ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Moving from Physical AD/Data Server to Office365

    Scheduled Pinned Locked Moved IT Discussion
    62 Posts 9 Posters 8.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ @scottalanmiller
      last edited by

      @scottalanmiller said in Moving from Physical AD/Data Server to Office365:

      @IRJ said in Moving from Physical AD/Data Server to Office365:

      With office 365, Basic AD is included

      I thought Azure AD was, not AD? Is AD included, too?

      No. I meant Azure AD. It is a SaaS service so I just figured that was already assumed.

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • IRJI
        IRJ @BRRABill
        last edited by

        @BRRABill said in Moving from Physical AD/Data Server to Office365:

        For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.

        Yeah OneDrive is definitely the best option for storing user's files.

        1 Reply Last reply Reply Quote 0
        • BRRABillB
          BRRABill @scottalanmiller
          last edited by

          @scottalanmiller Mainly just generic Office files. A little media here and there, but nothing intensive, if that is what you mean.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • coliverC
            coliver @scottalanmiller
            last edited by

            @scottalanmiller said in Moving from Physical AD/Data Server to Office365:

            @IRJ said in Moving from Physical AD/Data Server to Office365:

            @scottalanmiller said in Moving from Physical AD/Data Server to Office365:

            @BRRABill said in Moving from Physical AD/Data Server to Office365:

            Keep some sort of AD authentication, or not?

            Not likely. What purpose would it serve?

            Managing SSO accounts with other SaaS services

            AD is complete shit for connecting to SaaS, though.

            That's true without WSO2, Shibboleth, or ADSF it's complete shit.

            1 Reply Last reply Reply Quote 1
            • coliverC
              coliver @IRJ
              last edited by

              @IRJ said in Moving from Physical AD/Data Server to Office365:

              As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
              If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.

              Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.

              IRJI 1 Reply Last reply Reply Quote 0
              • IRJI
                IRJ @coliver
                last edited by

                @coliver said in Moving from Physical AD/Data Server to Office365:

                @IRJ said in Moving from Physical AD/Data Server to Office365:

                As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
                If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.

                Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.

                Agreed. I was talking about data archiving. Not using that for any type of user or document storage. That would be cruel to users to put their data in glacier haha

                coliverC 1 Reply Last reply Reply Quote 0
                • coliverC
                  coliver @IRJ
                  last edited by

                  @IRJ said in Moving from Physical AD/Data Server to Office365:

                  @coliver said in Moving from Physical AD/Data Server to Office365:

                  @IRJ said in Moving from Physical AD/Data Server to Office365:

                  As far as the data, moving it to the cloud is the only viable option for a remote workforce and company this size. Do you need instant access to the storage? if you could wait 3-4 hours to retrieve data, you can use an ultra cheap service like Glacier. (You can also pay extra for a single retreival if for some reason you need it in 15 mins). Glacier is about 20% less expensive than wasabi and offers 99.9999999% durability.
                  If you need infrequent, but instant access you can use S3 infrequent access which is approximately $12 a TB, and offers the same 99.9999999% durability.

                  Honestly with the storage included with most Microsoft 365 subscriptions Sharepoint/OneDrive is probably the way to go.

                  Agreed. I was talking about data archiving. Not using that for any type of user or document storage. That would be cruel to users to put their data in glacier haha

                  Good for punishing stupid users though.

                  1 Reply Last reply Reply Quote 0
                  • BRRABillB
                    BRRABill
                    last edited by

                    I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?

                    coliverC dbeatoD scottalanmillerS 3 Replies Last reply Reply Quote 0
                    • coliverC
                      coliver @BRRABill
                      last edited by

                      @BRRABill said in Moving from Physical AD/Data Server to Office365:

                      I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?

                      Yes. No.

                      1 Reply Last reply Reply Quote 0
                      • dbeatoD
                        dbeato @BRRABill
                        last edited by

                        @BRRABill said in Moving from Physical AD/Data Server to Office365:

                        I guess the question is ... do we just scrap our AD, and use our Office365 accounts to log in. Do we really need anything more than that?

                        Yeah scrap it 🙂 and no need anything else... unless you want to have Intune as your MDM and manage policies to your computers.

                        1 Reply Last reply Reply Quote 1
                        • PhlipElderP
                          PhlipElder @BRRABill
                          last edited by PhlipElder

                          @BRRABill said in Moving from Physical AD/Data Server to Office365:

                          So our company has finally decided to make the jump to all remote.

                          We are small (let's say 10 people) but we used to be large, so we have a AD domain.

                          Right now we have a local DC and a local data server. We also use Office365 for e-mail and, of course, Office.

                          There is no RIGHT answer here, but if you were doing this ... what would you do?

                          I think there are two parts to look at...

                          1. Keep some sort of AD authentication, or not?
                          2. What to do with data?

                          For #1 ... I'm not sure.

                          For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.

                          So ... let's hear it, ML ... WWMLD?

                          1: Yes. AD Sync for on-premises user management works both ways. It does make things simpler to manage.
                          2: OneDrive for Business is SharePoint on the backend. It's great for setting up things like Check Out/In, Versioning, and Review controls. Permissions based folder and site visibility (think Access-based Enumeration in Windows) are also a big plus.

                          You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.

                          EDIT: BTW, the customer is always responsible for backing up the data in any cloud. I suggest Veeam Backup for O365.

                          PhlipElderP IRJI dbeatoD 3 Replies Last reply Reply Quote 0
                          • PhlipElderP
                            PhlipElder @PhlipElder
                            last edited by

                            This post is deleted!
                            1 Reply Last reply Reply Quote 0
                            • IRJI
                              IRJ @PhlipElder
                              last edited by

                              @PhlipElder said in Moving from Physical AD/Data Server to Office365:

                              @BRRABill said in Moving from Physical AD/Data Server to Office365:

                              So our company has finally decided to make the jump to all remote.

                              We are small (let's say 10 people) but we used to be large, so we have a AD domain.

                              You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.

                              There is no on prem and using Colo for this would be wasteful. You don't gain anything from it.

                              BRRABillB 1 Reply Last reply Reply Quote 2
                              • ObsolesceO
                                Obsolesce @BRRABill
                                last edited by Obsolesce

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                So our company has finally decided to make the jump to all remote.

                                Awesome!

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                We are small (let's say 10 people) but we used to be large, so we have a AD domain.
                                ...
                                Right now we have a local DC and a local data server.

                                Are you using any local (apps on your PC) that explicitly use your on-prem AD for authentication and/or other data?

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                We also use Office365 for e-mail and, of course, Office.

                                Okay, so you already have licensing and already have that whole thing going on. I'd keep using it. Do you have your local AD synchronizing users, passwords, etc. via AADConnect to Azure AD for your use of Office 365, email, etc.? Or, are you using local AD for logging into your Windows devices and AAD for O365 authentication?

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                There is no RIGHT answer here, but if you were doing this ... what would you do?

                                Yeah, it depends because we can't know all things to consider. All we know is that you have a 10-person company who ONLY uses Office365 email and Office suite. Nothing more than that, at all. Only going by that, then sure, if you want to keep using Outlook, Word, Excel, etc., then all you need is a CD containing the Office Suite and you are good to go, and can use your personal Gmail accounts hooked into Outlook to send receive mail.

                                However, I'm pretty sure that isn't the case, so I'm going to assume you're likely going to need Azure AD for accounts, specifically for company email accounts that you're already using I assume.

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                I think there are two parts to look at...

                                1. Keep some sort of AD authentication, or not?

                                If you mean local AD, then that totally depends on if you are using anything needs it or can't replace anything that needs it.

                                If you mean Azure AD, then that makes sense to take advantage of based on my assumptions of your current setup.

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                I think there are two parts to look at...

                                1. What to do with data?

                                Not sure of what all data you have. It's anyone's guess. I'm going to guess documents and shit, such as pdfs, graphics, office suite docs, etc.. I can't really assume much else without asking.

                                If it's personal stuff, then OneDrive since you'll already be getting it for free with your E3/E5 licenses. For document sharing and collaboration, SharePoint I suppose.... other things, ODfB can work.

                                Office365 backups, there's lots of 3rd party stuff for that. Veeam I think has cloud backup options without needing anything on-prem.

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.

                                Sounds like that'd work just fine.

                                @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                So ... let's hear it, ML ... WWMLD?

                                Some would answer your questions, others would veer off outside of contexts and dive into other assumptions to discredit others based off of un-dotted i's and un-crossed t's.


                                What SaaS are you using, or apps are you using that uses authentication besides O365?

                                BRRABillB 1 Reply Last reply Reply Quote 0
                                • BRRABillB
                                  BRRABill @IRJ
                                  last edited by

                                  @IRJ said in Moving from Physical AD/Data Server to Office365:

                                  @PhlipElder said in Moving from Physical AD/Data Server to Office365:

                                  @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                  So our company has finally decided to make the jump to all remote.

                                  We are small (let's say 10 people) but we used to be large, so we have a AD domain.

                                  You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.

                                  There is no on prem and using Colo for this would be wasteful. You don't gain anything from it.

                                  Yeah, literally no prem anymore.

                                  1 Reply Last reply Reply Quote 0
                                  • dbeatoD
                                    dbeato @PhlipElder
                                    last edited by

                                    @PhlipElder said in Moving from Physical AD/Data Server to Office365:

                                    @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                    So our company has finally decided to make the jump to all remote.

                                    We are small (let's say 10 people) but we used to be large, so we have a AD domain.

                                    Right now we have a local DC and a local data server. We also use Office365 for e-mail and, of course, Office.

                                    There is no RIGHT answer here, but if you were doing this ... what would you do?

                                    I think there are two parts to look at...

                                    1. Keep some sort of AD authentication, or not?
                                    2. What to do with data?

                                    For #1 ... I'm not sure.

                                    For #2 ... I am thinking throw the common files onto SharePoint, and put everyone's "home" folder into OneDrive for Business. With 10 people, it won't be hard to do that for each user.

                                    So ... let's hear it, ML ... WWMLD?

                                    1: Yes. AD Sync for on-premises user management works both ways. It does make things simpler to manage.
                                    2: OneDrive for Business is SharePoint on the backend. It's great for setting up things like Check Out/In, Versioning, and Review controls. Permissions based folder and site visibility (think Access-based Enumeration in Windows) are also a big plus.

                                    You can do it, but I do suggest keeping a small domain controller on-premises for simplicity in management.

                                    EDIT: BTW, the customer is always responsible for backing up the data in any cloud. I suggest Veeam Backup for O365.

                                    AD Sync does not go both ways, you will need to have sync back licensing which are expensive to get password synchronization and if there is any luck getting the user and group sync back from Office 365 to AD. It is just an additional layer of complexity that while it has its cases is not needed for a company this size.

                                    scottalanmillerS 1 Reply Last reply Reply Quote 2
                                    • BRRABillB
                                      BRRABill @Obsolesce
                                      last edited by

                                      Are you using any local (apps on your PC) that explicitly use your on-prem AD for authentication and/or other data?

                                      No.

                                      Okay, so you already have licensing and already have that whole thing going on. I'd keep using it. Do you have your local AD synchronizing users, passwords, etc. via AADConnect to Azure AD for your use of Office 365, email, etc.? Or, are you using local AD for logging into your Windows devices and AAD for O365 authentication?

                                      Correct. Local AD for machines and data security. Then we log onto O365 separately. (Which is what I am assuming you mean by Azure AD (AAD).)

                                      Some would answer your questions, others would veer off outside of contexts and dive into other assumptions to discredit others based off of un-dotted i's and un-crossed t's.

                                      But that is every post. 🙂

                                      What SaaS are you using, or apps are you using that uses authentication besides O365?
                                      Nothing, really.

                                      Unless I am misunderstanding your question.

                                      ObsolesceO scottalanmillerS 2 Replies Last reply Reply Quote 0
                                      • ObsolesceO
                                        Obsolesce @BRRABill
                                        last edited by Obsolesce

                                        @BRRABill said in Moving from Physical AD/Data Server to Office365:

                                        What SaaS are you using, or apps are you using that uses authentication besides O365?
                                        Nothing, really.

                                        Unless I am misunderstanding your question.

                                        Well, for example... HR or Accounting may be using some 3rd party SaaS app (like Paylocity) and everyone in the company may be logging into Paylocity that is using AAD SSO (as an example), or any other possible SaaS.

                                        Or, maybe your Windows PCs and O365 are absolutely the only systems and services you use that require authentication?

                                        I mean, if the company plans on being ~10 users, there's nothing wrong with setting everyone up with LastPass for all services.

                                        1 Reply Last reply Reply Quote 0
                                        • ObsolesceO
                                          Obsolesce
                                          last edited by

                                          For your local devices, you can use only Azure AD for logging in to your PCs. You don't need local AD for that. You also don't need Intune or anything for just basic oversight.

                                          BRRABillB 1 Reply Last reply Reply Quote 1
                                          • BRRABillB
                                            BRRABill @Obsolesce
                                            last edited by BRRABill

                                            @Obsolesce said in Moving from Physical AD/Data Server to Office365:

                                            For your local devices, you can use only Azure AD for logging in to your PCs. You don't need local AD for that. You also don't need Intune or anything for just basic oversight.

                                            Yeah I didn't even think about that ... logging in after the local DC goes away.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 1 / 4
                                            • First post
                                              Last post