Link to home
Start Free TrialLog in
Avatar of Nick Brights
Nick Brights

asked on

Looking for disaster recovery recommendation - 1 host running 3 VMs including DC

Good day friends,

I have been away from IT for almost 3 years and thought of asking the techs here to recommend me a solution where I am trying to help a very small business with 4 employees, running an onprem VMWare ESXi host running 3 VMs. This is to mitigate issues in case of any hardware failure to this ESXi host. They had one IT guy who setup this for them couple of years ago who is no longer available now.

Sorry if I will be little unclear below as I have been out of IT field for few years now and just trying to help this small business owner as cost-effectively as possible since they are at the verge of going bankrupt due to this pandemic.


What I am looking to achieve:

In case their only current host Dell server which is out of warranty dies, they are not dead in the water. Recently, they had an issue where this host wasn't booting at all, I helped them fix it by finding out that this server had a bootable VMware USB inserted on the Mobo, which I simply disconnected and reconnected and it booted up fine. Thank god haha  But that opened the owner's eyes on how important to have some backup plan!

Current Setup:

A. Their small IT setup:  1 Dell server, out of warranty, running ESXi host 5.5. It has 3 VMs on it. They do have ESX 6 licensing, so thats not an issue.

a. First VM is Domain Controller Active directory, this host their Quickbooks file, Print services etc. This is not file server as all their files are on dropbox.
b. Second Server: AD sync federated service to connect to Azure - Office 365.
c. Third VM: RDS server which the owner very rarely use to work remotely if required. May be once a month to access QuickBooks remotely.

B. They have no backups.

OTHER INFO:

Why they need the server:  

1. Simply to run Active directory so their 4 domain joined employees can login to their Windows 10 computers and get authenticated.
2. Their Quickbooks need a database server.  I did research and they don't really require a server for running it, it can be run on any Windows 10 desktop. Their accountant does backup the file daily externally on a cloud storage as well as external USB, so not too worried about this server.
3. Running one shared copier.

They are on Office 365 Enterprise E3 plan where all their emails are hosted.

Nothing else

My Questions:

Option1:  

Can you provide me some ideas where I can simply eradicate their onprem server and use cloud technologies like Microsoft Azure ( since they are on Office 365 Enterprise )  where their Active directory can be hosted and implemented, so local users can STILL get authenticated to their internal domain without any server onsite?   Is it even possible? Will they need any kind of hardware in this case ?
Since an on prem server and labour etc will cost them nothing less than 4000 dollars, I was wondering if this project can be done on the opex cost basis on the cloud.

If yes, can you provide me some steps to accomplish this ?

Option 2:  

I can buy them a new server and transfer over all the VMs to the new on prem server, by simply installing vmware on it and moving the VMs over. This way they can have peace of mind that they do have some warranty in case the hardware dies.

In this case, Which backup software would you recommend to purchase, that can backup the VMs efficiently in case the onprem hardware ever fails ?


Thanks in advance!






ASKER CERTIFIED SOLUTION
Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Nick Brights
Nick Brights

ASKER

Thank you @Andrew for your response .. really helpful and appreciate it.

Your option1:

( Cloud - More interesting one ) 

That is great. Quickbooks I am not too worried about as I am very familiar with it and it can simply run on any simple onprem Windows 10 box. Does not require any server.

Importantly, What I am not sure about in this cloud option is that, they currently have a VM with onprem running as DC with Active directory role. Employee laptops and desktops in this office are "Domain joint" that i.e domain.local  ... that users authenticate against.

Can that AD server be moved to the cloud as well, so that users computers in the office can still authenticate to this server on the cloud ?  

If not, then I will need a server for sure onprem, right ?

If yes, then how can I accomplish to move this AD server to the cloud, while users in the office able to authenticate to it to their local domain over the cloud ? ( Or am I getting it all wrong, as If I decide to move the autnetication of these computers over the cloud then there is no server required. And all these work computers can authenticate over the web to Azure Active directory ?  I guess I will have to do some changes on the workstation in this case ? )    Again sorry for my limited knowledge.

 

Your option 2:
( On prem ) 

I had no idea about Synology able to offer all these features, that is simply awesome, if I go this onprem route to buy a new onprem server I will definately buy synology and explore these backup options those come for free. that is simply the best! option.
And yes they do have license for VMware vcenter and vSphere Server.



 


SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thats a good question. 

I would prefer to have a domain to apply some group policies like mapping one network drive that they have, and secondly to have some control over employees' laptops etc, so they can sign in and have some security in place to authenticate the computers over the network.

Just trying to understand the point you are trying to make, are you saying not having a domain will eradicate the server need all together ?  I can make it possible, but I have to assess what will I be loosing at the end of the day. Some control over the computers is better than no control.

EDIT:

I just saw your link, thats good to know, I guess I can look into how to join their computer to their Azure Active directory. Well if this can easily be done, I dont even see any need of any server at this office.

MAPPING Drive and Quick Books:  I can simply have a windows 10 desktop sitting in the office running Quickbooks server manager and also on this windows 10 computer create a share ( mapped drive ) that other computers can access.

So I guess I can comvert their office with no server need and I can remove the AD federated server as there is no need to sync onprem AD with Azure AD.

Now if the internet goes offline due to any reason at this office, will these computers connected to Azure AD online, still be able to login to the domain ? 




SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Something you need to consider about CLOUD!

like if all their email, and docs are in the CLOUD and internet goes down, what do they do..... would it be critical to business ?

I know a few large clients, when the internet goes down, they send them all home!

because all email and all docs are in the cloud - Google Docs!

It has happened twice in a year.

1. JCB driver dug through internet feed.

2. DDOS attack.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@andrew, i mostly concur sticking everything in the cloud is not necessarily the best idea.

that said, activating internet share on my phone would allow 10 users to work with google docs quite comfortably as long as 4g is available, and would still be reasonably usable on 3g.


SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
i do not have first hand experience either with either versions.

+1 for the vpn
that should be quite easy to setup with openvpn or stunnel or whatever web based reverse proxy. the resulting host can be exported using ovf format, or installed with virtualbox on multiple existing hosts quite trivially.
Print Server is this 1990!

Most if not all printers today are LAN and Cloud attached!

No print server required print direct