Thinking to create an AD for a server with proxmox in the cloud but with the strong probability to manage also windows client with domain and samba shares in an office. I suppose that the remote server could handle the samba shares and the domain but for speed and availability I ask myself if I should not have locally a NethServer in the office for the samba shares.
Hence if I have two NethServer where will be the AD, in the cloud or in the office ?
If the AD is in the Cloud does it is (more) difficult to add a computer to the windows domain, of course I will have a VPN tunnel between the cloud and the office.
But with Proxmox, PBS Backups NethServer itself is well available (Last 4 years!).
Only issue is if the Internet itself is down, but it’s a business subscription, and the largest provider in Switzerland… So it generally works…
Provide your customer with the best of both worlds:
An AD User as primary local user.
A local user, with an (almost) identical user-profile
OpenVPN with Viscosity
You can eg use these tools ( https://www.forensit.com/downloads.html ) to copy over the profile with all settings (make a clone of the users profile, as local user)…
There are “free” versions of the tools.
The User normally uses the AD profile. If that doesn’t work, the local profile is always available.
The advantage “behind the scenes”? - The Notebook is still an AD member!
the issue is to forbid people to use local account with administrative permission, moreover the GPO can help a lot to create the settings I needs, map network share, forbid usb key, block user self installation exe, …
Just playing yesterday with RSAT and that was fun
by the way, is it possible to convert a local user to a domain user, I can only clone the settings of a local user to a domain user
Yep that was I thought first but the project is to start by some cloud application however when we started to speak about roaming profile my first thoughts was to get shares locally. In the office for now there is only synology that handle smb share IIUC.