cross-posted from: https://lemmy.ml/post/2956502

I have 15 VM’s running for clients and I’m looking for a way to keep the tools up to date without having to connect to each server and do it manually. A few examples are WinDirStat, Firefox, SSMS, Filelocator, etc.

We have expanded recently and I’m at the limits of doing this manually. These servers are not domain joined and are in separate virtual networks.

  • PutangInaMo@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Lol you can absolutely control E/W movement without needing multiple domains…

    Worst case you use a red forest as the admin forest, but with an environment that small there are plenty of other things you can do without making it that complicated while providing similar protection.

    • BritishJ@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Then you start getting things like Azure AD Sync etc. It’s best practice one domain per client. Not trying to make one domain work for multiple different clients.

      • PutangInaMo@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        You don’t need anything from Azure to do that. Authentication policy and silos are what enforces multi tenancy east west boundaries (among many, many other layers outside of the scope of this conversation).

        But it looks like I misread what the “client” context was initially. So that’s my bad. That does muddy the waters and would depend on what the agreements are between the companies and OP have. But this isn’t a technical constraint rather a business and legal decision.