ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Fully Functional Domain from Zero

    Scheduled Pinned Locked Moved IT Discussion
    20 Posts 6 Posters 709 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender @gjacobse
      last edited by Dashrender

      @gjacobse I think we need a lot more details.

      You're talking about domains - but do you mean AD or AAD or something else?

      DashrenderD gjacobseG 2 Replies Last reply Reply Quote 0
      • J
        JasGot @gjacobse
        last edited by

        @gjacobse Your questions leave out a lot of information.

        I just did this in under three hours:

        1. registered a new domain
        2. brought it to life on a WHM/cPanel server as domain.tld
        3. unboxed three Dell PE 540s
        4. powered them on
        5. built a new AD Domain on the first 540 using a subdomain (ad.domain.tld) from step one
        6. provisioned DHCP
        7. provisioned DNS
        8. added the other two 540s to the new subdomain
        9. installed our RMM software on all three
        10. created one OU and one user in AD
        11. added our default (standard) GPO policies

        Since it was time for lunch, I kicked off Windows updates and left. After lunch we boxed them up and took them to their rack at the customer and powered them back on.

        We' joined one PC to the domain and logged in as the user created in step 10. Everything beyond this is customer specific (read: "Custom")

        This fully functional three server domain was ready to go in three hours. It took another 4 hours to get lunch, box them up and drive them over to the customer site and load them in the rack and power them on and join that one PC.

        If you have nothing else going on, this is a one day task. If you have other projects in motion, 3 days is reasonable.

        DashrenderD gjacobseG 2 Replies Last reply Reply Quote 3
        • DashrenderD
          Dashrender @Dashrender
          last edited by Dashrender

          I feel it's weird to talk about AAD as a domain, but that's just probably me.

          Spinning up a greenfield AAD should take about 20 mins - If the real email domain is already owned and controlled by you, you can setup ADD using that straight out of the gate, and skip the whole OnMicrosoft.com domain stuff - but I ran into something about 8 months ago (i completely forget the details) that seemed to imply not having the OnMicrosoft.com stuff in there could cause other issues.

          Generally you can setup a new AAD by just creating a new account, creating the first user in that account - and ta da... done.

          Then add your email domain name.

          I'm not sure what more you want setup - of course there are many things you can do to lock it down.. Daniel B will know all that stuff.

          gjacobseG 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @JasGot
            last edited by Dashrender

            @jasgot said in Fully Functional Domain from Zero:

            @gjacobse Your questions leave out a lot of information.

            I just did this in under three hours:

            1. registered a new domain
            2. brought it to life on a WHM/cPanel server as domain.tld
            3. unboxed three Dell PE 540s
            4. powered them on
            5. built a new AD Domain on the first 540 using a subdomain (ad.domain.tld) from step one
            6. provisioned DHCP
            7. provisioned DNS
            8. added the other two 540s to the new subdomain
            9. installed our RMM software on all three
            10. created one OU and one user in AD
            11. added our default (standard) GPO policies

            Since it was time for lunch, I kicked off Windows updates and left. After lunch we boxed them up and took them to their rack at the customer and powered them back on.

            We' joined one PC to the domain and logged in as the user created in step 10. Everything beyond this is customer specific (read: "Custom")

            This fully functional three server domain was ready to go in three hours. It took another 4 hours to get lunch, box them up and drive them over to the customer site and load them in the rack and power them on and join that one PC.

            If you have nothing else going on, this is a one day task. If you have other projects in motion, 3 days is reasonable.

            WTH? Windows Server on bare metal? It's not 1998... 😉

            1 Reply Last reply Reply Quote 2
            • gjacobseG
              gjacobse @JasGot
              last edited by

              @jasgot

              You must have been sitting on the Dell PEs then... with the shortage things are on back order.

              But - good to know.

              1 Reply Last reply Reply Quote 0
              • gjacobseG
                gjacobse @Dashrender
                last edited by

                @dashrender

                Do you mean AAD over ADD?

                DashrenderD 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @gjacobse
                  last edited by

                  @gjacobse said in Fully Functional Domain from Zero:

                  @dashrender

                  Do you mean AAD over ADD?

                  Type-o - fixed.

                  I meant AAD vs AD - i.e. cloud vs likely onprem or colo

                  1 Reply Last reply Reply Quote 1
                  • gjacobseG
                    gjacobse @Dashrender
                    last edited by

                    @dashrender said in Fully Functional Domain from Zero:

                    @gjacobse I think we need a lot more details.

                    You're talking about domains - but do you mean AD or ADD or something else?

                    Everything needed for a proper Domain - Lan-less or not - for a new business that until you walked through the door - didn't / doesn't have anything. Not even a purchase order for a server or services.

                    DashrenderD JaredBuschJ 3 Replies Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @gjacobse
                      last edited by

                      @gjacobse said in Fully Functional Domain from Zero:

                      @dashrender said in Fully Functional Domain from Zero:

                      @gjacobse I think we need a lot more details.

                      You're talking about domains - but do you mean AD or ADD or something else?

                      Everything needed for a proper Domain - Lan-less or not - for a new business that until you walked through the door - didn't / doesn't have anything. Not even a purchase order for a server or services.

                      Why even talk about a domain? Listening to Scott, and some others, those are basically dead....

                      Even if I go full on M365, and join Win10 computers to AAD, I barely look at it as a domain.. even though, yeah.. it is one.

                      1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @gjacobse
                        last edited by JaredBusch

                        @gjacobse said in Fully Functional Domain from Zero:

                        proper Domain - Lan-less or not -

                        You are mixing things up for certain, because those two things don't mean shit to each other.

                        Domain != AD or AAD unless you are specifically asking for a Windows Domain.

                        So stop, go back to simple and clarify WTF you want.

                        Edit: @scottalanmiller would be like 20 posts in already on this if he was around.

                        1 Reply Last reply Reply Quote 4
                        • DashrenderD
                          Dashrender @gjacobse
                          last edited by

                          @gjacobse

                          If I'm walking into a greenfield situation - I would likely skip any and all local infrastructure as much as possible.

                          Setup an account on M365, no licenses are actually required - you just can't do much (like no email, etc) without a license. But you can administrate the environment.

                          Purchase email domain name if not already acquired.

                          Setup domain name in M365
                          setup security settings in M365
                          Create users in M365
                          pass out credentials

                          Done

                          As for the local network - ER4 or whatever is current at that level for gateway and DHCP.

                          1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender
                            last edited by

                            I'm not in a greenfield setup, and I'm still actually trying to ask this same question - but I have several requirements.

                            20 shared front desk computers - each user needs to be able to log in as themselves at any of them (personalized logon required so they can lock the machine when they step away)

                            deploy printers automatically

                            gather windows update status

                            access shared files from anywhere

                            Access email from anywhere

                            remotely manage machines

                            I'm sure there are more if I spend time thinking about it.

                            1 Reply Last reply Reply Quote 0
                            • J
                              JasGot @gjacobse
                              last edited by

                              @gjacobse said in Fully Functional Domain from Zero:

                              But, could one say - a core system minus the needed desktops for users, and any onsite servers for needs could be spun up in 1-3 days?

                              I took this to mean "maybe the hardware is already acquired".

                              gjacobseG 1 Reply Last reply Reply Quote 0
                              • gjacobseG
                                gjacobse @JasGot
                                last edited by

                                @jasgot said in Fully Functional Domain from Zero:

                                @gjacobse said in Fully Functional Domain from Zero:

                                But, could one say - a core system minus the needed desktops for users, and any onsite servers for needs could be spun up in 1-3 days?

                                I took this to mean "maybe the hardware is already acquired".

                                No - No hardware. Greenfield

                                J 1 Reply Last reply Reply Quote 0
                                • J
                                  JasGot @gjacobse
                                  last edited by

                                  @gjacobse said in Fully Functional Domain from Zero:

                                  @jasgot said in Fully Functional Domain from Zero:

                                  @gjacobse said in Fully Functional Domain from Zero:

                                  But, could one say - a core system minus the needed desktops for users, and any onsite servers for needs could be spun up in 1-3 days?

                                  I took this to mean "maybe the hardware is already acquired".

                                  No - No hardware. Greenfield

                                  Okay. Then 21 days for Hardware.

                                  1 Reply Last reply Reply Quote 0
                                  • EddieJenningsE
                                    EddieJennings @gjacobse
                                    last edited by

                                    @gjacobse said in Fully Functional Domain from Zero:

                                    Now, I realize that some aspects of that depend on how many people need to be on boarded - but also not really with the use of things discussed with @EddieJennings using Powershell and such things.

                                    Didn’t think your were in a greenfield, unless you’re asking hypothetically.

                                    gjacobseG 1 Reply Last reply Reply Quote 0
                                    • gjacobseG
                                      gjacobse @EddieJennings
                                      last edited by

                                      @eddiejennings said in Fully Functional Domain from Zero:

                                      @gjacobse said in Fully Functional Domain from Zero:

                                      Now, I realize that some aspects of that depend on how many people need to be on boarded - but also not really with the use of things discussed with @EddieJennings using Powershell and such things.

                                      Didn’t think your were in a greenfield, unless you’re asking hypothetically.

                                      Different project - not current employment / involvement.

                                      DashrenderD 1 Reply Last reply Reply Quote 0
                                      • DashrenderD
                                        Dashrender @gjacobse
                                        last edited by

                                        @gjacobse Can we start over with a list of requirements instead of thinking we must start with 'domain'?

                                        1 Reply Last reply Reply Quote 1
                                        • PhlipElderP
                                          PhlipElder @gjacobse
                                          last edited by PhlipElder

                                          @gjacobse Set up the Hyper-V host from scratch about 60-75 minutes up to date.

                                          Set up the required base OS virtual machines about 45-60 minutes (count does not matter).

                                          Greenfield Active Directory, OUs, GPOs, DNS, DHCP, Folders, and Shares about 45-60 minutes.

                                          Import and configuration of base GPOs about 60 minutes.

                                          Exchange on-premises about 30 minutes post Exchange install.

                                          Script to set up users, their groups, and their mailbox about 60 minutes.

                                          Time to run the script: 60 seconds.

                                          Done.

                                          User count does not matter. All in PowerShell.

                                          And yes, all of our clients are on-premises Exchange.

                                          EDIT: We charge a flat fee for the above.

                                          1 Reply Last reply Reply Quote 1
                                          • 1 / 1
                                          • First post
                                            Last post