Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Azure Cloud Active Directory

Posted on 2015-01-20
5
Medium Priority
?
154 Views
Last Modified: 2015-10-11
Hey everyone,

I have three sites where the client does not want to incur the management of physical servers.  They would rather push their AD to the cloud.  Currently they do not have AD just three sites with a mix of WIndows 7 Pro  workstations and no central management.

Based on the diagram I have attached, has anyone setup up anything like this? Azure documentation says that on prem DNS and AD is needed.  I am trying to do it without this and all over a site to site VPN connection.

Any Thoughts?

Azure brainstorm idea
0
Comment
Question by:nappy_d
  • 2
  • 2
5 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40561317
You cannot do what you want. The closest you can get is a VM in azure running as a DC. But at that point, VMs still need management, patching. You are only shuffling off the cost of hardware maintenance. And if a VPN link is down, so it all authentication. I still *strongly* recommend a DC (or RODC) at every site.
0
 
LVL 32

Accepted Solution

by:
nappy_d earned 0 total points
ID: 40562868
There has been a change Google cloud wil be used to store company data instead of a NAS at each site. We don't want a DC at each site and even if the VPN link is temporarily lost, Windows profiles will be cached to allow pre-existing users to continue their login.

Have you done such a setup before?

Are there issues with sonicwalls? Or is this agnostic in relation to Vpn hardware.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40563007
I have done it in a lab, and in some larger environments I have a DC in a VM in Azure for redundancy in ADFS scenarios, but I do not have any environments where the *only* DC is in Azure. I still see too many performance and reliability issues to make that practical. YMMV.  As far as VPNs go, a site to site VPN should be fine as long as you stick to industry standards. Most sonicwalls I've seen can be configured to work, but you won't be using their proprietary client or engine.
0
 
LVL 32

Author Closing Comment

by:nappy_d
ID: 40602735
currently testing with AWS.  Found some documentation on AWS on how to set this solution up.
0
 

Expert Comment

by:zimboman
ID: 41035406
Care to share the AWS experience Nappy?
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
Microsoft has changed the look and feel of Azure AD and Microsoft account sign-in pages so that you will have a more unified look and feel when moving between the two interfaces.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question