I'm looking to evaluate whether we still need traditional domain controllers in our setup. The main reason we remain on-prem is because of a significant file server (around 10TB) and that's pretty much it. We don't use Exchange and have no applications that depend on LDAP or Kerberos. There's also no requirement for AD-integrated DNS internally, so we could pretty easily split that off. I'd love to hear from anyone who has real-world experiences with managing without an on-prem DC. Should I keep the headaches of maintaining it or can I go without it?
5 Answers
Just a heads up, Entra DS isn’t really meant for authenticating on-prem devices. It's more for legacy services that still need traditional domain services. If you need AD, you might still need a DC, even if it's virtualized.
I've fully migrated to Entra Domain Services and haven’t had a DC for 5 years. Migrating your data to the cloud could be a smart move. Keep using Azure Files if SharePoint isn't working out for you. It's way simpler than managing AD and file servers.
Would you say moving entirely away from a file server is a smooth transition?
Honestly, 10TB doesn’t seem that large for a file server these days. For instance, in my department, we manage around 7PB, so 10TB feels pretty manageable! But I guess it really depends on your specific needs.
From my experience, Azure Files is a great solution if you decide to move things to the cloud. You can turn your file server into a cache, so LAN speeds are still fast while allowing external access.
I’ve heard mixed things about Azure Files. Seems like everyone talks about it being slow.
The big question is how your file server is authenticated. Many people end up relying on local users, which can become messy fast. A better option might be switching fully to SharePoint or OneDrive if that's feasible for your team.
That’s a risky switch, though—SharePoint can struggle with larger data volumes if not managed right.
Correct, if you don't want to manage an on-prem AD infrastructure anymore, you'd need to have the right setup with Entra.