1

I've recently been hired for a network administrator position and one of first things I noticed was that the company still uses a workgroup network model. I want to switch to a Domain based model, but my boss has questioned this and asked me to "quantify" it. Can anyone help me out here? Apparently, explaining the benefits of centralized administration of accounts, increased security, among others, was not enough to sway him.

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
  • 1
    You may find some useful points here http://serverfault.com/questions/648/at-what-point-does-a-domain-suit-a-network-better-thatn-a-workgroup and here http://serverfault.com/questions/63606/will-the-use-of-domain-controller-be-beneficial-over-using-workgroup-in-a-it-comp – Kara Marfia Nov 27 '09 at 19:18

3 Answers3

2

Estimate or provide evidence of the amount of time you spend administering:

  • local accounts on each machine
  • security policies on each machine
  • Rolling out new software and security updates
  • Administering independent DNS and tying those to existing machines

There are many, many reasons to use a domain model, especially once you get past a few machines. How many machines are you talking about adding to the domain?

Matt Simmons
  • 20,396
  • 10
  • 68
  • 116
0

The company is in the growing process. They started out with 4 employees and are now hovering around 50. Of the 50, about 20 of them are office staff, the rest are production floor employees. So I'm looking after about 20 computers. For myself, it's more the ease of administration, and the fact it adds another level of security is a side benefit for me. Some computers are using dos batch files to authenticate with shares on a linux samba share. The files contains user/pass info in plain text that provides access to HR, Payroll and other confidential information. Unfortunately, my manager doesn't seemed to be as concerned about security and data protection as I am.

I've been a Sys Admin for just over 10 years, and this is the first time I've been questioned on the benefits of moving or implementing a domain based network model. I've already sent him the pro's and cons, added security level, blah blah, speech. I believe he's looking for numbers, quantify the reason to implement. I've tried to reach some sort of numbers, but from my investigations, most numbers provided by research and surveys are best guesses, and not actual numbers.

Rump
  • 39
  • 1
  • 1
  • 5
  • Instead of putting commentary as answers, you should edit your post, or use comments. This isn't like a discussion board; the order of the answers is not stable, so if any significant number of people try to answer your question, the "conversation" will no longer make sense. – jprete Nov 27 '09 at 20:04
0

At 20 computers, the cost reduction is not going to be significant. What it will really do is allow for improved responsiveness, increased control, improved security and risk mitigation. The questions Kara linked go through the benefits.

Also, you will be less busy, which only really matters if you have a big backlog of tasks and projects to work through.

I would not let this go easily. The security exposure is big, and the current situation borders on professional malpractice. Most data loss is because of insiders, and this kind of terrible security makes the company exceptionally vulnerable to insiders.

tomjedrz
  • 5,974
  • 1
  • 16
  • 26