Network Security - UTM

scottalanmiller

@hobbit666 said:

So in this LANless thinking how do NTG handle AD? Or don't you have Active Directory anymore? Or Authentication in general?

I need to write a paper on NTG's journey

NTG no longer has AD. We have a mixed environment of Windows, Mac and Linux Mint. The Windows was 100% Windows 10 before we started moving off of AD. All of the Windows 10 is on Azure AD, not AD. Azure AD has no LAN dependency. We are looking at testing Linux Mint on Azure AD as that is now available and very exciting.

hobbit666

@scottalanmiller said:

@hobbit666 said:

So in this LANless thinking how do NTG handle AD? Or don't you have Active Directory anymore? Or Authentication in general?

I need to write a paper on NTG's journey

NTG no longer has AD. We have a mixed environment of Windows, Mac and Linux Mint. The Windows was 100% Windows 10 before we started moving off of AD. All of the Windows 10 is on Azure AD, not AD. Azure AD has no LAN dependency. We are looking at testing Linux Mint on Azure AD as that is now available and very exciting.

Look forward to reading. Will look more closely at Azure AD maybe instead of migrating our 2003 AD onto a 2012 machine.

scottalanmiller

Azure AD requires Windows 10. Because NTG stays up to date, we get big features sometimes decades ahead of other companies. Little things like allowing an old version of Windows to linger can have massive repercussions that are not well understood when companies evaluate cost and risk.

hobbit666

@scottalanmiller said:

Azure AD requires Windows 10. Because NTG stays up to date, we get big features sometimes decades ahead of other companies. Little things like allowing an old version of Windows to linger can have massive repercussions that are not well understood when companies evaluate cost and risk.

Hence the Fog project, also looking at visiting all sites over the next few months to do refresh and tidy up. So maybe Windows 10 could be included.

Dashrender

@hobbit666 said:

Look forward to reading. Will look more closely at Azure AD maybe instead of migrating our 2003 AD onto a 2012 machine.

@scottalanmiller Do you know if Azure Sync works with 2003? If not, and you don't want to have to manually recreate all of the users in Azure, you would have to upgrade your AD anyway.

scottalanmiller

@Dashrender said:

@hobbit666 said:

Look forward to reading. Will look more closely at Azure AD maybe instead of migrating our 2003 AD onto a 2012 machine.

@scottalanmiller Do you know if Azure Sync works with 2003? If not, and you don't want to have to manually recreate all of the users in Azure, you would have to upgrade your AD anyway.

I definitely do not know. My guess is that it does not. I would guess, but am purely guessing, that 2008 and newer will work. We did it with 2012 R2. Obviously that works

If you have more than a handful of users and do not already have Office 365 then one option is to do a temporary update to 2012 R2, sync and then drop 2012 R2.

Dashrender

@scottalanmiller said:

@Dashrender said:

@hobbit666 said:

Look forward to reading. Will look more closely at Azure AD maybe instead of migrating our 2003 AD onto a 2012 machine.

@scottalanmiller Do you know if Azure Sync works with 2003? If not, and you don't want to have to manually recreate all of the users in Azure, you would have to upgrade your AD anyway.

I definitely do not know. My guess is that it does not. I would guess, but am purely guessing, that 2008 and newer will work. We did it with 2012 R2. Obviously that works

If you have more than a handful of users and do not already have Office 365 then one option is to do a temporary update to 2012 R2, sync and then drop 2012 R2.

Yeah, but if you don't already have a license, that's not a cheap solution either. choices choices.

scottalanmiller

@GregoryHall or @PSX_Defector probably know the answer to this one. It might be as simple as "2003 works."

hobbit666

We do have all our users being Sync'd to Office365 at the moment with the sync tool, would that work?

Dashrender

@hobbit666 said:

We do have all our users being Sync'd to Office365 at the moment with the sync tool, would that work?

Then you've already got Azure AD and just don't know it.

Dashrender

@scottalanmiller said:

@GregoryHall or @PSX_Defector probably know the answer to this one. It might be as simple as "2003 works."

I guess that answers that question - yes it works with 2003

scottalanmiller

@hobbit666 said:

We do have all our users being Sync'd to Office365 at the moment with the sync tool, would that work?

Azure AD is what Office 365 uses behind the scenes. O365 hosted products are all on Azure.