Yay, a fellow Cadillac owner! I knew I liked you for a reason.
Posts made by alexntg
-
RE: Oh Black Betty!posted in Water Closet
-
RE: Intune, do you like it? Is it worth it?posted in IT Discussion
@Dashrender said:
@technobabble said:
@Carnival-Boy said:
I've run InTune for our some of our remote workers for a few years now. We got it more or less when it was released. It has improved a lot since then, but I've generally hated it. We got it because we needed Windows Enterprise licences for DirectAccess; remote assistance; antivirus; patch management; and MDM.
I abandoned DirectAccess and use Hamachi instead. The remote assistance part of InTune is dire, and I quickly replaced it with LogMeIn. The antivirus didn't stop some of our Sales Reps getting infected, and I had to use a third-party antivirus program to clean up the mess. The patch management is ok, but LogMeIn does that very well too. The MDM is mediocre and I replaced it with Meraki.
To conclude, InTune does everything poorly compared with its competitors. I now do everything I need much quicker, easier and cheaper with LogMeIn and Merkai, apart from security. For security, I like the look of GFI Cloud, but haven't rolled it out yet. The concept of one portal handling everything (InTune) is very attractive and should be cheaper (in theory), but I now prefer a best of breed approach. So to answer the thread's question: No and No.
Yikes, with a review like that, it would make most people run! I have looked/setup GFI cloud briefly and also Continuum. The part about InTune I liked was the option to get the upgraded OS.
But that's a pretty expensive part, the price goes from $6/month to $11/month. It might be worth it since MS is trying to move to a new version every three years, but I think that if they pull that off they'll have to lower the prices for upgrades like Apple did for their frequent upgrades.
It's not just a version upgrade. It's a tier upgrade. You can go from Pro to Enterprise. It also includes SA rights, which allows you to run up to 4 virtual OSEs per device covered under SA. You also get Windows To Go and BitLocker.
-
RE: Intune, do you like it? Is it worth it?posted in IT Discussion
@scottalanmiller said:
@Carnival-Boy said:
I abandoned DirectAccess and use Hamachi instead. The remote assistance part of InTune is dire, and I quickly replaced it with LogMeIn.
Like you we use Pertino for access even though we own Hamachi as well. And we use LMI for remote access. I didn't even know our InTune had remote access. How did I miss that?
Remote assistance, not remote access. However, if everyone's running Windows Enterprise, DirectAccess would be a good fit.
-
RE: Mixed Office365 and Exchange enviornment?posted in IT Discussion
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
All that makes me wonder if/when we can have AD in the cloud, either fully or hybrid, and be safe.
That's been available for a while. But the federation limitations remain. There is both traditional AD in the cloud (NTG runs that way) and Azure's cloud AD service. It is that cloud service that is being discussed binding to.
What about doing something crazy like setting up an RODC in Azure or AWS, and put ADFS on that? or skip ADFS altogether and use something like Pertino for logons.
If you're considering this from a DR perspective, a regular DC in a hosted environment would make sense. That way, if your on-premise infrastructure is unavailable, you can carry on as usual. I use AWS for my geographically distributed AD in my test lab, I have a DC on each side of the country.
the purchase of my question is more: What is a good way to have a distributed AD authentication scheme for a spread out network of mobile users? or if not mobile, in a setup where you don't want to pay for an onsite server (though if you're small enough, an on site small HP would be much cheaper in the long run, of course, not as protected as one in the Azure or AWS network)
What are you currently using for VPN?
Azure AD at this point isn't the full AD that you're familiar with. It's a platform to connect applications to. If you want to use Azure and use it for full AD, you'll need to spin up a Windows Server instance on Azure and set it up as a DC.
-
RE: Intune, do you like it? Is it worth it?posted in IT Discussion
A bit on the reimaging rights. Intune with SA is a volume license. You could use the volume license media and key to reimage other computers that run the same exact product version. You could use the Win8.1 Pro media and key for other Win8.1 Pro computers. Upgrade rights are only available with SA, one device per user. Do understand that if you cancel Intune, you'd be revoking your volume license rights.
-
RE: Mixed Office365 and Exchange enviornment?posted in IT Discussion
@lance said:
@alexntg said:
@lance said:
We have a total of about 220 current exchange users.
With en environment of that size, a cutover migration would work best. If you have Outlook Anywhere deployed, the cutover migration tool that MS provides works well. You can, however, do an O365 trial for users to get a feel for it and see if it'll be a good fit. That includes up to 25 users.
Sounds good, I will have to keep looking into this. You mentioned you have to keep a onsite Exchange server around, is there a point where we would be able to get rid of it or will we always have to have one.
You'd have to keep it around as long as you have hybrid mailboxes, so pretty much forever. You can still use DirSync to synchronize your users and passwords while keeping the hosted management aspect of it.
-
RE: Mixed Office365 and Exchange enviornment?posted in IT Discussion
@lance said:
We have a total of about 220 current exchange users.
With an environment of that size, a cutover migration would work best. If you have Outlook Anywhere deployed, the cutover migration tool that MS provides works well. You can, however, do an O365 trial for users to get a feel for it and see if it'll be a good fit. That includes up to 25 users.
*Edited for spelling and grammar -
RE: Mixed Office365 and Exchange enviornment?posted in IT Discussion
@scottalanmiller said:
I replied on SW as well. I recommend heavily against going hybrid for this reason. Hybrid is not designed for a transition state. It is designed for a permanent state. Binding you internal AD to Azure is non-trivial and is a decision that you will be stuck with for a long time.
Going this route will also send costs through the roof. This isn't an "easing" or a conservative process. There is so much more work and danger in doing this that jumping directly into Office 365 could be described as "easing" towards hybrid.
If the goal is to be safe and make things easier, this does the opposite.
Hybrid deployments no longer require ADFS, so the risk of ADFS is now mitigated. However, one still needs to keep an onsite Exchange server around afterwards for management.
-
RE: Mixed Office365 and Exchange enviornment?posted in IT Discussion
@Minion-Queen said:
I know that we have done hybrid setups so that the migration can happen slowly. I will ping one of my team as I have never done a hybrid migration. @alexntg can you provide some guidance here?
Certainly! If you need to have some users onsite and some hosted, you can use a hosted deployment. How many users are you looking at in total?