|
| Recent
Articles |
Ops Mgr 2007: Certificate-based Authorization...
Certificate-based authorization scenarios in Operations Manager 2007 are something we've tested and documented, but there is one question that's been...
An Introduction to Network Forensics
Have you ever heard of network forensics? Not everyone has but the meaning is actually very important. It basically means the recording, analyzing, and...
3 Methods of Linux System Administration
When you are a new Linux user needing to get Linux training, it is often confusing to decide what to focus on. Should you learn how to use Linux for just one Linux distribution (a.k.a. version, distro)? Should you...
The 802.1X Supplicant...
First let me state that those are words I barely understand, and until recently have never even used the word "supplicant", correctly or otherwise. Having...
We Don't Need An...
As much as I respect Bruce Schneier, and usually follow what he says with few if any questions, I think what he is missing with his speech in London is the Human Element. Humans are flawed, and human creations are...
|
 |
|
07.10.07
Do You Really Need A Domain Controller?
 By
A.P. Lawrence
Let's start out with the good points: there are advantages to a Microsoft Domain Controller model. Centralized user control, fine grained resource access control: these are often useful and very helpful.
But not every business needs this, and there are disadvantages also. Centralized logon also means no logon if that server acts up. Resource access permissions can be much more than is needed for a small business, and can be confusing to maintain.
Unfortunately, businesses often get pushed into this model when they buy new software. The people installing the software are often fairly clueless about networking in general but what they do know is that setting up a Domain Controller makes their work easier. Note that's "their" work, not necessarily yours.
For example, you may have a mixed environment, and in spite of the shiny new Windows software, you still need some Unix apps. By the way, don't be too quick to pat yourself on the shoulder for replacing that clunking old Unix software. My bet is that in five to ten years you'll be moving back to a Unix or Linux based app: unless Microsoft finds some legal shenanigan to kill Linux, I think that's almost inevitable.
| Learn How We Increased Conversion By 816% and Become A Certified Online Testing Professional™ Click Here |
|
But never mind, here's the barely computer-literate Windows "consultants" come to install your new system. They'll be recommending a Domain Controller model. Push back: ask why their software can't run on a server in a peer to peer network. Almost always the answer is that it can. And doing that just might make your migration less painful. For example, a lot of small businesses have XP Home computers. Microsoft doesn't like those to join a Domain. There are ways around it (just do a Google search for "XP Home join domain") but it's still extra work and hassle.
While I'm thinking about it, do NOT let them confuse you or themselves about the "Domain". This has nothing to do with Internet DNS or your mail domain (and for crying out loud: don't let them talk you into Microsoft Exchane or IIS!). Microsoft (as usual) didn't have a clue about the Internet when they designed this stuff, so they took a meaningful name (domain) and polluted it with their nonsense. A Microsoft Domain Controller might be a DNS server, might be a mail or web server (shudder!) but that has absolutely NOTHING to do with the name you (or they) choose for the domain.
Just don't get pushed faster than you want to go. If you don't understand what they are trying to sell you, hire someone else to intercede and protect your interests. A Domain Controller can be the right choice, but it ain't necessarily so.
*Originally published at APLawrence.com
About the Author:
A.P. Lawrence provides SCO Unix and Linux consulting services http://www.pcunix.com.
|
