In a small workgroup of 5 developers in a Windows based network why should I prefer Active Directory user management compared to local server users? We currently use Windows Server 2008 R2 and TFS2010.
Thanks.
Asked
Active
Viewed 169 times
2 Answers
2
Centralised user and computer management. Ability and ease of scaling for growth (of both devs and servers). Security and file system change auditing. Single sign-on. Password complexity baselining.
need any more?
lluke
- 72
- 3
-
No, you were clear enough thanks ;) Do you know if there any chance to migrate existing local server users to AD without breaking the link with TFS source control? – abenci Aug 29 '11 at 12:40
-
not to my knowledge. this is a good opportunity to audit rights and verify incoming accounts have the correct level of access though. also, don't forget to disable the local accounts on the servers once AD is setup (and reset the local admin account passwords too!). – lluke Aug 29 '11 at 14:54
-
1I'll add, once you have AD, you can effectively preserve accounts/permissions as you upgrade and replace the server - using a workgroup, you cannot do that. – Multiverse IT Aug 30 '11 at 02:07
2
I'm in a small startup of about 10 people. One of the first things I implemented was AD. Our openSUSE machines are part of the domian, we use Office365 for e-mail and I plan on implementing ADFS/SingleSignon to authenticate against our AD.
Working at large companies, I know the horror of password hell. It sucks having to manually sync five to eight accounts everytime your AD password expires and you have to reset it. The biggest reason I implemented AD from the start is centralized passwords/accounts. I don't even recommend a product unless it has LDAP/AD integration. Having one password across all products is a huge help. Even our wordpress and wiki installs authenticates against AD.
djsumdog
- 1,100
- 2
- 16
- 29