F5F Stay Refreshed Software Operating Systems Business Laptop Deployment

Business Laptop Deployment

Business Laptop Deployment

J
JoJoRageux
Member
Find
153
07-01-2016, 04:02 AM
#1
Hello everyone. I recently bought several Dell Precision E6430 business laptops for my team and I'm trying to configure them as business devices. Instead of just local Windows 10 setups, I want centralized control—like changing wallpapers, blocking apps, etc. I read about domain users but think they need to be on the same network as a Windows Server, even though these machines will be used remotely across different WiFi networks. When installing Windows on the first laptop, there was an option to set up for an organization, but it prompted for a Microsoft account. How can I create those accounts for my staff? Thanks.
Reply
Reply
J
JoJoRageux
07-01-2016, 04:02 AM #1

Hello everyone. I recently bought several Dell Precision E6430 business laptops for my team and I'm trying to configure them as business devices. Instead of just local Windows 10 setups, I want centralized control—like changing wallpapers, blocking apps, etc. I read about domain users but think they need to be on the same network as a Windows Server, even though these machines will be used remotely across different WiFi networks. When installing Windows on the first laptop, there was an option to set up for an organization, but it prompted for a Microsoft account. How can I create those accounts for my staff? Thanks.

Reply
Reply
W
Waverabbit
Senior Member
Find
643
07-14-2016, 09:40 AM
#2
Consider Azure Active Directory Domain Services or the simplified Azure AD Join option. A VPN might be used prior to login, or DirectAccess can deliver GPO updates for enterprise environments.
Reply
Reply
W
Waverabbit
07-14-2016, 09:40 AM #2

Consider Azure Active Directory Domain Services or the simplified Azure AD Join option. A VPN might be used prior to login, or DirectAccess can deliver GPO updates for enterprise environments.

Reply
Reply
_
_ShadowX
Junior Member
Find
47
07-14-2016, 11:09 PM
#3
No, you don't have to be on the same local network. The system can connect via a domain user login.
Reply
Reply
_
_ShadowX
07-14-2016, 11:09 PM #3

No, you don't have to be on the same local network. The system can connect via a domain user login.

Reply
Reply
S
Stark09
Junior Member
Find
6
07-15-2016, 12:17 AM
#4
Well, subnet number isn't important here. I think you meant LAN. If you start a normal Active Directory on-premises server, users need to connect to the same LAN first. Once they're logged in, their credentials are stored locally for the last 10 logins, but GPO updates aren't sent to clients because they depend on an SMB link to the domain server. Besides DNS, DCE-RPC, KERBEROS, LDAP (UDP), SAMBA, and your DC must be able to ping clients so ICMP8 works. Azure Active Directory Domain Services connects your on-premises AD controller to a Microsoft Azure cloud instance, letting you run it over the internet.
Reply
Reply
S
Stark09
07-15-2016, 12:17 AM #4

Well, subnet number isn't important here. I think you meant LAN. If you start a normal Active Directory on-premises server, users need to connect to the same LAN first. Once they're logged in, their credentials are stored locally for the last 10 logins, but GPO updates aren't sent to clients because they depend on an SMB link to the domain server. Besides DNS, DCE-RPC, KERBEROS, LDAP (UDP), SAMBA, and your DC must be able to ping clients so ICMP8 works. Azure Active Directory Domain Services connects your on-premises AD controller to a Microsoft Azure cloud instance, letting you run it over the internet.

Reply
Reply
M
maestrowilldo
Member
Find
142
07-20-2016, 01:21 AM
#5
The "Add New User" option appears grayed out because Azure Active Directory is not available or has been disabled for your account. Check your subscription settings or contact support for more details.
Reply
Reply
M
maestrowilldo
07-20-2016, 01:21 AM #5

The "Add New User" option appears grayed out because Azure Active Directory is not available or has been disabled for your account. Check your subscription settings or contact support for more details.

Reply
Reply
G
GekkeGans
Member
Find
201
07-20-2016, 01:43 AM
#6
Great decision making on precision! This model is a strong fit for business laptops and matches the advice I gave my company (my recommendation was approved by senior IT leaders). I wonder if your devices are using Windows 10 Pro or Enterprise? You might want to explore F5 remote network connections or comparable tools. This setup should let you control domain policies from afar and provide users with access to internal resources while they're logged in. If that doesn't work, consider other VPN solutions. You could also try running VMware so users connect to a VM remotely if possible. For stronger security, implement RSA Tokens to verify authorized logins. The only known method to push policies across multiple machines is via Active Directory with domain access. Be aware you may need admin privileges on both the server and local machine for this. This seems like an unusual scenario I haven't encountered before.
Reply
Reply
G
GekkeGans
07-20-2016, 01:43 AM #6

Great decision making on precision! This model is a strong fit for business laptops and matches the advice I gave my company (my recommendation was approved by senior IT leaders). I wonder if your devices are using Windows 10 Pro or Enterprise? You might want to explore F5 remote network connections or comparable tools. This setup should let you control domain policies from afar and provide users with access to internal resources while they're logged in. If that doesn't work, consider other VPN solutions. You could also try running VMware so users connect to a VM remotely if possible. For stronger security, implement RSA Tokens to verify authorized logins. The only known method to push policies across multiple machines is via Active Directory with domain access. Be aware you may need admin privileges on both the server and local machine for this. This seems like an unusual scenario I haven't encountered before.

Reply
Reply