domain controller

for a home network should you use a domain controller or just use work groups
the total machines on the network is 5 with one file server
thanks in advance
will be moving this setup to an office enviroment

 

If security and user administration aren't big issues, workgroups are fine for smaller networks.

For the size you speak of, I'd recommend peer-to-peer (workgroups) unless there were some pressing reason to go with a domain but home or business, unless you need to work closely with a larger domain, stay workgroup.

If you grow to over 20 or so PCs, then maybe start considering a domain and at around 50, it is the best option but it's easy enough to switch from workgroups to a domain at that time.

 

I agree with Newt for your current case, but would put the thresholds much lower myself.

Personally, I think you should start thinking about a Domain Controller once you go over 5 users. 10 users or more and using a Domain Controller really comes into its own. If you are trying to manage a 20 user network and still keeping to peer to peer, you're really making life hard for yourself.

The key factor is centralised user management. With Peer to Peer, you have to set up a user's rights on every PC they access either directly or over the network. If someone changes position, joins or leaves the company, you need to change settings on all these machines. With a Domain, you just set them up on the server. If you use groups and set permissions based on groups rather than individuals, managing change is much easier with a Domain system.

However, the decision to use a Domain controller (or other Centralised Network Management System) is subjective:

• If your users are experienced and able to manage access to their own machines, the cause for a domain controller is lessened and you can support a larger peer to peer system.

• If individual users rarely access resources on other PC the case for a domain controller is lessened.

• If security is a high prority the case for a domain controller is increased. Maintaining a good security policy is much easier if you have a central place to maintain it.

• If your security is very lax and you all tend to share user accounts the case for a domain controller is lessened (in the short term), but the case for getting a new Network Administrator is increased! This arrangement is common, but bad practice and people doing it are storing up trouble for the future.

So in conclusion, with your current five user network, a Domain Controller would probably be over kill, but if your business starts taking on more staff (as I would hope it would) you should start seriously considering it.

 

I work on networks for a living. I eat, sleep, breathe...and read this stuff everyday. While there nothing wrong with either Newt's or ReggieB's suggestion, I am partial to Business Networks. The fact that you plan to move this network to an office, makes me think about scaleability.

MS has a solution for the small office which gives your access to some great tools. Small Business Server. For almost the same cost as Server, you get some great tools...Exchange, SQL, IAS...yada,yada.

While 5-10 pc's is acceptable for a peer-to-peer home office, it really depends on where you want to be in 2-3 years. I would read the Features and/or FAQs at the MS website to see if these interest you. If you can live without them, then maybe the peer-to-peer is the way to go.

http://www.microsoft.com/windowsserver2003/sbs/default.mspx

But if all you really wanted to know "do I need a domain controller "...No you don't. As both ReggieB and Newt pointed out, a domain controller is used primarily for centralized administration followed by centralized resources.

btw...in the Linux world you can mimic an AD domain using SAMBA. Lots of stuff on the net as well as a few books. I would only suggest this if you know Linux. The trade off between the time required to learn and the estimated cost per hour...just buying a copy of MS Small Business Server will be cheaper and easier to administer in the long run.

Just my 2 cents

 

Oh I think I'm going to enjoy this thread! All we need is Newt to get back in the ring!

I eat, sleep, breathe, live in shoebox in middle of road with business networks.

You don't need to have a domain controller, but in all but very small networks the Network Administrators job is greatly eased by having one. Hows that?

I think bringing SBS into the equation just complicates matters. If the only reason for going the SBS route is to provide domain administration, I think you've added a lot of complication to the system that you don't need.

SBS and Samba aren't the only alternatives. 2000/2003 server, third party Windows Mail server, Hardware firewall is a better option in many cases in my opinion.

If you want to talk scaleability, I would argue that the problem with SBS is that Exchange doesn't scale down to small business (less than 50 users) networks very well. Exchange is a hugely powerful system but it is also complex. That makes it difficult to restore from backup, and difficult to trouble shoot. Small businesses don't need the power of Exchange, and will find a simpler mail system easier to troubleshoot and fix when things go wrong.

 

OK...I'm bringing out my model 2050Rx5, super-duper flame thrower Look-out !

I still stand by this...particularly since the thread presumeably started because the poster asked whether or not a DC was needed. And since no other information was presented other-than 5 pc's and a file server...I was offering up options, ideas or alternatives.

I do agree that, while not a necessity, a DC should be considered especially since the network will eventually be moved to an office environment. Hence my comment.

I can't argue with Exchange in a <50 user environment. Besides, the point I was trying to make was, for almost the same cost as a std win2k(xp) server lisc, for a little more $$ look at SBS. Complex...Yes. but again from my post I expressed a suggestion to read the docs' to learn more about it.

This could quickly turn into "which came first...chicken or the egg" or better yet "which is a better OS Linux or Microsoft...beacuse "

Now for the flame thrower...

Right..No arguement here...BUT the poster never said anything more about what they wanted to do, now or in the future. Maybe a faxing solution is appealing. Maybe his/her cousin eats, sleeps, and breathes Exchange...but happened to be unavaiilable for comment at the time of this post.

Bottom line, maybe a little more information is warranted before a suggestion can be made.

I'v just holstered my flame thrower...back to work for me.

 

LOL - love these tech discussions/arguments.

jbzy3000 - the answer to your original question is simply No so you may or may not want to follow this thread any further.

If not and if you are set to be notified at every response, you can open a post and change the setting so you don't get bothered.

Otherwise, I have to sorta agree and not agree with both ReggieB and 24jedi.

I can see that with an office of say 10 PCs where each user was likely to simply pick a PC and log on, a domain controller would be worth while since it would make the user accounts portable. Also worthwhile in this case to go with login scripts from the DC.

But the reality is that in most offices and especially in small offices, each user has his/her PC and simply won't be using others. In that case, a domain is needless bother for the network admin and especially for a network admin who would need to become domain-literate.

Absolutely gotta agree about Exchange Server being a fantastic product but only if you got lots of users. 10,000 users and it's fantastic but you will certainly need multiple servers. 1,000 users and it's fantastic. Especially being able to back up everyone's email from a central location so you don't depend on users to do backups. Most simply won't.

50 users is probably about the minimum though and certainly for 5 or 10 it's not a great option.

I can't speak to SBS since it was invented after I moved to a network that couldn't use 'small' anything.

For 5-10 static users, I still say peer network but with a real server being uses as a file server - mostly to keep the user's documents, pictures, mailbox, address book, other personal files in a central location. Again, ease of backing up and the fact that most folks just don't back up regularly and it's easier to affort automated backups if you have all the stuff in one place.

 

I've put my flameproof underwear on and am ready for action!

On the way home from work this evening (you see I do live and breath networks ) I thought of a killer reason that above all else makes a domain worth while. This isn't the only one, but its a goodie.

Always knowing an account that you can log on to a PC with, that can have full admin rights!

In a centralised domain model, you can give an account admin rights and use them anywhere on the network. There are security reasons why you might not want to do this alot, nor use the default Administrator account, but that facility is always available!. In a peer to peer system, you can never be absolutely sure what the Admin password is, and that some user hasn't changed it! How many times have you come across users who've forgotten their Admin password!

Another point I would make concerns printers. In my experience small business with small networks tend to have a lot of personal prints that other users share. It is this resource that is shared and distributed more than file systems. And access to this resource is more easily managed if permissions are set for a domain group and users assigned to the group centrally.

Whole heartedly agree with Newt's point about a central file server (not necessarily a domain controller) being a good idea.

Also agree with 24jedi that for jbzy3000 the answer to his question is no, he doesn't "need" a domain controller. However, I think if jbzy3000's network grows they should consider one.

24jedi you are right about you getting a hell of a lot for you money with SBS. Even more so if you look at some of the other associated packages you can get (the SBS version of Veritas Backup Exec for example). My comment was more along the lines of it not necessarily the best option. However, it was you that brought SBS into the equation. I thought Newt and I had kept ourselves to just answering the simple question asked. Ok I complicated matters, but a simple question doesn't always get a simple answer. That's my defense and I am sticking to it..

Hey! this flameproof underwear is quite nice against the skin.

 

ReggieB

No harm no foul The KISS principle is the correct way to go. Cheers !

Until next time...

 

24Jedi,

I'll look forward to it and keep my flame proof Y fronts handy.