2

Sorry, I’ve been managing a Apple-only network for 4-5 years. So, my Windows skills are rusty, at best

I was at a small office(went from 15 clients to 5, recently) yesterday to help with their server problems. SBS 2011 hadn’t done any Windows updates to server or clients since early 2016. Server C: drive is 95% full. Updates on server continually fail. WSUS cleanup Wizard snap-in crashes. I don’t think the WSUS DB has ever been cleaned and compacted. And, I have no idea what the settings on it for downloads are. The last time I dealt with this kind of problem was 5+ years ago, and I remember it being a pain in the butt.

I tried uninstalling WSUS via the WSUS 3.0 sp2 installer, it failed to finish and exited several times. I (foolishly) followed an internet guide and uninstalled it, and Windows Internal Database (WID) via Server Manager. Now, I am stuck unable to fully uninstall, or reinstall it.

To tell the truth, I’m not sure this small office even needs SBS 2011, and the headaches. All their clients are Windows 10, now, and I’ve read SBS 2011 can’t easily manage security updates for them, anyway. It stopped doing its backups of their data long ago. They will never manage it properly. And, are unlikely to regularly have someone else do that. On top of that, it really isn’t worth it for them to have me fix it, only to have updates build up again. Not to mention, The server being old and SBS 2011 in its final 15 months

At this point, they are using Office 365 Pro with 1TB storage for each client. With just 5 clients(No one really shares desktops), I’m not sure the even need a LAN login manager, anymore. Now, that it possible to login with a Microsoft Account(MSA)

I’ve recommend using a simple RAID6 NAS for shared storage(also backing up to MS Cloud). Everything else automatically backs up to Office 365 storage

My questions:

  1. Is using MSA’s a good way to manage LAN logins and security?

  2. What changes to GPO policies should I make so that Win10 clients can use their own Windows Update app!

  3. Is there anything else in SBS that I need to deactivate, if they are moving away from this server?

If you have any other advice on creating a simple, manageable, network, I’d appreciate it

Thanks

alexander.polomodov
  • 1,068
  • 3
  • 10
  • 14
VictorR
  • 21
  • 3
  • I have the same situation right now. What did you end up going with? I am thinking just remove the domain all together and just use a NAS for storage, O365 for email. They don't have official email right now, using Gmail, so that should be easy. – Chris Apr 18 '22 at 17:01

2 Answers2

0

I assume the Microsoft Account(MSA) in your message means Active Directory account, it is very useful to managing hunderds or thousands of workstations, I don't think it is necessary for a small office. If you are syncing all accounts to Office 365, if so then you could have a look at the possiblity of migrating your SBS to Microsoft Azure Directory.

I would suggest to decommission the WSUS service considering only the small amount of office computers. In addition, you can use Office 365 SharePoint to replace share drive.

Community
  • 1
Michael Zhang
  • 1
  • Hi Michael, by MSA, I meant they could use their online Office 365/OneDrive logon for LAN access. Since, shifting all their docs and data to OneDrive for Business would essentially put their local network in the Cloud. OneDrive seems to have a feature that lets them select individual files to also store locally, while letting the bulk remain on OneDrive. That’s a great feature – VictorR Aug 10 '18 at 19:19
0

I would remove the WSUS role & database, and remove the update settings GPO, so they could update directly from the internet.

I would keep the server with the AD to have the ability to manage GPO and such, but you could remove the server too for a simple NAS with a Samba on it. Personnaly I prefer to kepp the Active Directory to have the ability to manage each computer with GPO, but it's a decision on your side.

As it's a SBS I would desactivate Exchange service and Sharepoint's one.

Office 365 is a good idea for their email, it will remove that load from the server.

yagmoth555
  • 16,758
  • 4
  • 29
  • 50
  • As a I mentioned above, I’m thinking that their best system is Office 365 with OneDrive for Business. Moving all the heir docs and data into OneDrive. It’s not a lot, maybe 4TB. And, I bet almost half of that is redundant. OneDrive seems to have a feature that may make a NAS unnecessary. It’s lets users select files, or folders, to also store locally for offline use – VictorR Aug 10 '18 at 19:24
  • @VictorR I agree with that point, but my point was more if you need GPO management, you need to think to keep an Active Directory up. – yagmoth555 Aug 10 '18 at 19:44
  • Good point. I’ve been going back and forth, with that. – VictorR Aug 12 '18 at 17:29
  • Good point. I’ve been going back and forth, with that. The problem, is that with the C: drive >95% full, in order to keep that server going, I’d have find a way to finish uninstalling WSUS and WID.....unless, I wipe the server clean, format drive, and start over again. But, I have no idea if they have the install media and serial #s. Maybe, I’m over-thinking this and missing the obvious solution – VictorR Aug 12 '18 at 17:37
  • @VictorR For a SBS usually the media is a manufacturor's restore disk. For the serial number I would check the server, usually the sticker is on it. (or retrieve it from the running SBS2011 before wipping it). As yes I would backup the data and wipe it, for 5 computers it will take less time to start fresh. After the install deactivates wsus, exchange, sharepoint and any unneeded service please. – yagmoth555 Aug 13 '18 at 14:12