Begin by identifying the devices you need to manage and checking your current setup.
Begin by identifying the devices you need to manage and checking your current setup.
Hello. The company is currently supplying devices without any AD or oversight. Past sysadmins didn’t implement AD or any kind of supervision, which is frustrating. I often have to ask staff for their AnyDesk or TeamViewer whenever they need my help. There’s also the issue of people installing various software on their computers, even going as far as “debloating” them and causing problems. I’ve never worked with enterprise device management before—I’m not sure where to begin. I’d also like to have WSUS to manage updates and ensure they’re applied consistently across all devices.
Configure Active Directory Wsus / Msupdate with a uniform password across all locations. Additionally, consider using Voodoo Shield along with an antivirus or security program to restrict access to specific websites and content.
I understand your concern. There seems to be no built-in Windows capability to directly access user devices via AD or similar methods. RDP isn’t an option because clients aren’t connected to the VPN.
The top options for remote access remain Teamviewer and Anydesk. I have set up an AD, with a few devices still pending connection. As you suggested, a WSUS could help block specific updates and reduce bandwidth usage. Instead of downloading patches for each device, I’m now getting a single download per batch. Currently, I frequently travel between two sites—a newly acquired one and an existing office—or even a third location in the old warehouse. For regular support, I rely on Teamviewer on the devices. When visiting a new site, I need to install a label printer, clone a failing NVMe drive on a laptop, and then reassemble everything. Much work remains as only an IT specialist is needed, which has been a full-time role for over a year.