What is the benefit of active directory with non-local service providing machines?
-
The company I work for has a corporate office with about 150 employees and 200 remote facilities. At each of those remote facilities, we have two windows 10 PC's that act as access control and kiosk for the customer.
What benefit do I have domain joining the remote machines if we are not using Azure services yet?
We have our employees using our Firewall/VPN to access services at the corporate office but I don't want those remote machines to hog network resources. We use an RMM tool for management but I fail to see the benefit of joining those remote machines to the domain if they can't see the services.
GPO's would be useful but I'm not sure how they would receive updates without a connection to the domain controllers. -
@Davis-Cook , I hope all is well. The short answer is that while there are benefits you get from Domain Joining, you would have to be prepared to leverage them in order for the additional work to make sense.
When you say you are not using Azure services yet, you can join machines to a domain that is EITHER on-premises or Azure based, but the value of doing so is in the enhanced management and services capabilities that would unlock for the organization.
If you are wondering about the specifics and the value propositions, check out the following:
https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join
The use of MDM via Intune would be the key thing to think about for you, as that would give you policy-based control over the endpoints for instance, especially the Kiosk machines.
If you have more questions, please let us know.
Good Luck !!!
Cheers,
Adam