Forum Discussion
Large-scale VDI deployment management with Active Directory and domains
Hello I am working for a start up and deployed RDS persitent VDI for just one enterprise which works perfectly. Now office wants to offer Persitent VDI to multiple company. I don't have muc...
So you want to be a provider for internal or external companies? If external, if you want to be a hosting provider, then separate everything network and Active Directory wise... If internal, then one Forest and preferably one domain with separated computers/groups/users in OU's. Multiple domains are old-fashioned with having the ability to delegate control and have different password policies if needed.
And you're also talking about Teams, are you providing Teams in one 365 tenant or multiple?
You mention a few things and without knowing the bigger picture, it's hard to give an answer...
And you're also talking about Teams, are you providing Teams in one 365 tenant or multiple?
You mention a few things and without knowing the bigger picture, it's hard to give an answer...
Thank you so much for your response. I really appreciate your feedback.
We are a Startup data center targeting Mid-size organization from 5-50 users to mostly external companies.
1. We want to provide VDI, M365, Mail, Onedrive, Azure backup, Azure Storage, Lighthouse and all Microsoft services through our Account.
2. VDI's will be hosted at our data center as each organization have different requirement viz, accounting, designing, drafting, documenting, high graphics, etc
3. We want each organization to be separate, but controlled by our domain.
4. There can be more than 300 organization with 5-50 users under each organization.
5. Customer Billing will be done, under our company, as we are providing different services to different organizations.
6. We will have our own AD, DNS, DCHP for on premises IT infrastructure.
7. We plan to sync AD to Azure AD via AD Connect.
8. Important concern is, 'AAA' organization shouldn't be able to communicate with 'BBB' organization.
Neither, organization should be able to see / view organization under our domain. e.g aaa.aaa.com shouldn't be able to communicate / view bbb.aaa.com or ccc.aaa.com... can this be done by GPO or ?
9. Should we consider sub-domain topology or any other is suggested ?
I look forward to your feedback
Best Regards
We are a Startup data center targeting Mid-size organization from 5-50 users to mostly external companies.
1. We want to provide VDI, M365, Mail, Onedrive, Azure backup, Azure Storage, Lighthouse and all Microsoft services through our Account.
2. VDI's will be hosted at our data center as each organization have different requirement viz, accounting, designing, drafting, documenting, high graphics, etc
3. We want each organization to be separate, but controlled by our domain.
4. There can be more than 300 organization with 5-50 users under each organization.
5. Customer Billing will be done, under our company, as we are providing different services to different organizations.
6. We will have our own AD, DNS, DCHP for on premises IT infrastructure.
7. We plan to sync AD to Azure AD via AD Connect.
8. Important concern is, 'AAA' organization shouldn't be able to communicate with 'BBB' organization.
Neither, organization should be able to see / view organization under our domain. e.g aaa.aaa.com shouldn't be able to communicate / view bbb.aaa.com or ccc.aaa.com... can this be done by GPO or ?
9. Should we consider sub-domain topology or any other is suggested ?
I look forward to your feedback
Best Regards