Jump to content
RESET Forums (homeservershow.com)
  • Sign in to follow this  

    BYOB Episode 139


    Today I am joined by Christopher Courtney (aka: Drashna) to dig deeper into the topic of running a domain at home.  As enthusiasts, we will be faced with the potential of making the choice to either upgrade to Windows Server 2012 Essentials or possibly to look for other solutions.  Our discussion today deals with exploring all the benefits and drawbacks to running a domain at home.  After talking today with Chris, I now have a different perspective and viewpoint on this topic.  I would like to thank Chris for joining me today and enlightening us with his experience and views.  In addition we also discuss an update to Plex which breaks Blu-Ray folder metadata and changes how I am using it.   Show Outline Why do you need a domain at home?

    • Most people don't
    • If you have a larger number of computers, it makes management easier
    • If you have a few computers that everyone shares

    What is a Domain/Domain Controller?

    • It's an Authentication Server, basically

    • Authenticates users on multiple machines
    • Verifies security

    • Specifically, it allows one user account (a domain user) to access "resources" on multiple machines with the same username and password

    What does a domain allow you to do?

    • Authenticate users (yes, this is a running theme and the main point of domains/active directory)
    • Enforce security/group policies

    • Folder Redirection? Part of the "Implement Group Policy" feature in Essentials

    • Sets user folders (Contacts, Favorites, Downloads, Desktop, Documents, Pictures, Music, Videos) to use a Network share location by default, and to be synced between domain PCs
    • Sets these files up in "Offline File Sync" so they are available if you don't have access to the server, such as "Out of Office"

    • Push MSI installations such as:

    • Google Chrome for Enterprises
    • StableBit Products
    • TightVNC
    • PDF Readers

    • Most any other MSI

    • Anything that uses "secpol.msc", aka Security Policies

    • Anything that uses "gpedit.msc", aka "Group Policy Editor"

    • BitLocker without TPM? www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/

    • Disabling the annoying new computer wizard in Windows 8
    • Enabling Remote Management of Event Viewer, Devices, and Disks
    • Configure Windows Update settings, and even allow configuration for a WSUS server
    • And many, many other things that you can control via Group Policy, includes Start8 settings.

    • Organize and manage your network This is a bit more technical, and many not be needed in a home environment

    • OU's
    • Volume Licensing Activation via the Key Management Services

    • Domain Name Server (DNS)

    • DNS is the back bone of Active Directory/Domains
    • Instead of Host file hacking, you can add a "Primary Zone" and "A NAME" here

    • Useful for blacklisting websites for the network (not as good)

    • Good for redirecting resources to a local IP (such as your Anywhere Access URL, and great for bypassing routers that lack a "loopback adapter"

    • Windows Deployment Services

    • PXE (Diskless) booting over the network
    • Server 2012R2 Essentials uses this to boot the restore disk over the network
    • Can be used to boot any "WinPE" based image, such as EaseUS Data Recovery
    • Can be used to Install Windows over the network without a disk

    • "LDAP" Authentication can be used to authenticate against by any software that is capable of using "LDAP", such as:

    • Subsonic (out of box)
    • Wordpress (with a plugin)
    • Does not have to be *on* the server to do this

    Why do I say that this isn't for most people? You don't just reinstall in a domain controller. You need either a good and reliable backup solution that you can restore from. Or you need a secondary (backup) domain controller. Or, both ideally. The reason being is that if you reinstall the domain, even if it's using the same name and same user accounts, the "IDs" for the users and computers are not the same. This means that you will need to leave the domain on each client computer. This DELETES the domain user account on the PC. This is also why it's stupid that Microsoft has depreciated the Windows Easy Transfer Wizard tool in Windows 8 (outright blocks it in 8.1). DNS AutoConfig: In theory, if the DHCP server is handing out your server's IP Address as a DNS server (ideally the primary), then it will not configure the DNS server. You can also use Group Policy to add this registry entry. And on your DHCP server, you should set the primary DNS server to your Essentials Server, and set the secondary DNS server to the router's IP or your ISP's DNS IP (so that when your server is down, you will still be able to resolve domain names)

    Sign in to follow this  

    User Feedback

    Recommended Comments

    There are no comments to display.

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

  • Our picks

    • Let's start small with the definition. If you know about podcasts already you can skip ahead.  
      What is a podcast?  There is no set definition but in general a podcast is a voice recording on a subject that you can usually listen to however and whenever you want.  Let's break these down a little bit and that will also help define the term for you.
      • 1 reply
    • Here is something that wasn't planned but came to me while I was at Unveiled.  The Unveiled event was a little lackluster so I had a little fun with the DJI Osmo Pocket.  Take a look.
      • 0 replies
    • It's the most important post covering CES.  The swag bag review.
        • Like
      • 0 replies
    • TP-Link's Wi-Fi 6 Routers
      I talked with TP-Link about their AX series routers.  The Deco X10 is a Tri-Band mesh router that will come in a pack of two for $350.  I was told Q3 for release but if that sounds like a long time don't forget that we don't have anything that will talk with the AX standard yet.  
      It's a good looking box that I hope will perform well and have plenty of features.  I've read good things about the Deco series and there were a few good sales last year on the M5.  I really should test the M5!

      Here it is.  Yes, it's huge! Not a hockey puck like the M5 is.  What do you think?
      • 1 reply
    • ASUStor AS4004T 10Gbe NAS Review
      ASUStor AS4004T NAS - Short and Sweet Review
      • 0 replies

  • Create New...