Jump to content
RESET Forums (homeservershow.com)
Ncage1974

To AD or not?

Recommended Posts

Ncage1974

Guys i have been running a domain in my home for years now. I've been considering on getting rid of the domain for awhile not. Why do i run one? Primarily because i run a hyper-v VM Server. Running hyper-v manager across the network when your running a domain works GREAT. I don't know if its still the case but trying to run hyper-v manager to a remote machine when your in a workgroup was a hack and getting it working was a major pain in the rear. But i was thinking why even mess with running hyper-v manager remotely. Just remote desktop into the remote hyper-v machine and running hyper-v manager locally. Its an extra step but shouldn't be that big a deal considering how much i have to mess with my VMs. The only other small advantage i've found is extremely quick DNS lookups because my AD DNS caches external DNS entries. 

 

Why don't i want to run AD? In one word complexity. I've had multiple problems through the years that have taken me hours to figure out. I run heterogeneous environment (linux, mac ,ect..). Back in the days of old running a domain was easy. In the NT4 days creating a domain was easy: PDC, BDC, etc. I remember trying to create another domain controller a few years back for redundancy and i gave up after a few days. I know some networking stuff of course or i could have never setup a domain in the first place but this goes well beyond my competence. I could of course learn all this stuff with hours of study but there is only so much time in the day and i prefer not to spend my free time in trying to learn AD, Forests, trust, ect. Its been a long time but there was a time with my AD server did go down and i had to redo it which caused countless hours redoing lots of things. Also complexity not only comes with setup but when things decide not to work one day.


Since its been hears since i've not had an internal dns server the only thing i hope is my linux/mac clients can find my windows machines without having static IPs. If i remember correctly windows has this wierd browser service it uses to find other PCs in the same workgroup that seems to flake out sometimes.

 

anyways opinions would be appreciated. Should i dump AD and be done with it?

 

thanks....

Share this post


Link to post
Share on other sites
pcdoc

My advice may go against some beliefs but I would dump it.  I used to run it at home and presently run it at work, but most of the needs at home, in my opinion, is not necessary.  Your concerns on DHCP and DNS should not be an issue if you have a decent firewall.  One trade-off you make is a level of control and security so I suggest you have a strong and configurable firewall to help control any unwanted access and to better lock down your network.  As for Hyper-V, I have been running it for years in and out of a domain and it works fine.  You give up very few "home useful" features.  As for static IPs, you can choose to run some of your devices as a static IP which will be handled by your router or it will work perfectly fine with DHCP unless you have set the IP at the client in which case you will have to set them back to DHCP.  Hopes this helps.

Share this post


Link to post
Share on other sites
Ncage1974
9 hours ago, pcdoc said:

My advice may go against some beliefs but I would dump it.  I used to run it at home and presently run it at work, but most of the needs at home, in my opinion, is not necessary.  Your concerns on DHCP and DNS should not be an issue if you have a decent firewall.  One trade-off you make is a level of control and security so I suggest you have a strong and configurable firewall to help control any unwanted access and to better lock down your network.  As for Hyper-V, I have been running it for years in and out of a domain and it works fine.  You give up very few "home useful" features.  As for static IPs, you can choose to run some of your devices as a static IP which will be handled by your router or it will work perfectly fine with DHCP unless you have set the IP at the client in which case you will have to set them back to DHCP.  Hopes this helps.

 

Thanks for the response. I decided to dump it late last night and i have finished my migration :). Just like everything else i had issues. I haven't ran a workgroup in years and i had issues initially seeing all my PCs in the workgroup. After working on it for a few hours i found out when Microsoft dumped SMB1 they also dumped the "Computer Browser" service that use to power network discovery. It was a little tricky figuring out the details there but i finally did get it corrected correctly (not by enabled SMB1). Actually running an eero system and with the dumping of AD i decided to give eero plus a try which i'm quite liking. I spent a few hours researching zscaler (what powers it) and the technology is pretty cool (of course you don't get all the goodies that powers their enterprise offering).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×