Consulting for a Small Construction Company
-
@MattSpeller said in Consulting for a Small Construction Company:
$0.02
skip 2nd DC
Single server (SPOF) is fine as long as you discuss it with the business. Pro's (cheap) cons (failure / restore time)
What's your DR plan?
That was the point of having a UEB (again, or whatever it's called now, I forget). That was for backup/DR. We can always setup archiving with them. That's easy enough, and that'd allow them to have offsite backups.
-
@thanksajdotcom said in Consulting for a Small Construction Company:
@Not because they necessarily need it right now, but for future growth.
http://www.smbitjournal.com/2012/10/you-arent-gonna-need-it/
-
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
-
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
-
@scottalanmiller said in Consulting for a Small Construction Company:
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
I do, but this guy doesn't. My goal was to get this setup, give him some training, and make it easy enough for him to be able to manage mostly on his own.
-
@scottalanmiller said in Consulting for a Small Construction Company:
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
Yeah, but what about the person he's working with that actually has to support said environment?
-
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
I do, but this guy doesn't. My goal was to get this setup, give him some training, and make it easy enough for him to be able to manage mostly on his own.
When it comes to situations like this generic super normal easy to manage (and google fixes for) reigns supreme.
-
Here is where I would go based off of the size and scenario without further information:
- No directory. They are too small, this is just wasting money at their size.
- CentOS Samba4. Free forever.
- Azure AD. No servers on site, no local dependencies.
- I wouldn't even consider a number for (which includes legacy AD.)
In that order.
-
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
I was thinking about Linux, because I know you can do pretty much all these things on Linux. I've setup SAMBA and that on Linux before. Never setup a Linux server to handle AD or that. I'm sure with some time and help, @scottalanmiller , I could do it. But that would drive the time to train this guy WAY up.
-
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
I do, but this guy doesn't. My goal was to get this setup, give him some training, and make it easy enough for him to be able to manage mostly on his own.
Then no CentOS, and no AD. Rule both of those out on those grounds.
No central authentication is the answer here. Azure AD if you insist.
-
Here is what I'm thinking based off of what little I know...
If local storage is needed, Synology or ReadyNAS that gets backed up.
Nothing else, it's that simple.
-
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@travisdh1 said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
@thanksajdotcom said in Consulting for a Small Construction Company:
- Would a secondary DC make sense? There are only seven computers in this entire environment right now.
At seven the rule is not to have DC at all (straight from Microsoft.) It's for 10+ and normally not until you get to 12+.
Then, in the 12+ category you normally do only one. AD for desktops has almost zero impact when offline, you can go weeks without anyone even noticing. So a failover would be wasted as it would save the company zero money in nearly all cases.
You only need a failover AD if you have other dependencies on AD that you introduce beyond logins.
Ok, that was my thinking (regarding failover). And the reason for the DC, even though the environment is small, is because they are looking to grow, and it allows for centralized management (obviously). The guy I'm working with is trying to consolidate a lot of things and if he can not have to touch every computer for a change in something, that'd make sense. That's why I wanted to implement AD. Not because they necessarily need it right now, but for future growth.
Is he comfortable with CentOS at all? I've setup a SAMBA4 AD environment here, not any more work for me than getting any other type of directory server setup, but if they're not already comfortable with CentOS that idea is probably off the table.
AJ knows Linux.
I do, but this guy doesn't. My goal was to get this setup, give him some training, and make it easy enough for him to be able to manage mostly on his own.
Then no CentOS, and no AD. Rule both of those out on those grounds.
No central authentication is the answer here. Azure AD if you insist.
That's the other thing I was thinking about. For such a small business, a cloud server makes a lot of sense. Mitigate the risk, cost of running the equipment (power, cooling, etc), and all that. They have a business-grade Verizon connection at the office. I believe it's FiOS (almost 100% sure of that). So setting them up on Rackspace, Azure, AWS, or the like was something else I was considering.
-
A two bay NAS will do the trick here unless I am missing something. Two 4GB drives and a little Unitrends shelf style backup unit and you are good to go. Super simple to manage, very little to break, lots of protection.
-
@thanksajdotcom said in Consulting for a Small Construction Company:
That's the other thing I was thinking about. For such a small business, a cloud server makes a lot of sense. Mitigate the risk, cost of running the equipment (power, cooling, etc), and all that. They have a business-grade Verizon connection at the office. I believe it's FiOS (almost 100% sure of that). So setting them up on Rackspace, Azure, AWS, or the like was something else I was considering.
No, not AD on Azure, Azure AD, the product. Not IaaS, SaaS.
-
Are they on Office 365? What do they do for email and such?
-
@scottalanmiller said in Consulting for a Small Construction Company:
A two bay NAS will do the trick here unless I am missing something. Two 4GB drives and a little Unitrends shelf style backup unit and you are good to go. Super simple to manage, very little to break, lots of protection.
I just realized I forgot the biggest part of this whole thing. (facepalm) So he's looking to setup a program that will be used both in the office and in the field. It's a way to create tickets for customers, track equipment, push out notifications to technicians of work, track they have seen it and what they've done, inventory and track parts purchasing, etc. That was why he wanted the server in the first place.
I can't believe I forgot this...I guess I'm more tired today than I realized. DOH!
-
@scottalanmiller said in Consulting for a Small Construction Company:
Are they on Office 365? What do they do for email and such?
Last I knew (this could have changed), they were using plain old Gmail. Something else I wanted to address with them.
-
@thanksajdotcom said in Consulting for a Small Construction Company:
@scottalanmiller said in Consulting for a Small Construction Company:
Are they on Office 365? What do they do for email and such?
Last I knew (this could have changed), they were using plain old Gmail. Something else I wanted to address with them.
Trying not to do too much too fast. That scares people away.
-
Your way over building this whole thing.....
-
If I was rebuilding my company from scratch (15 employees) today, I would do it all online. Not even a question.
Maybe a Synology in-house to replicate to cloud services.