What are the benefits of a Windows domain?
We recently brought on a client with over 30 computers, 2 sites, and several users that roam the earth who still need access to company resources. The company does not have a Windows domain in place for central administration, and part of our long term strategy with them is to build a much more consistent, scalable, centrally managed network infrastructure that will be able to grow with them for years to come.
Since adding domain controllers and the software / licenses that go with them is a large investment of time and dollars, they asked us for an overview of some of the benefits that come from having this domain. It’s hard to put these into a nice neat box, especially when you’re not the sysadmin that appreciates many of them, but we thought we’d write up this post as a way to share some of the high-level benefits that come from having a Windows Domain.
What is a Windows Domain?
A Windows domain is not the same as an Internet domain, which you may have registered for your business or personal use at a provider such as Register.com or GoDaddy. A Windows domain is a closed is a closed system of users and computers that can share resources and adhere to one centrally controlled management structure. Each user and machine that “belogns” to the domain must authenticate with a server (“Domain Controllser”) to access the system. User accounts, machine accounts, security groups and many other settings are held in a central database called Active Directory.
Some of the Benefits for Businesses
One of the greatest advantages of a Windows domain is the ability to use group policy to control all the settings of each workstation in granular detail. Group policy allows for almost any Windows setting to be set and enforced centrally. For example, shared resources such as printers and folders can be automatically connected for all users within a given department, and standard applications can be deployed to every machine. It’s even possible to set preferences such as desktop backgrounds via group policy, and if needed, end-users can even be restricted as to what additional software they can install on their PC’s.
Windows Update Services (WUS)
Without a Windows domain, each PC has individual settings for patch management which creates security concerns and puts pressure on the internet connection and IT Staff. Using WUS it is possible to set a single update policy which all the machines will adhere to. Additionally, the patches and updates can be cached on the domain controller so that they are not downloaded again and again from the public internet, conserving bandwidth for businesses where needed.
An Active Directory account will conform to a central password policy. This allows the business to enforce password complexity and frequent changes across the whole team, something which greatly tightens security and increases consistency.
3rd Party Software
Many third party packages especially security-related, will demand a Windows domain environment. For example, many business Antivirus products commonly require a domain in order to deploy, maintain and monitor the workstation installations.
Volume Shadow Copy
If you’re using a Windows file server in a domain environment, it is possible for users to restore previous versions of files and folders on a self-service basis from their workstation.
In a domain setup, users can login to any machine that is in the domain using their standard active directory credentials. However, ordinarily, the user experience is not consistent because none of your individual settings (think MS Office toolbars, macros, email signatures, printing defaults etc etc) persist as they are stored locally on your machine. With roaming profiles, you can log into any machine on the domain and find everything is as you left it.
Office 365 Directory Sync
User accounts and passwords can be kept in sync with Microsoft cloud services such as Microsoft Office 365 allowing the user to operate with one set of credentials.
The decision to move to a Windows domain is tied to a number of factors and will vary company-by-company, but in almost any business with more than a handful of users, the consistency, centralized management, and scalability a Windows domain offers will be of great benefit in both the short- and long-term.
Are you interested in moving from a discombobulated work group or peer-to-peer setup to a Windows domain? Contact us today – we’d love to help you take a bit step forward.