none
Domain controller needed?

    Question

  • I am researching a new server for a fire department that I am associated with.  I am not a network person, my degree is in software design.  I understand what a domain controller is, setting it up and managing it are a different story.  I have read a lot and understand that Server 2012 is very user friendly compared to previous versions.  My real question is whether I want to make the server that we purchase a domain controller or should I operate on a workgroup which they currently have half setup.  I have never had good luck with workgroups since it always ask for your password to access the file structure on the server regardless if your user name on the local machine matches the name on there server.  I dunno.  There are currently 6 computers that are hard wired to a 10/100 switch on a rack mount right now.  Other things (PS3, Video boxes, etc) use the same switch/router.  It has been made clear that it would be beneficial for the admin staff be able to login from any of the computers and have their files/desktop available so, this would be a domain controller with the workstations logging into the domain at startup, correct?  I'm just a little hesitant to jump into this since we are talking about $3000+ to initially invest and I don't want to be the idiot that recommended it.  :)  Another thing is that there are 3 laptops that would also login to the domain while on site but, what happens when they are not on the network?  I've heard that roaming profiles are not good but, is there a way that the laptop could logon through the internet?  Sorry for the amount of questions but, I am trying to get a grasp of what we need.

    Thanks,

    Jay

    Saturday, February 02, 2013 7:37 PM

Answers

  • Hi Jay,

    I would recommend setting up the server as a domain controller since the environment will be much easier to manage if you have a domain set up. 

    Instead of using roaming profiles, you could use Offline Files and Folder Redirection. When the laptops are outside of the company network they will use the documents offline and when they get back to the network the files will sync to the server if they have been changed.

    One of the main reasons why you would set up a domain is that you are able to set Group Policies across all computers, instead of setting up the computers with different settings and local logins.

    When logging in to a domain for the first time, the credentials will be stored locally, and will be available when you're logging in to the computer offline. This means that you don't need to be connected to your office network to be able to login to your computer.

    Not sure if I covered everything you asked, but feel free to ask if you have any more questions or if you want more details on what I already mentioned :)


    Blog: www.danielclasson.com/blog | LinkedIn: Daniel Classon | Twitter: @danielclasson

    Saturday, February 02, 2013 9:39 PM
  • Seriously think about the skills you are going to have in place. Administering a DC is not that hard, but if it dies you're going to have an issue over all the computers present, if you're not going to have someone around who's capable of doing the small admin tasks then you may be safer off with a workgroup, as all you need to do then (really) is ensure the file shares are backed up.

    That being said, if you can look after a domain you will make a lot of things easier for yourself.

    Saturday, February 02, 2013 11:21 PM

All replies

  • Hi Jay,

    I would recommend setting up the server as a domain controller since the environment will be much easier to manage if you have a domain set up. 

    Instead of using roaming profiles, you could use Offline Files and Folder Redirection. When the laptops are outside of the company network they will use the documents offline and when they get back to the network the files will sync to the server if they have been changed.

    One of the main reasons why you would set up a domain is that you are able to set Group Policies across all computers, instead of setting up the computers with different settings and local logins.

    When logging in to a domain for the first time, the credentials will be stored locally, and will be available when you're logging in to the computer offline. This means that you don't need to be connected to your office network to be able to login to your computer.

    Not sure if I covered everything you asked, but feel free to ask if you have any more questions or if you want more details on what I already mentioned :)


    Blog: www.danielclasson.com/blog | LinkedIn: Daniel Classon | Twitter: @danielclasson

    Saturday, February 02, 2013 9:39 PM
  • Seriously think about the skills you are going to have in place. Administering a DC is not that hard, but if it dies you're going to have an issue over all the computers present, if you're not going to have someone around who's capable of doing the small admin tasks then you may be safer off with a workgroup, as all you need to do then (really) is ensure the file shares are backed up.

    That being said, if you can look after a domain you will make a lot of things easier for yourself.

    Saturday, February 02, 2013 11:21 PM
  • That is a whole lot of help.  Thanks for leading me in the right direction.  Now I just need to determine the right server.  I talked to a Dell rep online and of course they try to push what you prob don't need.  :)  Thanks again!!
    Monday, February 04, 2013 8:17 PM
  • If something does go wrong, I can usually be there within a few hours to fix it.  There may also be people that I can train a "little" to fix the small things.  I have a feeling once this is all said and done, I will have pulled what is left of my hair out though.  LOL  Thanks for your help!
    Monday, February 04, 2013 8:19 PM
  • By chance, what RAID would you suggest using?  The docs on the computer are really important.  I even thought of paying a monthly fee for cloud storage as well.  Let me know what you think.  :)
    Monday, February 04, 2013 8:20 PM
  • You're unlikely to have a high performance requirement given what you've described, so keep it simple and cheap - stick with a RAID 1 configuration.

    Make sure you have a backup process (which could be cloud based, up to you), and don't forget to budget for anti-virus ('cause it's not cheap and gets forgotten a lot by small organisations when budgeting).

    Monday, February 04, 2013 10:59 PM
  • I do need to keep it simple.  As I have already stated, I am not a network person so, servers are more of a new thing to me than anything else.  I am comfortable with software development which unfortunately has nothing to do with this situation.  :(  I am looking into cloud based backup as well as antivirus as we speak.  The only antivirus that I have used has been Norton and Kaspersky.  Should we choose a different software for a server or is a matter of opinion?

    Wednesday, February 06, 2013 10:31 PM
  • Consumer av will generally not install on server environments, most of the consumer vendors will also have a server offering though.
    Thursday, February 07, 2013 4:43 AM
  • One more question and then I will be done.  I am sorry for being a noob.  If I install software on the domain controller, is there a need to install it on the local computers?  I am asking because I am wondering how many license I will need to purchase for each software.  For example, will I need to purchase an antivirus software for each workstation and one for the server?  Also, Microsoft Office...  Will I need to purchase a PC license for each workstation or can I purchase one license that will work for all of the workstations since they are actually using the product on the server itself?  Again, I am sorry.
    Saturday, February 09, 2013 6:50 AM
  • Unless you're setting up remote desktop or a VDI your users won't be using office 'on' the server, they'll be using copies installed locally on their workstations (you also wouldn't need to install office on the server in this scenario), you'd need an appropriate license for each one.

    You will definitely need to install AV on the clients - if you have less than 10 people you should consider MS security essentials as it is free.

    If you are planning to use remote desktop then licensing is much more complex.

    You will also need client access licenses if you don't have them already.

    If you call MS licensing they can give you exact details based on your specific plans, it's pretty quick to do.

    Saturday, February 09, 2013 2:25 PM