Jump to content
xisto Community
Sign in to follow this  
andrescasta

Domain Controler ~vs~ Workgroup

Recommended Posts

I thought I would start a thread to see what you guys think of the two technologies.I am contemplating going from 5 workgroups/subnets to one or possible 3 central domains on our network consisting of around 130 PC's. I know that a domain is alot easier to control/administer once its set up. Its just this is the way this network was set up when I was hired and I have been dealing with it "as-is".It sure would be nice to only worry about 1 server and all of its user groups rather than 130 individual PC's. I have also found some good deals on thin clients by WYSE that would be perfect for the remote desktop connections on the domain controller. If I would go this route I would of course RAID5 the hard drives in the server so IF one fails....productivity wouldnt be lost.I just dont have as much experience with domains as I do workgroups.....so what is the "real world" Pro/Con of domains over workgroups.Thanks!andrescasta

Share this post


Link to post
Share on other sites

You're already above the decision threshold with that many users. As I'm sure you're well aware, with 130 users, you have to manipulate every user's permissions individually in a workgroup environment. That can be tedious, however, converting all of those users to a domain environment is going to be a chore.With a domain, you'll have a magic wand that can sweep across the network and take care of everything with a couple of keystrokes... implementing changes in a domain can be done in five minutes whereas it might take days in a workgroup environment, however migrating can be a huge PITA.I normally recommend anything over 25 networked computers to go the domain route, but that is when building the network from the ground up. I've never tried to convert a 130 user system from a workgroup to a domain. Prepare for a weekend with little or no sleep.Setting up a PDC (primary domain controller) and SDC (secondary domain controller) is going to be the critical link. Those boxes will have to be fireproof, because without your domain controllers you have no connection between your users. In the workgroup atmosphere, if one box goes down, every other box can still communicate with each other. Without your DCs, your network is down.In the long run your work will be less in the domain environment... as long as you can keep the domain controllers up, your good.kservice

Share this post


Link to post
Share on other sites

My biggest concerns are what are the limitations of the domain over a workgroup. I know exactly how the theory of both work. I just have had no experience adminning a domain.....so I want to know if there are any limitations of the domain where you arent on the workgroup side of things.My biggest concern of this is that every dummy terminal will show the same IP of the domain controller. So this may be an issue that cant be overcome. 80% of the workstations will have to connect to a Unix system and log in. This unix system logs IP's and only allows 1 connection per IP. This can be overcome...but due to security issues there is no way I will set the connection per IP any higher.Sooooooo saying that above may crap out the whole idea. I have an IBM e-series server running dual processors and a RAID5 config (Win Serv 2k)....this would be the domain controller(main) and perhaps the only one since it is a RAID5 config on the HD's. However I may build a 2ndary DC on a regular PC with the same OS.....not sure if I will do that or not.ANyway.....I think I will buy a couple of the thin clients and do some testing with it to see if I can work around the Unix connection issue.andrescasta

Share this post


Link to post
Share on other sites

You won't have any downsides with going to a domain, other than the two facts that you have to make sure a DC is up always, and that migration is a b.*.t.*.h. Administration will be a lot easier (maybe).PC's will have separate IP's on the LAN. The DC will show the IP of each box. You can control the IPs directly or just let the DHCP service on the server control it for you. Outside of the LAN, you will see one IP, they will all show up as the same IP on the WAN (internet et al), but that will be the same whether it's a workgroup or a domain and is controlled by the router, not the type of configuration. The router to the WAN will be the outbound connection, so you shouldn't have trouble with your UNIX box as long as it's in the LAN. Unix actually works better with Windows than Windows does. Sounds stupid, but it's true.Again, if I were building a system of 130 users from the ground up, I'd go domain in a heartbeat. If I had a solid network of 130 users on a workgroup, and my administration headaches weren't too bad... I'd scratch my head and wait to see if the amount of administrative work warranted conversion. Your administation solutions will be easier with a domain if the number of user groups is small, but the conversion is going to be a b.i.t.c.h. Pay the piper in full now, or keep paying him over time.A good question to ask yourself is how many different user groups are you going to end up with. If you have 130 users that are all going to end up in just a handfull of groups, then it's a no brainer. Spend the weekend converting the system to a domain and then take a vacation. If you're going to end up with 130 users in 129 separate groups... Just leave it alone.kservice

Share this post


Link to post
Share on other sites

Kservice I didnt think you were talking down at all. I just wanted to clear up any miscommunication that I didnt have an inkling about the DC theory. Setup and implementation is another story...but I am sure I can handle it.I may even run Citrix to make it even more simplistic in the end as an admin. Also I am reading that Citrix will do load balancing and other neat and nifty admin functions. So this is something I am considering throwing into the mix.The user groups will not be large. Probably a group for Admins that will contain 2 users. A group for Exec Staff which will contain around 10-20 users. A group for Administrative/Accounting Staff which will also contain around 10 users. A group for Clinical Staff which would make up the bulk of the rest of the users. Possibly another group or two...no more than that though.I also have done some checking into the way our UNIX system application logs its users and the IP issue wont be an issue...even b4 testing the thin clients. I also talked with someone this morning that is gonna let me borrow a couple of thin clients to test with b4 I make up my mind. Its just that this "person" only sales the new WYSE terminals....and not the refurbs. He will sell me them for the same price as what I can buy new ones for.....BUT I can get them refurb'd with the same warranty as new for 100.00 a pop cheaper. Would pay to just buy 5 extras for the shelf in case I have one go bad...and still be cheaper overall.andrescasta

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.