-1

I work for a small business with little IT infrastructure. We want to be able to join all computers throughout the company to a single domain to push group policies and conduct other management functions, however, we have 15 offices with 1-2 employees at each office and 10 at corporate with a total of 36 employees. To me, it doesn't make sense to invest in the infrastructure to setup a domain controller with a firewall at each location.

Based on my research it seems like moving everything to the cloud (Azure) or doing a hybrid approach with our on-premise server would make more sense. Is my thinking correct here? Would there be a cheaper way?

John
  • 9
  • 1
  • 1
  • 2
    There are way to many other considerations that need to be accounted for before anyone can answer this. Just some of those considerations include what is your requirements for availablity, what is your bandwidth, what is your GPO structure like, etc. The "cheapest" way would be to use Azure AD DS but I can't say that would meet your needs, https://azure.microsoft.com/en-us/services/active-directory-ds/ – Ken W MSFT Apr 10 '19 at 22:11

1 Answers1

0

Good day John,

The cheapest way I found to setup an Active Directory environment was using Samba (https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller), I currently have 5 domain controllers on different locations installed on Slackware Linux OS (started with 2 servers 4 years ago). Since on some locations we only have 2 or 3 employees they connect with the central server. For hardware I used some old PCs we had on IT.

The management is done via RSAT (https://wiki.samba.org/index.php/Installing_RSAT) on IT Windows clients. I deploy GPOs, replicate configuration and use Bind 9 as DNS server, for firewall we use iptables and connect all locations via VPN with tincd on a cloud (mesh) network.

This way takes some time to setup so if you need something cheap and quick I recommend using Azure Active Directory however you need to have a stable connection with Microsoft servers.

Hope this helps.

Isaac Gómez
  • 1
  • 2
  • 1
    I like Samba, it can certainly cut down on your licensing costs, I'd have no concerns about scaling for a small company like the OP's.... OTOH, when the OP is talking about a small company with limited IT infrastructure, I tend to think the learning curve for Samba, iptables, VPN, etc. would be a bit much. – Ward - Reinstate Monica Apr 15 '19 at 01:13