Avoiding Remote Domain Controller Setup for Remote Offices - Security Boulevard

Avoiding Remote Domain Controller Setup for Remote Offices

More and more IT admins are looking for alternatives to setting up a remote domain controller (DC) for each remote office. For a growing organization with a lean IT department, it could be ideal to avoid the travel, configuration, and maintenance labor, as well as the hardware costs associated with additional DCs. Many admins also view unnecessary writeable DCs at remote locations as a security liability. And, since the global pandemic kicked off over a year ago, those users may not even be going into those remote offices and just working remotely, so managing that change is critical.

There’s debate around how to manage people in remote locations all at once, rather than managing fully functional domain controllers at each remote location. Some organizations connect computers at smaller remote offices directly back to their home DC over a VPN or WAN, and others use read-only domain controllers (RODCs). Still, others are pursuing a more modern cloud-based approach to extend user identities from their home DC to remote workers in all locations, without any additional network infrastructure. And, others still, are opting to just go fully remote and eliminate the need for a domain controller. With the COVID-19 pandemic still impacting the world, IT admins are completely rethinking how to build their IT infrastructure along with what tools to use.

If you’ve been managing Microsoft Active Directory® (AD) environments for a long time, you may still be tempted to have at least one DC (probably two for redundancy) at each remote office as a best practice to ensure availability and connectivity for user authentication. However, the characteristics of remote facilities can vary, and with those individual factors and the convenience of modern solutions in mind, you may want to reconsider – especially as the world continues to push for and expect a hybrid workplace. Let’s look at some of the scenarios that can make an alternative approach more appealing. 

Remote Office Facility Considerations 

Consider the following questions when planning your domain configuration for a new branch office or decommissioning a remote location: 

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Mike Ranellone. Read the original post at: https://jumpcloud.com/blog/remote-domain-controller-setup