Why you don't need a VPN or not?
- 
 @scottalanmiller said in Why you don't need a VPN or not?: In an environment of 350 O365 users, we lose a few hours (let's say 1-3) per week, from O365 overhead compared to Zimbra. Let's be crazy conservative and say one hour a month. That's so weird that it takes so long in your experience. User creation is instant for us. We add users all the time, as in several per week (lately). Those who are on-prem get added in on-prem AD (instant), which is automatically synced to O365, we just need to manually assign a license (that's on purpose), and that's instant. Those not in on-prem AD it takes an extra minute to get to the O365 portal to create a new user if it's not already there or book marked, but same dance there as with AD. The thing is, we don't create users the second they need to do work involving O365 services. We do it before that, so there's no time wasted "waiting" for anything. The only thing that takes any "waiting" time whatsoever, is after you assign a license that involves Exchange services, it could take a little for provisioning/replication... which is not time wasted because the user is never waiting for it. So with O365, it takes one of us about a minute to create a user and assign a license. When the user needs it, it's ready. This can be done a day before, during their orientation, etc... 
- 
 @Obsolesce said in Why you don't need a VPN or not?: we just need to manually assign a license (that's on purpose), Curious why this is? Found a good script to do this via an AD attribute. https://gallery.technet.microsoft.com/office/Assign-Office-365-Licenses-b7385ebe 
- 
 @scottalanmiller said in Why you don't need a VPN or not?: This is a bad example, but worth noting. Remember that we (NTG) moved to Zimbra because of a support issue with O365. We built out the Zimbra environment, set it all up, created all the users, migrated the email, and switched over from O365 all during a single support incident where O365 was down and MS could not resolve it (it was partially MQ's fault and partially MS' fault - but MS had no ability to track the issue or resolve it) and it took fewer IT resources to setup and move to Zimbra than it did to resolve the issue with MS. It was eventually resolved and they admitted their mistake (and then sent the newly higher minion PSX to come on ML and try to customer shame us claiming the issue couldn't be theirs even thought they had admitted it and fixed it), but not until more than an hour after we had completed the migration to the superior solution. The "no effort" of O365, and really any SaaS solution, is really overstated. Application management remains, even in the best solutions. And in really poor ones, like O365, the effort of management is often absurdly high compared to what it should be. Yeah, I remember that. I suppose the O365 slogan should be "O365 -- YMMV" 
- 
 @Obsolesce said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: In an environment of 350 O365 users, we lose a few hours (let's say 1-3) per week, from O365 overhead compared to Zimbra. Let's be crazy conservative and say one hour a month. That's so weird that it takes so long in your experience. User creation is instant for us. User creation alone, yes. But we never "just" make a user. It's always adding them to groups and stuff. Users never (for us) exist in isolation, they always are coming into a team and have to be configured. We have that all automated, but it can take 15-60 minutes for MS to process that. And making a new group, MS actually gives you a notice every time that says "this won't be active for an hour." If we had one by one users with zero other configuration, it would be just normal. Same as Zimbra. But with things like groups, DLs, aliases, etc., it is not. It's slow as molasses. 
- 
 @Obsolesce said in Why you don't need a VPN or not?: The thing is, we don't create users the second they need to do work involving O365 services. We do it before that, so there's no time wasted "waiting" for anything. The only thing that takes any "waiting" time whatsoever, is after you assign a license that involves Exchange services, it could take a little for provisioning/replication... which is not time wasted because the user is never waiting for it. So with O365, it takes one of us about a minute to create a user and assign a license. When the user needs it, it's ready. This can be done a day before, during their orientation, etc... We have the licenses automated, too. Even with that, the IT person (and computer) get tied up waiting for the task to complete. And they waste a lot of steps. 
- 
 @Obsolesce said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: This is a bad example, but worth noting. Remember that we (NTG) moved to Zimbra because of a support issue with O365. We built out the Zimbra environment, set it all up, created all the users, migrated the email, and switched over from O365 all during a single support incident where O365 was down and MS could not resolve it (it was partially MQ's fault and partially MS' fault - but MS had no ability to track the issue or resolve it) and it took fewer IT resources to setup and move to Zimbra than it did to resolve the issue with MS. It was eventually resolved and they admitted their mistake (and then sent the newly higher minion PSX to come on ML and try to customer shame us claiming the issue couldn't be theirs even thought they had admitted it and fixed it), but not until more than an hour after we had completed the migration to the superior solution. The "no effort" of O365, and really any SaaS solution, is really overstated. Application management remains, even in the best solutions. And in really poor ones, like O365, the effort of management is often absurdly high compared to what it should be. Yeah, I remember that. I suppose the O365 slogan should be "O365 -- YMMV" This is true with most things. With O365, user creation is easy, Group creation is intentionally confusing and slow, but still easy. Folder creation is hidden, slow, and rather hard (we can't even DISCUSS folders with users, it is so confusing.) And email enabled folders border on the insane. 
- 
 @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: But I don't see that working very well for large files - say AutoCAD or even some graphics files. AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually. Not that I've dealt with this in a long time - please share what you know - I'm interested. Dessault has Solidworks PDM (https://www.solidworks.com/category/product-data-management) which is a massive piece of software that uses a database and IIRC web protocol to transfer data. It solves the latency and file locking issues that plagues SMB when doing large files that change very frequently.... on top of dozens of other enhancements. AutoDesk does the same thing with Vault (I think, it has changed names and feature sets a few times). OK - so it's a dedicated solution for these software packages. I guess I get it - you can't lump all these things together anymore, you need to treat each one like a snowflake to get the best type of situation, but the server sprawl does kinda suck. 
- 
 @scottalanmiller said in Why you don't need a VPN or not?: New users, groups, folders... it's so slow and convoluted with Exchange. Still slow even if you use PowerShell too? 
- 
 @black3dynamite said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: New users, groups, folders... it's so slow and convoluted with Exchange. Still slow even if you use PowerShell too? Yes. 
- 
 @coliver said in Why you don't need a VPN or not?: @black3dynamite said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: New users, groups, folders... it's so slow and convoluted with Exchange. Still slow even if you use PowerShell too? Yes. I would assume the backend would be the same using either the GUI or Powershell in O365 - because the backend processing is where the performance issue is. 
- 
 @Dashrender said in Why you don't need a VPN or not?: @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: But I don't see that working very well for large files - say AutoCAD or even some graphics files. AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually. Not that I've dealt with this in a long time - please share what you know - I'm interested. Dessault has Solidworks PDM (https://www.solidworks.com/category/product-data-management) which is a massive piece of software that uses a database and IIRC web protocol to transfer data. It solves the latency and file locking issues that plagues SMB when doing large files that change very frequently.... on top of dozens of other enhancements. AutoDesk does the same thing with Vault (I think, it has changed names and feature sets a few times). OK - so it's a dedicated solution for these software packages. I guess I get it - you can't lump all these things together anymore, you need to treat each one like a snowflake to get the best type of situation, but the server sprawl does kinda suck. Basically always did. Anytime you use a database, that's a spot where you are avoiding the file system for something more purpose built. This is just an extension of that, really. 
- 
 @black3dynamite said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: New users, groups, folders... it's so slow and convoluted with Exchange. Still slow even if you use PowerShell too? That's what we use. That's what takes 15-60 minutes. 
- 
 @scottalanmiller said in Why you don't need a VPN or not?: @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: But I don't see that working very well for large files - say AutoCAD or even some graphics files. AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually. Yes, CAD is something that basically always does LANless on its own. It has special needs and normally handles them. You don't use NextCloud or anything like it, nor do you use SMB or anything like that. only for a premium, but they are rarely if ever rolled into the base product, at least not fully featured 
- 
 @Donahue said in Why you don't need a VPN or not?: @scottalanmiller said in Why you don't need a VPN or not?: @coliver said in Why you don't need a VPN or not?: @Dashrender said in Why you don't need a VPN or not?: But I don't see that working very well for large files - say AutoCAD or even some graphics files. AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually. Yes, CAD is something that basically always does LANless on its own. It has special needs and normally handles them. You don't use NextCloud or anything like it, nor do you use SMB or anything like that. only for a premium, but they are rarely if ever rolled into the base product, at least not fully featured Technically, all fire sharing is a sort of premium somewhere. 





