Hacker News new | ask | show | jobs
by GekkePrutser 2067 days ago
AD is not great. It depends on a legacy model with trusted company networks that was out even before COVID and all the home working hammered the last nail into its coffin.

Setting up new systems with it remotely is a real pain, something the EMM model fixes completely.
2 comments
AnIdiotOnTheNet 2066 days ago
Pretty much all the remote work I'm aware of in my area is done using RDP, so AD is still relevant. I think your opinion may be biased towards smaller and younger companies.
link
hackerfromthefu 2067 days ago
Interested in more detail on this?
link
GekkePrutser 2067 days ago
In which way?

I work in EMM (though not Windows) and we are rapidly moving to Intune/Azure AD now because of this change. Onboarding new machines has become a nightmare when people can't go to the office.

The problem is a catch-22.. We require a 'trusted' machine to connect to the VPN. Yet the VPN is required to connect to AD and bind it, which is the de-facto way it becomes trusted.

Before someone in the office would do this but in many cases this hasn't been possible since COVID so it's exposed the issues with this approach. But even before that, working from home has been causing a lot of friction.

Everyone is moving to EMM models now, like Google Beyondcorp. MS is pushing Intune now as main management, with 'comanagement' with AD for the time being because it doesn't have the same scope of functionality yet. But it's clear that their long-term plan is to abandon it.

link
hackerfromthefu 2064 days ago
Thank you now it makes sense to me.
link