question

DavidGausden-9216 avatar image
0 Votes"
DavidGausden-9216 asked Crystal-MSFT edited

Migrating from Workgroup to cloud Domain

Work in a small business (30ish users). Looking to migrate from a workgroup setting to a domain. We do not currently have a server so we are looking at cloud solutions.
I'm a little confused as to what I would need in the way of subscriptions to get a cloud domain controller and convert my network, will I just need a Azure AD P1 Subscription? can I do it with the subscription that comes with O365? Will I need to create a virtual server alongside these subscriptions? I've found the information online a little confusing and wondering what the best way forward is.

azure-ad-domain-servicesazure-migrate
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AlanKinane avatar image AlanKinane ·

You specifically mention to word 'domain' here. You can manage your devices in the cloud without domain joining them.

If you definitely need to join devices to an Active Directory Domain Services setup then this would require hosting domain controller VMs in Azure which would be more of a consumption based solution than a license based one.

Can you confirm what your objectives are here?

0 Votes 0 ·
DavidGausden-9216 avatar image DavidGausden-9216 AlanKinane ·

Objectives would be:
1. Remote management of devices and user permissions, primarily being able to install/uninstall programs and enforce other IT policies, and force updates/rollbacks
2. ability to 'hotdesk' between user profiles on a single machine
3. remote access to machines for management and troubleshooting
4. ease of sharing network resources on a user by user level

It was to my understanding that this could all be accomplished with a domain controller, however if this could be done through another method I am all ears.
My primary question would be indeed if I would need some kind of VM to host the domain controller in the cloud, or if this is included in an azure AD p1 subscription.
If azure AD p1 includes these functions then my question is a bit defunct, but I've spent the last 2 hours reading through the documentation around them both and am struggling to see what I would need to implement this solution, or the costs associated with it.



0 Votes 0 ·

2 Answers

AlanKinane avatar image
0 Votes"
AlanKinane answered

Azure AD P1/P2 really just gives you services around identity management and security. It won't achieve any of those objectives on its own.

If you are already using Office 365/Microsoft 365 then I would still recommend that you go down the route of Azure AD Premium licensing and use Intune to manage your devices. This is all cloud native without any server infrastructure required.

Remote access - there's a few options for this, e.g. quick assist (built-in to Windows 10/11) and many, third party products also.

Network resources sharing - I'm assuming you mean files here. Do you need a network? Would you consider using OneDrive / Sharepoint for file sharing - again this would be cloud native and not required any infrastructure. This can also work well for your hotdesking, if you redirect the user's personal documents to their OneDrive storage then they can access their files from any device that they sign in to.

The way I look at it, if you have survived up to now without servers, domain controllers etc then it seems a shame to have to put these in place now unless absolutely required and from what I can see this would not be the case here. There's nothing wrong with that approach but it is more complicated if you have never done this before and there will be more ongoing maintenance involved.

I recommend to look at the Microsoft 365 Business Premium product. This is a single license per user that would include everything you need and probably more: https://www.microsoft.com/en-ie/microsoft-365/business/microsoft-365-business-premium

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidGausden-9216 avatar image
0 Votes"
DavidGausden-9216 answered

Thanks Alan, with regards to the files, we have a sharepoint set up but due to handling very large files (working in video and image editing) the upload and download speeds really hinder productivity. We have introduced a NAS which is currently just shared with the video editors over our local network, but setting this up was a bit of a trial. but from how I understand it a domain network would make management easier. Ive moved into a new role here so Im just trying to get my head around everything, but there are a lot of best practices that are not being followed (lowest privilege for example) and thought that migrating to a domain would streamline the management of that, rather than going to each pc individually and changing user permissions.
365 business premium is one route we are considering, but the cost compared to the business license is a bit eye watering, and the p1 comparatively was very cheap. Although it seems that I was misunderstanding the services they offered.

If it clears things up this is my first IT role, after completing the COMPTIA A+ course, I'm the only IT admin here so having to figure things out as I go.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.