Tom Hebert

My feedback

  1. 300 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    37 comments  ·  Azure Active Directory » Domain Join  ·  Flag idea as inappropriate…  ·  Admin →
    Tom Hebert supported this idea  · 
    An error occurred while saving the comment
    Tom Hebert commented  · 

    @BenTheBuilder is spot on. For large organizations, maintaining AD is fine. But for many others, it's overkill. Imagine the scenario where you are supporting a small business having two servers. In order to use AD, you need to maintain an AD server and best practice says two. AD domains are fragile and must be carefully operated or you will be finding yourself researching and fixing very complex issues.

    This hypothetical business really wants single sign on, two-factor authorization, and some basic things. Their one and only admin has full control anyway. Pushing complex group policies is just an unnecessary complication. Most other things associated with AD are an unnecessary costly distraction.

    Finally, a simplified on-premise environment is much easier to move to Azure. When I do this, the first thing I do is provision a replicate domain server in Azure, mainly to ensure that authentication can occur should the site-to-site VPN go down.

  2. 442 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    unplanned  ·  74 comments  ·  Azure portal » Resource management  ·  Flag idea as inappropriate…  ·  Admin →
    Tom Hebert supported this idea  · 

Feedback and Knowledge Base