none
Advice on moving from workgroup to domain for very small network

    Question

  • Hello all,

    I work for a small company and inherited the part time IT/Operations position and I want to understand the impact of changing from workgroup to domain.  I understand the process and I have set up small test domains before but I want to be certain I understand this so I figured I better ask the pros.

    The setup:

    1 Desktop class system, recent i5 quad, 16GB RAM, 1TB HD with Server 2008 R2.  Current roles are File Sharing and WSUS. 
    3 Desktops running Win 7 Home
    1 Desktop with win 7 Pro
    1 Laptop with Vista Home
    1 Laptop with Win 7
    1 Laptop with Win 8 Pro

    I have configured all devices to uses the WSUS for updates as they wanted these managed and this seems to be the easiest way.

    Right now all users have an account on the server that is used to map to their shares.  I know that the home versions cannot join to a domain and with this small of a network I don't want to join any device to a domain as we have only one server and it would not be reasonable to add more servers.

    The thing is they want to setup local sharing of calendars and contacts, etc.  I have 2010 exchange server and it is required to be on a domain.

    The Questions:
    Can the domain still "act" as a workgroup and users still connect to the shares and exchange without being joined to the domain?  What is the impact on performance for this server?  Will the home version users still be able to connect to the shares (I assume yes) and to the exchange through outlook?  Is there a better way to achieve the workgroup features of exchange without using exchange and not subscribing to Office 365?  We do not have an internet domain name for this business. Does this matter for setting up a domain?

    Anything you can think of that I should consider please feel free.

    Thank you all for your advice.

    Friday, March 07, 2014 6:24 PM

Answers

All replies

  • Hi,

    According to your description, you want to use some features of Exchange like sharing calendars and contacts, though you don’t want your machines to join domain, right?

    As you mentioned that Exchange server needs to be set on domain, which means that you need at least one server as a Domain Controller, then install Exchange on it, which is not recommended, but we can do it.

    After you installed Exchange, users can access those shares through Outlook Web Access, while all your client machines don’t have to join domain. In the meantime, you do need to create a domain, specify a domain name, and create users in the domain.

    However, I would suggest you join your client machines to the domain, since you need to create a domain anyway, and domain mode provides many benefits.

    More information for you:

    Installing Exchange 2010 on DC (same server)

    http://social.technet.microsoft.com/Forums/exchange/en-US/013a7d9c-5cfe-498f-a097-d131c87a1b94/installing-exchange-2010-on-dc-same-server?forum=exchange2010

    How to access Outlook Web App

    http://support.microsoft.com/kb/2897680

    Deciding Between Workgroups and Domains

    http://technet.microsoft.com/en-us/library/cc785860(v=WS.10).aspx

    I hope this helps.

    Amy Wang

    • Marked as answer by PaulG2 Tuesday, March 11, 2014 4:15 PM
    Monday, March 10, 2014 2:07 AM
    Moderator
  • Thank You, Amy for the information.

    You are correct in that we prefer not to join the workstations to the domain, mainly because most of them are Home edition versions and cannot join. 

    As for exchange server, we mainly will use it for internal only, not internet mail.  Shared calendars, contacts and possibly forms.

    So is Outlook Web Access the only option for non-joined workstations?  Is it possible to still use the Full Desktop Outlook version 2013/2010 with the exchange server for the non-joined workstations?  That is the important part of this whole project.  If not it would mean upgrading all the home editions to Pro and that is not inexpensive, relatively speaking...

    Thank You again.

    -Paul

    Monday, March 10, 2014 4:37 PM
  • Hi Paul,

    I have done  more research, and it turns out you can use Outlook Anywhere feature to achieve your goal:

    Outlook Anywhere

    http://technet.microsoft.com/en-us/library/bb123741(v=exchg.150).aspx

    Use Outlook Anywhere to connect to your Exchange server without a VPN

    http://office.microsoft.com/en-us/outlook-help/use-outlook-anywhere-to-connect-to-your-exchange-server-without-a-vpn-HP010355551.aspx

    How to Enable Outlook Anywhere

    http://technet.microsoft.com/en-us/library/bb123889(v=EXCHG.80).aspx

    I hope this helps.

    Amy


    • Marked as answer by PaulG2 Tuesday, March 11, 2014 4:15 PM
    • Edited by Amy Wang_Moderator Wednesday, March 12, 2014 1:22 AM typo
    Tuesday, March 11, 2014 9:11 AM
    Moderator
  • Thank You Amy, I appreciate the information.  I have been reading all the available information and it has helped.  I'm going to setup a test virtual server with Hyper-V to see what the experience will be like.

    Thanks Again.

    Any thoughts on performance on domain vs workgroup? Or DNS domain name issues?  I know they don't recommend single word domain names but this is who we used to do it years ago for internal only servers.

    Tuesday, March 11, 2014 4:26 PM
  • Hi Paul,

    You are very welcome, I am very glad that my suggestions helped.

    For your first question, in a domain, the Domain Controller clearly has much more tasks to perform than a work group server, while it also has more management options for an administrator to better control his/her client machines.

    In addition, domain acts as a central management solution will reduce the work of the administrator. For an example, under workgroup mode, if we have multiple servers which have shared resources, we need to create the same user accounts on each of them, while in a domain, we only need to create accounts once on the DC, then all the accounts can be recognized across the whole domain, no matter how many servers and client machines are within it.

    For the second question, yes, single lable domain name is not recommended, but it is allowed. Single lable domains are supported in Exchange Server 2007 Service Pack 1 (SP1) and Exchange 2010, while single label DNS name resolution is also possible.

    However, there are other Microsoft and third-party products which don’t support single lable domains. My suggestion is don’t use it while it will cause you trouble.

    More information for you:

    Single-Labeled Domain Names and Exchange 2007 SP1

    http://technet.microsoft.com/en-us/library/cc788134(v=EXCHG.80).aspx

    Microsoft Exchange compatibility with Single Label Domains, Disjointed Namespaces, and Discontiguous Namespaces

    http://support.microsoft.com/kb/2269838

    Help and support for namespaces in Microsoft products including Single Label Domains (SLDs), Disjoint Namespaces, and Discontiguous Namespaces.

    http://support.microsoft.com/gp/gp_namespace_master#tab3

    Providing Single-Label DNS Name Resolution

    http://technet.microsoft.com/en-us/library/cc816610(v=WS.10).aspx

    Regards,

    Amy

    • Edited by Amy Wang_Moderator Wednesday, March 12, 2014 2:07 AM
    • Marked as answer by PaulG2 Monday, March 17, 2014 5:27 PM
    Wednesday, March 12, 2014 2:03 AM
    Moderator
  • Thanks again, Amy.  I appreciate the info.

    -Paul

    Wednesday, March 12, 2014 5:22 PM
  • Hi Paul,

    You are very welcome.

    Please feel free to let us know if there are any issues in the future.

    Best Regards,

    Amy Wang

    Friday, March 14, 2014 7:18 AM
    Moderator