Wow ... it's been a month since I asked this!

From the responses, I guess there is a third little piece of this, in RMM and also how much I want control over my user machines.

In many ways, I was almost considering them all just having fresh installs, like they went out and bought a new laptop from Best Buy, and now want to attach to Office365.

The files will be there, they can collaborate. Do I really need to provide anything else?

We are currently using an RMM solution still so I can run scripts and assist remotely if needed.

Can also just buy an adapter.

I have a whole slew of them in my laptop bag.

USB-C to HDMI
USB-C to VGA
etc
etc

@scottalanmiller

Just

a) logging into our machines
b) network security

@IRJ

This is the screen I get.

I deleted everything. Then you re-enter the gateway, and it will ask you for your password.

@Obsolesce said in Moving from Physical AD/Data Server to Office365:

For your local devices, you can use only Azure AD for logging in to your PCs. You don't need local AD for that. You also don't need Intune or anything for just basic oversight.

Yeah I didn't even think about that ... logging in after the local DC goes away.

Are you using any local (apps on your PC) that explicitly use your on-prem AD for authentication and/or other data?

No.

Okay, so you already have licensing and already have that whole thing going on. I'd keep using it. Do you have your local AD synchronizing users, passwords, etc. via AADConnect to Azure AD for your use of Office 365, email, etc.? Or, are you using local AD for logging into your Windows devices and AAD for O365 authentication?

Correct. Local AD for machines and data security. Then we log onto O365 separately. (Which is what I am assuming you mean by Azure AD (AAD).)

Some would answer your questions, others would veer off outside of contexts and dive into other assumptions to discredit others based off of un-dotted i's and un-crossed t's.

But that is every post.

What SaaS are you using, or apps are you using that uses authentication besides O365?
Nothing, really.

Unless I am misunderstanding your question.

@IRJ said in Moving from Physical AD/Data Server to Office365:

@PhlipElder said in Moving from Physical AD/Data Server to Office365:

@BRRABill said in Moving from Physical AD/Data Server to Office365:

So our company has finally decided to make the jump to all remote.

We are small (let's say 10 people) but we used to be large, so we have a AD domain.

You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.

There is no on prem and using Colo for this would be wasteful. You don't gain anything from it.

Yeah, literally no prem anymore.

I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?

@gjacobse said in Windows 7 and PaloAlto GlobalProtect:

@BRRABill
Yup- that’s right. And have done so on several occasions. But when it isn’t an option because it’s not there, you cannot sign out.

No username- no sign out option

I remember this threw me for a loop once.

Is there like a little icon or something? Can you send a screenshot of the settings page?

I do remember doing this once, and it was confusing.

@scottalanmiller Mainly just generic Office files. A little media here and there, but nothing intensive, if that is what you mean.