cross-posted from: https://lemmy.ml/post/2956502
I have 15 VM’s running for clients and I’m looking for a way to keep the tools up to date without having to connect to each server and do it manually. A few examples are WinDirStat, Firefox, SSMS, Filelocator, etc.
We have expanded recently and I’m at the limits of doing this manually. These servers are not domain joined and are in separate virtual networks.
Lol you can absolutely control E/W movement without needing multiple domains…
Worst case you use a red forest as the admin forest, but with an environment that small there are plenty of other things you can do without making it that complicated while providing similar protection.
Then you start getting things like Azure AD Sync etc. It’s best practice one domain per client. Not trying to make one domain work for multiple different clients.
You don’t need anything from Azure to do that. Authentication policy and silos are what enforces multi tenancy east west boundaries (among many, many other layers outside of the scope of this conversation).
But it looks like I misread what the “client” context was initially. So that’s my bad. That does muddy the waters and would depend on what the agreements are between the companies and OP have. But this isn’t a technical constraint rather a business and legal decision.