Stay organized with collectionsSave and categorize content based on your preferences.
This topic shows you how to add or remove authorized networks from your Managed Service for Microsoft Active Directory
domain. Authorized networks are Virtual Private Cloud (VPC) networks that
are permitted to access the domain. VPC peering enables this
access. Managed Microsoft AD supports adding up to 5 VPC
networks to the authorized network list. These networks must meetVPC peering requirements.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Manage authorized networks\n\nThis topic shows you how to add or remove authorized networks from your Managed Service for Microsoft Active Directory\ndomain. Authorized networks are Virtual Private Cloud (VPC) networks that\nare permitted to access the domain. VPC peering enables this\naccess. Managed Microsoft AD supports adding up to 5 VPC\nnetworks to the authorized network list. These networks must meet\n[VPC peering requirements](/vpc/docs/vpc-peering#restrictions).\n\nAdding authorized networks during domain creation\n-------------------------------------------------\n\nTo add an authorized network when you're\n[creating a new Managed Microsoft AD domain](/managed-microsoft-ad/docs/quickstart-create-domain),\ncomplete the following steps. \n\n### Console\n\n1. Go to the [Managed Microsoft AD](https://console.cloud.google.com/security/cloud-ad) page in the Google Cloud console. \n [Go to the Managed Microsoft AD page](https://console.cloud.google.com/security/cloud-ad)\n2. Select **Create new AD domain**.\n3. On the **Create new domain page** , under **Network details** , open the **Select networks** list. Select the name of the VPC network you want to authorize.\n4. Select **OK**.\n5. Complete [creating a new domain](/managed-microsoft-ad/docs/quickstart-create-domain).\n\n### gcloud\n\nRun the following gcloud CLI command. \n\n```\ngcloud active-directory domains create domain-name \\\n --region=region --reserved-ip-range=\"ip-range\" \\\n --authorized-networks=projects/project-name/global/networks/network\n```\n\nAdding authorized networks to an existing domain\n------------------------------------------------\n\nTo add an authorized network to an existing Managed Microsoft AD domain,\ncomplete the following steps. \n\n### Console\n\n1. Go to the [Managed Microsoft AD](https://console.cloud.google.com/security/cloud-ad) page in the Google Cloud console. \n [Go to the Managed Microsoft AD page](https://console.cloud.google.com/security/cloud-ad)\n2. From the domain list, select the domain name.\n3. On the **Basic details** page, select edit Edit.\n4. Under **Network details** , open the **Select networks** list. Select the networks you want to authorize.\n5. Select **Save Changes**.\n\n### gcloud\n\nRun the following gcloud CLI command. \n\n```\ngcloud active-directory domains update domain-name \\\n --add-authorized-networks=projects/project-name/global/networks/network\n```\n\nRemoving authorized networks\n----------------------------\n\nTo remove an authorized network from a Managed Microsoft AD domain,\ncomplete the following steps. \n\n### Console\n\n1. Go to the [Managed Microsoft AD](https://console.cloud.google.com/security/cloud-ad) page in the Google Cloud console. \n [Go to the Managed Microsoft AD page](https://console.cloud.google.com/security/cloud-ad)\n2. From the domain list, select the domain name.\n3. On the **Basic details** page, select edit Edit.\n4. Under **Network details** , open the **Select networks** list. Select the networks you want to remove.\n5. Select **Save Changes**.\n\n### gcloud\n\nRun the following gcloud CLI command. \n\n```\ngcloud active-directory domains update domain-name \\\n --remove-authorized-networks=projects/project-name/global/networks/network\n```"]]
