domain controller in the cloud for small office?
-
@mike-davis said in domain controller in the cloud for small office?:
I found this chart of features:
https://azure.microsoft.com/en-us/pricing/details/active-directory/It looks like:
MDM auto-enrollment, Self-Service Bitlocker recovery, Additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State RoamingIs available in the Premium P1 and up. $6/user /month
At that price the $26/month domain controller running on Vultr looks like a pretty good deal. Combine it with ZeroTier and I should be all set.
Yeah, but what YOU need is free. So what does the $6/u/m have to do with your pricing decision?
-
We have an incredibly basic AD domain setup, are they any benefits of staying on local AD vs moving to Azure? We already have O365, so it sounds like the free tier is already available to us.
I've been thinking of switching for a while simply to try and eliminate password sharing, I feel like if their desktop login is the same as their email password they'd be more inclined to keep it private.
-
@scottalanmiller said in domain controller in the cloud for small office?:
Yeah, but what YOU need is free. So what does the $6/u/m have to do with your pricing decision?
Well I don't work for free. So if I have to visit every desktop, I have to bill for that. With only 8 machines I have to weight that cost vs spinning up a windows Server and joining all the computers. I'll have to visit every desktop at least once to get them to leave the domain of the company they are spitting from.
-
@bnrstnr said in domain controller in the cloud for small office?:
We have an incredibly basic AD domain setup, are they any benefits of staying on local AD vs moving to Azure? We already have O365, so it sounds like the free tier is already available to us.
I've been thinking of switching for a while simply to try and eliminate password sharing, I feel like if their desktop login is the same as their email password they'd be more inclined to keep it private.
How simple is simple? If you are deploying setting via GP, you should look into your options with Azure before making the switch.
Also, Azure AD doesn't (as far as I know) support Windows Server OSs... so if you have local file shares, you wouldn't have an authentication solution there (unless the AD Sync solution works - no clue on my part).
Lastly, Azure AD only supports Windows 10.
-
@mike-davis said in domain controller in the cloud for small office?:
@scottalanmiller said in domain controller in the cloud for small office?:
Yeah, but what YOU need is free. So what does the $6/u/m have to do with your pricing decision?
Well I don't work for free. So if I have to visit every desktop, I have to bill for that. With only 8 machines I have to weight that cost vs spinning up a windows Server and joining all the computers. I'll have to visit every desktop at least once to get them to leave the domain of the company they are spitting from.
Hopefully you have remove access for that - but that's really beside the point.
So you're already visiting them to make them leave their current domain (good luck with profiles), then you'll either have to join them to another domain, or Azure AD or leave them in workgroup mode. So there is little if any additional work here anyhow.
-
@mike-davis said in domain controller in the cloud for small office?:
@scottalanmiller said in domain controller in the cloud for small office?:
Yeah, but what YOU need is free. So what does the $6/u/m have to do with your pricing decision?
Well I don't work for free. So if I have to visit every desktop, I have to bill for that. With only 8 machines I have to weight that cost vs spinning up a windows Server and joining all the computers. I'll have to visit every desktop at least once to get them to leave the domain of the company they are spitting from.
I don't understand. The effort to join Azure AD is less than the effort to set up a VPN and join AD. So if the cost isn't zero and you want to go with relative costs, it's making money from reduced effort. That you don't work for free is precisely why it is that much better.
-
@mike-davis said in domain controller in the cloud for small office?:
With only 8 machines I have to weight that cost vs spinning up a windows Server and joining all the computers.
Assuming the cost of joining is the same (it's actually lower for Azure AD), then what cost are you weighing against?
-
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
I do know that they have QuickBooks - I know - I know. So I have to share QuickBooks from one computer.
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
-
@mike-davis said in domain controller in the cloud for small office?:
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
And updating is free, Win 7 is about to be a decade old. I know they could be stuck for some reason, but most of the time, udpating is an option.
-
@mike-davis said in domain controller in the cloud for small office?:
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
I do know that they have QuickBooks - I know - I know. So I have to share QuickBooks from one computer.
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
Good question, let me try that. I'll be back in an hour or so.
-
@mike-davis said in domain controller in the cloud for small office?:
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
It does not work for sharing. Just use a local account for that. The free version is very basic, sadly.
-
@scottalanmiller said in domain controller in the cloud for small office?:
@mike-davis said in domain controller in the cloud for small office?:
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
And updating is free, Win 7 is about to be a decade old. I know they could be stuck for some reason, but most of the time, udpating is an option.
Exactly this - sounds like a great reason to force the upgrade to Win10.
-
@scottalanmiller said in domain controller in the cloud for small office?:
@mike-davis said in domain controller in the cloud for small office?:
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
It does not work for sharing. Just use a local account for that. The free version is very basic, sadly.
Maybe I misunderstood what he was asking.
I read it to be - I have a Win10 machine joined to Azure AD - can I create a share on that Win10 machine and other Azure AD users can use their creds to access the share on my Windows 10 machine?
-
@dashrender said in domain controller in the cloud for small office?:
@scottalanmiller said in domain controller in the cloud for small office?:
@mike-davis said in domain controller in the cloud for small office?:
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
It does not work for sharing. Just use a local account for that. The free version is very basic, sadly.
Maybe I misunderstood what he was asking.
I read it to be - I have a Win10 machine joined to Azure AD - can I create a share on that Win10 machine and other Azure AD users can use their creds to access the share on my Windows 10 machine?
That's how I read it, too.
-
@dashrender said in domain controller in the cloud for small office?:
I read it to be - I have a Win10 machine joined to Azure AD - can I create a share on that Win10 machine and other Azure AD users can use their creds to access the share on my Windows 10 machine?
yes, exactly this. That way with Azure I can set a password change policy, and when they do change their password, they can still access the share on the Windows 10 machine.
-
@mike-davis said in domain controller in the cloud for small office?:
@dashrender said in domain controller in the cloud for small office?:
I read it to be - I have a Win10 machine joined to Azure AD - can I create a share on that Win10 machine and other Azure AD users can use their creds to access the share on my Windows 10 machine?
yes, exactly this. That way with Azure I can set a password change policy, and when they do change their password, they can still access the share on the Windows 10 machine.
That part would work, it's just that they'd need to use different creds always.
-
@scottalanmiller said in domain controller in the cloud for small office?:
I'm often a proponent of lowering school IT budgets, the overspend that they do is absurd - to the point that the extra money often causes more issues that it solves.
Have you ever heard or seen schools using Ubiquiti and PBX instead of Cisco to help with lowering the cost?
-
@black3dynamite said in domain controller in the cloud for small office?:
@scottalanmiller said in domain controller in the cloud for small office?:
I'm often a proponent of lowering school IT budgets, the overspend that they do is absurd - to the point that the extra money often causes more issues that it solves.
Have you ever heard or seen schools using Ubiquiti and PBX instead of Cisco to help with lowering the cost?
Have I, yes. Because I've worked in schools and done that. Very few do, though, and I consider it outright corruption. Funneling money to consultancies and big businesses using schools as ways to force tax payers to prop up big companies even when their products have no value to the schools.
-
@dashrender said in domain controller in the cloud for small office?:
@mike-davis said in domain controller in the cloud for small office?:
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
I do know that they have QuickBooks - I know - I know. So I have to share QuickBooks from one computer.
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
Good question, let me try that. I'll be back in an hour or so.
Ug conference call, can't test this yet.
-
@dashrender said in domain controller in the cloud for small office?:
@mike-davis said in domain controller in the cloud for small office?:
At this point I don't know if they have any Windows 7 clients, so it may be a moot point.
I do know that they have QuickBooks - I know - I know. So I have to share QuickBooks from one computer.
Has any one tested Azure AD to share a folder from one computer to another? Does it integrate all the accounts in AD, or only the one you set up on that particular Win 10 box?
Good question, let me try that. I'll be back in an hour or so.
Sadly, I could find no way in about 10 mins of googling, etc to add AzureAD credentials to a share/file permisssions to make this work.
As Scott said earlier, you'll have to create local a local account, then use that cred to make the sharing work.