Moving from Physical AD/Data Server to Office365
-
So our company has finally decided to make the jump to all remote.
We are small (let's say 10 people) but we used to be large, so we have a AD domain.
Right now we have a local DC and a local data server. We also use Office365 for e-mail and, of course, Office.
There is no RIGHT answer here, but if you were doing this ... what would you do?
I think there are two parts to look at...
- Keep some sort of AD authentication, or not?
- What to do with data?
For #1 ... I'm not sure.
For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.
So ... let's hear it, ML ... WWMLD?
-
I think there is definitely some benefit to using a directory, even for a small company. With office 365, Basic AD is included and you can also use a 100% free (for 10 or less users) of Jumpcloud which has a ton of integration.
As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.
-
@BRRABill said in Moving from Physical AD/Data Server to Office365:
Keep some sort of AD authentication, or not?
Not likely. What purpose would it serve?
-
@IRJ said in Moving from Physical AD/Data Server to Office365:
With office 365, Basic AD is included
I thought Azure AD was, not AD? Is AD included, too?
-
@scottalanmiller said in Moving from Physical AD/Data Server to Office365:
@BRRABill said in Moving from Physical AD/Data Server to Office365:
Keep some sort of AD authentication, or not?
Not likely. What purpose would it serve?
Managing SSO accounts with other SaaS services
-
@IRJ said in Moving from Physical AD/Data Server to Office365:
@scottalanmiller said in Moving from Physical AD/Data Server to Office365:
@BRRABill said in Moving from Physical AD/Data Server to Office365:
Keep some sort of AD authentication, or not?
Not likely. What purpose would it serve?
Managing SSO accounts with other SaaS services
AD is complete shit for connecting to SaaS, though.
-
@BRRABill What is the data? Office files? Media files? Other files?
-
@scottalanmiller said in Moving from Physical AD/Data Server to Office365:
@IRJ said in Moving from Physical AD/Data Server to Office365:
With office 365, Basic AD is included
I thought Azure AD was, not AD? Is AD included, too?
No. I meant Azure AD. It is a SaaS service so I just figured that was already assumed.
-
@BRRABill said in Moving from Physical AD/Data Server to Office365:
For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.
Yeah OneDrive is definitely the best option for storing user's files.
-
@scottalanmiller Mainly just generic Office files. A little media here and there, but nothing intensive, if that is what you mean.
-
@scottalanmiller said in Moving from Physical AD/Data Server to Office365:
@IRJ said in Moving from Physical AD/Data Server to Office365:
@scottalanmiller said in Moving from Physical AD/Data Server to Office365:
@BRRABill said in Moving from Physical AD/Data Server to Office365:
Keep some sort of AD authentication, or not?
Not likely. What purpose would it serve?
Managing SSO accounts with other SaaS services
AD is complete shit for connecting to SaaS, though.
That's true without WSO2, Shibboleth, or ADSF it's complete shit.
-
@IRJ said in Moving from Physical AD/Data Server to Office365:
As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.
-
@coliver said in Moving from Physical AD/Data Server to Office365:
@IRJ said in Moving from Physical AD/Data Server to Office365:
As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.
Agreed. I was talking about data archiving. Not using that for any type of user or document storage. That would be cruel to users to put their data in glacier haha
-
@IRJ said in Moving from Physical AD/Data Server to Office365:
@coliver said in Moving from Physical AD/Data Server to Office365:
@IRJ said in Moving from Physical AD/Data Server to Office365:
As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.
Agreed. I was talking about data archiving. Not using that for any type of user or document storage. That would be cruel to users to put their data in glacier haha
Good for punishing stupid users though.
-
I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?
-
@BRRABill said in Moving from Physical AD/Data Server to Office365:
I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?
Yes. No.
-
@BRRABill said in Moving from Physical AD/Data Server to Office365:
I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?
Yeah scrap it
and no need anything else... unless you want to have Intune as your MDM and manage policies to your computers. -
@BRRABill said in Moving from Physical AD/Data Server to Office365:
So our company has finally decided to make the jump to all remote.
We are small (let's say 10 people) but we used to be large, so we have a AD domain.
Right now we have a local DC and a local data server. We also use Office365 for e-mail and, of course, Office.
There is no RIGHT answer here, but if you were doing this ... what would you do?
I think there are two parts to look at...
- Keep some sort of AD authentication, or not?
- What to do with data?
For #1 ... I'm not sure.
For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.
So ... let's hear it, ML ... WWMLD?
1: Yes. AD Sync for on-premises user management works both ways. It does make things simpler to manage.
2: OneDrive for Business is SharePoint on the backend. It's great for setting up things like Check Out/In, Versioning, and Review controls. Permissions based folder and site visibility (think Access-based Enumeration in Windows) are also a big plus.You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.
EDIT: BTW, the customer is always responsible for backing up the data in any cloud. I suggest Veeam Backup for O365.
-
This post is deleted! -
@PhlipElder said in Moving from Physical AD/Data Server to Office365:
@BRRABill said in Moving from Physical AD/Data Server to Office365:
So our company has finally decided to make the jump to all remote.
We are small (let's say 10 people) but we used to be large, so we have a AD domain.
You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.
There is no on prem and using Colo for this would be wasteful. You don't gain anything from it.
