Domain Controller

ebrima.kalleh · November 10, 2020, 11:11pm

Hey server academicians,

Scenario

ABC Company has 10 employees, 11 workstations, and 6 laptops with three multipurpose printers. They have the domain abc.local. Have one domain controller on a windows server 2012 essential. They have four servers installed for other tasks. They were using office 365 pro plus installed on each workstation and laptops. The IT team decide to upgrade to office 365 P1 licenses.

Issues: Now no one in the office can get use the outlook app to access emails. The only way to get to emails is through office.com. They also found out today that Microsoft teams will not authenticate both the app and the web version. It says it cannot reach the server.

Solution 1: The IT team found out that they need Azureconnect for outlook and other office applications authentication. They try to install it on windows server essential and some of its components are not for work.

Solution 2: They bought a license for window server 2019. Install spin up another VM and installed windows server 2019 standard. The server is now up and ready.

Question 1: what should they do to move, migrate share or whatever the term might be? So that the windows server essential can be demoted and it functions as domain controller move to windows server 2019.

Question 2: Should they just join the new windows 2019 server to the domain and install Active directory Domain services? Promote the server as a secondary DC and move all roles and features from the primary DC to the Secondary DC. Shut down the primary DC at some point and make the secondary DC the one and only DC.

GIVE IT YOU BEST SHOT. WHAT WOULD YOU DO ?

luuc.zandbergen · November 13, 2020, 12:21am

I Would say that…

ebrima.kalleh · November 13, 2020, 3:24pm

Azure AD Connect can’t be installed on Small Business Server or Windows Server Essentials.

luuc.zandbergen · November 13, 2020, 8:30pm

That is true but… Windows Server Essentials 2019 is supported.
Supported Windows Servers: Windows Server 2012 or Higher.
Windows Server Essentials 2019. Ther server must be at least Windows Server Standard or higher be.
Also the GUI must installed, not supported at Windows Core Servers

Source: https://docs.microsoft.com/nl-nl/azure/active-directory/hybrid/how-to-connect-install-prerequisites (maybe you need the English Version :-D)

robert.hill · May 11, 2021, 12:00pm

Three choices - 1. Full in-the cloud solution - You could upgrade to a Microsoft 365 E3 license. Once you do that you can get help from Microsoft, (fastrack.com) if necessary, so that you can successfully migrate all your users, data to Microsoft 365. Hybrid solution - You will need to install Azure AD connect on a Windows 2019 Server Standard or higher. With that E3 license you can load the AATP (Azure Advanced Threat Protection) sensor on each domain controller that way you could keep your on-premises servers secure.
2. Or you could get Azure and get an on-demand cloud server, storage space as you need it.
Both choices are great solutions.
3. Sign up for a free E3 subscription, setup a lab and practice your solutions before you actually implement them in your organizations. There are many security solutions that will really help secure your cloud or on-premises infrastructure.
Thanks,
Robert