Moving to single directory help

New Contributor II

Hi all,

We've got a small org of ~100 users in two offices, plus a handful of full time remote users. All Macs. Due to a growing number of requirements of our clients, and general desire to better secure and integrate accounts, we want to bring everything under a single identity vs the separate systems we have now.

Current services, each with own directory/auth:
G Suite Business
Local OD based macOS servers in each office providing AFP/VPN/DNS
Meraki routers, and wifi using WPA2
Jamf Pro Cloud using computer based profiles/policies (no users)
Local user accounts on all Macs

Single directory for all, that allows for password management/policy enforcement.

I've been researching all the usual suspects: AD, Azure, Okta, Jumpcloud, NoMad, Apple EC, RADIUS etc but am having a little trouble grokking the best tools and arrangement of them for us.

Jumpcloud sounds great but am a little hesitant since they are a relative unknown and a little pricey.

Local AD servers running GCDS seems like a good traditional bet (for RADIUS too), but we have been moving the other way with pushing services to the cloud not building new servers we maintain. If we did that then I think we'd try NoMad for the Macs, and then I assume we'd need Okta to provide WAN availability for remote users (do not want them to have to use VPN all the time)? Or would that be a better job for Azure (which would also link the two office local AD servers?)... or would running our own AD server in AWS or something like that be better?

We'd most likely move to an AD based file server then.

There's obviously several interconnected but distinct needs here, and I guess would just love to hear what is working for others with what must be a fairly typical small company set of services.