?
Solved

Domain Controller in the cloud

Posted on 2013-05-22
6
Medium Priority
?
1,109 Views
Last Modified: 2014-11-12
I am planning to move all of our services in the cloud. How does a domain controller in the cloud work and is this something doable? I did some research but it's all too technical to me. We're a small business with few locations and we use AD and have some login scripts. We don't have enough IT support while outsourcing it is too expensive, so is the reason to have everything hosted. Any recommendations - pros and cons and brief explanation of how that would work? I see MS Azure might be a good option.
Thanks!
0
Comment
Question by:Cozumel
6 Comments
 
LVL 28

Expert Comment

by:jhyiesla
ID: 39188042
I'm not terribly familiar with this concept.  However, the domain controller concept and AD itself is a critical key to the rest of your network functioning. While it's possible for a physical or virtual server to take a hit ( that's why you have more than one), what happens if your ONLY DC is in the cloud and you lose connectivity to the cloud.  I'd suspect that most network things would just fail to work because there's no way to authenticate anyone or resolve a name to an IP or look up resources in AD because there's no connectivity to AD. As I said, I will confess to some level of ignorance on this issue, but this is a really good question to ask.
0
 
LVL 5

Accepted Solution

by:
Eddie-Lopez earned 2000 total points
ID: 39188074
Hi,

Yes, having your ADDS in the cloud is definitively doable, and you probably will need to do so if you plan on taking Exchange online or other services as well. Probably you should keep a local DC as well.

We are currently implementing Exchange Online / Office 365 / Lync and first we had to have our AD in the cloud. We are using Windows Azure and it works very nice, you can check their pricing to see if it fits your needs.

It's pros and cons are based on the fact that your ADDS will come from the cloud, which means that you should have enough Internet bandwidth to deal with this traffic, and if you go offline for some reason you will not have AD functionality (unless you keep a local DC, as stated above). But as long as you have Internet connection, you won't have to worry about anything else (if you have any trouble, Azure guys will deal with it). And it is great for mobile users, if you have any.

Hope this helps,

Eddie
0
 
LVL 3

Expert Comment

by:wlacroix
ID: 39188830
We host all our stuff internally on vmware, if you can afford it, its worth keeping all your stuff inside vs hosted.

Where you end up paying huge is with links to and from your branches, especially if they are dedicated links.
You can also do it via VPN but there is 100 times more management.

I guess my point is you have lots of options, not just hosted, your going to ultimately spend the same money on each one, its a matter of how much management you want to put on IT vs your other services.

Do the math on each solution and you will see what I am talking about.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 2

Expert Comment

by:ajjmunoz
ID: 39192952
Why do you you setup an AD LDS instance in case you lose connectivity to the cloud; or you could setup a read only domain controller somewhere.
0
 

Author Comment

by:Cozumel
ID: 39229471
Well, here's the thing I am planning to get Office 365 and all of my services will be in the cloud anyway, so if I lose internet connection my users won't be able to access anything anyway, but they still will be able to login to their computers, right? I am even wondering if I need domain controller at all - does it give any other benefits besides the script and computer policy?
Regarding Azure - Eddie, do they support active directory specific services as well or they only make sure your virtual machine is up and running?
0
 
LVL 5

Expert Comment

by:Eddie-Lopez
ID: 39229690
If you lose Internet connection with no local domain controller, your users will be able to login to their computers as long as they had logged before to that specific computer.

On Windows Azure AD services, I'm really not sure if they can manage it since we wanted to manage it ourselves. But here's the website, if you want more info on it:

http://www.windowsazure.com/en-us/services/identity/
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft has changed the look and feel of Azure AD and Microsoft account sign-in pages so that you will have a more unified look and feel when moving between the two interfaces.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month16 days, 21 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question