

Each Azure tenant has a dedicated and trusted Azure AD directory. The Azure AD directory includes the tenant's users, groups, and apps and is used to perform identity and access management functions for tenant resources.

Azure AD account

An identity created through Azure AD or another Microsoft cloud service, such as Office 365. Identities are stored in Azure AD and accessible to your organization's cloud service subscriptions. This account is also sometimes called a Work or school account.

Owner

This role helps you manage all Azure resources, including access. This role is built on a newer authorization system called role-base access control (RBAC) that provides fine-grained access management to Azure resources. For more information, see Classic subscription administrator roles, Azure RBAC roles, and Azure AD administrator roles.

Azure AD Global administrator

This administrator role is automatically assigned to whomever created the Azure AD tenant. Global administrators can perform all of the administrative functions for Azure AD and any services that federate to Azure AD, such as Exchange Online, SharePoint Online, and Skype for Business Online. You can have multiple Global administrators, but only Global administrators can assign administrator roles (including assigning other Global administrators) to users. Note: This administrator role is called Global administrator in the Azure portal, but it's called Company administrator in Microsoft Graph API, Azure AD Graph API, and Azure AD PowerShell.

Microsoft account (also called, MSA)

Personal accounts that provide access to your consumer-oriented Microsoft products and cloud services, such as Outlook, OneDrive, Xbox LIVE, or Office 365. Your Microsoft account is created and stored in the Microsoft consumer identity account system that's run by Microsoft.

Business-to-Business (B2B)

Manage your guest users and external partners, while maintaining control over your own corporate data.

Business-to-Customer (B2C)

Customize and control how users sign up, sign in, and manage their profiles when using your apps.

Azure Service Principal

used for a case when an application(not a human) needs access to Azure

Resources

• Terminiology AD official

Resources

• What is and can't be suppoerted on Azure Windows systems
• Minimum version support for Linux and Windows virtual machine agents in Azure Linux systems

Azure for AWS Administrators

• Azure for AWS Professionals
• AWS to Azure services comparison

Blog resources

• Tips and tricks 100+