Moving to Azure?

Associate
Joined
19 Mar 2005
Posts
257
I have a conundrum about where to take our ageing Fileserver and Domain server.

Facts:
  • Server is a HP G6 Intel Xeon X5670 with two processors and 96gb RAM, this has a terminal server, domain server and storage on it.
  • Storage space is becoming an issue
  • TS users = 8 max with 4/5 concurrent.
  • All employees use O365
  • Some employees use Sage Line 50 using Sage Drive
  • We currently have two sites one in Leicester and one in Newcastle, not connected by VPN.
  • We have a decent connection speeds although our HO is on radio broadband, we get 500mb up and down.
  • Our HO router (peplink) has a flaky VPN setup so we called time on that.
Ideas:
  • Move the FS (currently around 0.9TB of data) to Azure cloud
  • Move the DS to Azure AD
  • Install a Synology box at HO for local copy of Azure
  • Use Synology VM for install of Win 10 to run Sage Line 50 file server app that is required.
  • Use spare Buffalo NAS for local copy of Azure files at Newcastle site
  • Install shared drives on all local users connecting to the FS on Azure
  • Install new Windows Server 2019 on HP G6 solely to run as a TS at HO.
I'd welcome any suggestions.

It wouldn't be the end of the world if the TS went down as i plan to move to local machines for each user.

As i have not used Azure for files or domains just wondering if there are any pitfalls or alternatives?

Thanks in advance!
 
Associate
Joined
18 Aug 2020
Posts
98
Location
London, UK
**** me.. first thing you do when creating Azure VM's is to remember to TURN THE ******* RDP OFF. Newly created VM's have it enabled by default and exposed to public IP..
Lesson learnt hard way, really hard way.

As per other issues: I would enforce strong passwords and frequent password change policy. Some good antivirus. Strongly recommend to make full audit of all service accounts and passwords used for infrastructure, Domain Admins membership, etc and make them as randomised as possible.
 
Last edited by a moderator:
Caporegime
Joined
9 Aug 2008
Posts
30,741
Location
127.0.0.1
Robert, you can't swear on here. Mods will have a field day with you. :D Azure is good but you going to pay heavily for that service. Make sure you work out exact costs cos if you don't you going to get bitten hard.
 
Associate
OP
Joined
19 Mar 2005
Posts
257
Robert, you can't swear on here. Mods will have a field day with you. :D Azure is good but you going to pay heavily for that service. Make sure you work out exact costs cos if you don't you going to get bitten hard.
Over 3 years would the costs be similar to a new server with a high enough spec to cope with developments needed onsite?

The main issue we need to overcome keeping a local FS is this damn VPN that neither our IT support or Broadband provider wish to enter dialogue on.
 
Soldato
Joined
1 Apr 2014
Posts
15,571
Location
Aberdeen
I'm a big fan of local data. Cloud is awesome for the mobile user but for an office, you need to think about business continuity and disasters like some idiot with a digger cutting your data link (this happened at least once a year at one site). Note that this is as much a business decision as a technical one: your bosses may be happy to accept the risk of a day or two of downtime.

I notice you don't mention backups. Nor do you appear to have a second domain controller.
 
Associate
OP
Joined
19 Mar 2005
Posts
257
I'm a big fan of local data. Cloud is awesome for the mobile user but for an office, you need to think about business continuity and disasters like some idiot with a digger cutting your data link (this happened at least once a year at one site). Note that this is as much a business decision as a technical one: your bosses may be happy to accept the risk of a day or two of downtime.

I notice you don't mention backups. Nor do you appear to have a second domain controller.

Don't have to worry about bosses, i'm the MD :)

We have a HP Microserver that can run the DC VM backup, albeit slowly.

Currently we backup the server VMs (2) to local NAS and Veeam, files are backed up too.

Internet is on radio (http://www.gigabair.net), i'm looking at a fall over leased line at the moment as the ADSL maxes at 4mb.... which sucks for a new industrial site that got built in 2016, appalling really but my guess is BT knew people would fork out for a leased line so didn't put any infrastructure in. Next door is a pharmaceutical who put in a 1gb leased line linked to their US office. Not sure if they pulled anything else up the tube in case...
 
Soldato
Joined
1 Apr 2014
Posts
15,571
Location
Aberdeen
Don't have to worry about bosses, i'm the MD :)

The point about it being a business decision still stands. Of course, a day or two without any internet would give you a real opportunity to learn how much work your staff really do. :)
 
Caporegime
Joined
9 Aug 2008
Posts
30,741
Location
127.0.0.1
Don't forget stick everything up remote and if your net goes down you had it. This is the same debate that come about when remote working first come about. You are chancing all stuff requiring an internet connection. You going to need a failover line with a different ISP to go fully azure. At least this is what I would do.

Question is, how much would it cost your business if your single point of failure was down for 2 days/5 days?

We have some of our domains in Azure by the way. But we keep data local with backups. Some companies use one drive for local/cloud implementation.

Some go with fully local implementation with remote VPN to their desktops.
 
Associate
OP
Joined
19 Mar 2005
Posts
257
Don't forget stick everything up remote and if your net goes down you had it. This is the same debate that come about when remote working first come about. You are chancing all stuff requiring an internet connection. You going to need a failover line with a different ISP to go fully azure. At least this is what I would do.

Question is, how much would it cost your business if your single point of failure was down for 2 days/5 days?

I totally understand where people are coming from with regards to local storage.

It would not be the end of the world, we're a manufacturing company so predominately the staff do not use computers.

If i could find a robust method for remote staff to access our local FS i'd probably stick with that.

We're trialling one folder on Sharepoint with a mapped drive, issue is the users connection (authentication?) drops and we have to visit IE Sharepoint link to reconnect. Thats working but people keep forgetting the process to re-establish the link. Maybe I could open IE on boot with that link as the homepage??
 
Caporegime
Joined
9 Aug 2008
Posts
30,741
Location
127.0.0.1
Saying that though if Azure ever goes down you can blame Microsoft lol Sounds like it's a small-ish company as long as your net connection doesn't go down you should be alright but you know what IT is like. It can be flaky at the best of times.

I wouldn't use Sharepoint if you going to use Azure you going to want some proper storage with backup space allocation.

or go complete one drive or maybe another storage solution?

Azure Storage Pricing | Microsoft Azure

  • TS users = 8 max with 4/5 concurrent.
For this you could spin up some remote desktops for this amount of users in azure. Make sure you keep the data away from the remote users machines.

This all depends on budget I would say though.
 
Soldato
Joined
1 Apr 2014
Posts
15,571
Location
Aberdeen
You going to need a failover line with a different ISP to go fully azure.

And the physical cabling needs to be physically routed differently. Yes, one of my sites got bitten! Two upstream links but both went through the same conduit out of the industrial estate and so failed when that conduit got cut by a digger.
 
Associate
OP
Joined
19 Mar 2005
Posts
257
And the physical cabling needs to be physically routed differently. Yes, one of my sites got bitten! Two upstream links but both went through the same conduit out of the industrial estate and so failed when that conduit got cut by a digger.
Main connection is radio.

We have 27 staff, with 8 of them what i would call full time PC users. 10 of them are remote workers, sales and service
 
Soldato
Joined
12 Jan 2006
Posts
5,600
Location
UK
0.9TB? Just move the data to SharePoint.

You could also look at Windows Virtual desktop for ts as long as your users are on E3's.
 
Associate
Joined
15 Sep 2009
Posts
2,289
Location
Manchester
WVD with Azure files on the surface seems like a good idea for this setup dependent on the data etc. Azure can be cheap as chips for this sort of configuration as long as it's done ell. However it will make you move from a CAPEX to an OPEX model which can be difficult for some places.
 
Associate
OP
Joined
19 Mar 2005
Posts
257
0.9TB? Just move the data to SharePoint.

You could also look at Windows Virtual desktop for ts as long as your users are on E3's.

We're on Microsoft 365 Business Standard.

Sharepoint is looking likely, we just have this timeout issue with authentication, no matter how many times you show people how to re-establish the connection for the shared drive they still struggle..

 
Soldato
Joined
12 Jan 2006
Posts
5,600
Location
UK
What do you mean? Are you mapping a drive to the SP site? Forget about and show how to get them to use it correctly via the site.
 
Soldato
Joined
12 Jan 2006
Posts
5,600
Location
UK
Tough crap I would be saying. Either they learn to deal with reauthing the drive or use the site would be my answer!
 
Associate
OP
Joined
19 Mar 2005
Posts
257
It would be mine too but who are we to say? :p Maybe a re-auth could be done by a batch script so it's easy for them to click on it.
Sorted it so that IE opens on boot with homepage set to sharepoint site.

Looking at our FS we really need to sort out data out :(
 
Top Bottom