Link to home
Create AccountLog in
Avatar of Cozumel
Cozumel

asked on

Domain Controller in the cloud

I am planning to move all of our services in the cloud. How does a domain controller in the cloud work and is this something doable? I did some research but it's all too technical to me. We're a small business with few locations and we use AD and have some login scripts. We don't have enough IT support while outsourcing it is too expensive, so is the reason to have everything hosted. Any recommendations - pros and cons and brief explanation of how that would work? I see MS Azure might be a good option.
Thanks!
Avatar of jhyiesla
jhyiesla
Flag of United States of America image

I'm not terribly familiar with this concept.  However, the domain controller concept and AD itself is a critical key to the rest of your network functioning. While it's possible for a physical or virtual server to take a hit ( that's why you have more than one), what happens if your ONLY DC is in the cloud and you lose connectivity to the cloud.  I'd suspect that most network things would just fail to work because there's no way to authenticate anyone or resolve a name to an IP or look up resources in AD because there's no connectivity to AD. As I said, I will confess to some level of ignorance on this issue, but this is a really good question to ask.
ASKER CERTIFIED SOLUTION
Avatar of Eddie-Lopez
Eddie-Lopez
Flag of Puerto Rico image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of wlacroix
wlacroix

We host all our stuff internally on vmware, if you can afford it, its worth keeping all your stuff inside vs hosted.

Where you end up paying huge is with links to and from your branches, especially if they are dedicated links.
You can also do it via VPN but there is 100 times more management.

I guess my point is you have lots of options, not just hosted, your going to ultimately spend the same money on each one, its a matter of how much management you want to put on IT vs your other services.

Do the math on each solution and you will see what I am talking about.
Why do you you setup an AD LDS instance in case you lose connectivity to the cloud; or you could setup a read only domain controller somewhere.
Avatar of Cozumel

ASKER

Well, here's the thing I am planning to get Office 365 and all of my services will be in the cloud anyway, so if I lose internet connection my users won't be able to access anything anyway, but they still will be able to login to their computers, right? I am even wondering if I need domain controller at all - does it give any other benefits besides the script and computer policy?
Regarding Azure - Eddie, do they support active directory specific services as well or they only make sure your virtual machine is up and running?
If you lose Internet connection with no local domain controller, your users will be able to login to their computers as long as they had logged before to that specific computer.

On Windows Azure AD services, I'm really not sure if they can manage it since we wanted to manage it ourselves. But here's the website, if you want more info on it:

http://www.windowsazure.com/en-us/services/identity/