The Rise of Remote Work Intensifies Problems with AD Domain JoinsApril 24, 2020
Active Directory domain joins are an integral part of many IT modernization and security initiatives. These projects are complex and technically challenging. This is especially the case in enterprises with domain-joined devices that are remote to the corporate network. Recently, with the rapid advance of employees working from home intensifying this issue, the net result is that remote machines pose a unique and growing problem for offline domain joins that are necessary to maintain business operations.
The Crux of the Problem
There are two distinct and conjoined issues when migrating workstations over to a new domain as part of a domain consolidation project. The first is the challenge of migrating machines when a connection to the source or target domain is not available. The second interrelated issue is how to cache the user credentials for the target domain before cutover to the new domain when the connection back to the corporate office is not available. A built-in method to orchestrate this sequence end-to-end does not natively exist.
Microsoft provides an offline domain join (ODJ) process that can resolve part of the problem, but the implementation of the ODJ process is typically complex and often requires the users to run PowerShell scripts and command line functions on their own causing significant complexity to migrating remote workers.
And more significantly, when the user attempts to log in to the machine, the user will not have their target Windows profile available and will also not be able to authenticate to the target domain. This, of course, poses a serious problem for the users of the remote workstations that have been migrated as well as for the IT support desk which will likely receive an influx of related calls for help.
Download our White Paper for More Insights on AD Domain Joins
Download our new white paper Managing Remote Workstations with Active Directory Domain Joins to understand how you can properly join remote workstations to a new Active Directory domain. And if you’re looking for guidance right away, contact us to leverage our 10+ years of experience in remote work, Active Directory, cloud computing, and Office 365 migrations for insights and solutions that you can put into practice right away.