[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Active directory in the cloud?

Posted on 2014-08-07
10
Medium Priority
?
583 Views
Last Modified: 2014-11-12
Hi Experts,

We have 2 servers currently in the cloud not attached to our Active Directory.  We want to start expanding our Active directory to the cloud and start moving our virtuals and others servers out.

What is the best way to do this and can you point me to resources that I can learn about this and figure out the best way for our company?

Thank you,

Karen
0
Comment
Question by:klsphotos
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 21

Assisted Solution

by:netcmh
netcmh earned 1000 total points
ID: 40247116
0
 
LVL 21

Assisted Solution

by:netcmh
netcmh earned 1000 total points
ID: 40247122
0
 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 500 total points
ID: 40247130
You can establish VPN tunnel with your cloud service provider from corporate network and you can place RODCs in cloud

U can deploy R/W DC as well, but from security point of view, you should deploy RODC

If you are exploring Windows Azure Public cloud, they have there active directory service in cloud and you can sync your on premise active directory accounts with Azure active directory with the help of MS DirSync tool
U need to place your applications in Azure and your on premise accounts can logon to cloud applications with SSO, you do need to deploy ADFS server to take care of SSO
This is the best way to deal with cloud so that you don't have to expose your on premise AD to cloud.
This is the way O365 is working.

Check below article
https://azure.microsoft.com/en-us/

Other cloud options are also available such as VMware, Google, Successfactor etc
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:klsphotos
ID: 40247174
We already have another site in another location that is connected through a secure VPN.  We have a domain controller there, it's the president of the company's office.  Couldn't I do the same thing to our other site that is currently not connected?
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 40247196
Yes you can do that any time

However you asked question regarding cloud ?
0
 

Author Comment

by:klsphotos
ID: 40247254
Maybe I'm confusing the 2. We have two servers in the cloud not connected to our ad. We need to get them on our domain and move a lot if our orther servers out
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40247280
If you have a legitimate need to get those 2 cloud servers talking with your AD, the cloud AD method is your route.
0
 
LVL 14

Accepted Solution

by:
Brad Groux earned 500 total points
ID: 40248987
Azure's AD basically "extends" your internal Active Directory environment to the cloud. Just think of the cloud as a new site within your AD environment.

Your best bet (especially if you see building out the cloud in the future) is to build out an Active Directory Replica in the cloud - http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-install-replica-active-directory-domain-controller/

This kills two birds with one stone as it also gives you added redundancy to you AD environment.
0
 

Author Comment

by:klsphotos
ID: 40249034
Thank you Brad and everyone.  I was looking at the cost of Azure and have a lot to figure out.  I'm not sure why at this time they want to move all the servers to the cloud, most likely since we have a lot of external clients, easier to put in one place.  I'd like to add our current cloud servers to our domain and not send our current servers to the cloud without extending active directory, so I have a lot to figure out and have never set this up before so want to do what is best, and also what won't break us.  We are a smaller company.

Thank you so much everyone for your help!

Karen
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40249313
Thanks for the grade. Good luck.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question