Domain controllers at home

Forums › Microsoft Windows › Domain controllers at home

elpenguino

239 posts

Master Geek
+1 received by user: 66

Topic # 180992 28-Sep-2015 21:37

Hi GZers,
I decided it is annoying managing accounts on multiple PCs (kids shoulder surf etc) and wonder about the merits of running a DC at home. I don't really want to run another PC 24/7 but I think I have a ex-corporate SFF machine that will boot up when you send it network traffic.

Do you think having a domain controller booting up and sleeping down later is going to be a realistic solution for this situation?
Are the PCs going to be happy if the DC is there for log on and then it disappears?

How are you GZers managing your multiple PCs at home?

Cheers,
Chris

phantomdb

426 posts

Ultimate Geek
+1 received by user: 65

Subscriber

Reply # 1396155 28-Sep-2015 21:55

Have you thought of using a Raspberry Pi for a low power option?
https://www.raspberrypi.org/forums/viewtopic.php?f=36&t=26588
http://www.ducky-pond.com/posts/2012/Dec/install-a-samba-pdc-on-rpi-part-1/
http://purpletechnician.se/index.php/19-nyheter/33-activedirectory-domain-controller-with-samba4-on-raspberry-pi

Yabanize

2004 posts

Uber Geek
+1 received by user: 463

Reply # 1396157 28-Sep-2015 22:00

There is also Azure Active Directory, not sure how it works, Cloud hosted by Microsoft

elpenguino

239 posts

Master Geek
+1 received by user: 66

Reply # 1396162 28-Sep-2015 22:08

Thanks, I do run a PI (1) at the moment, as a SMB file share and anything to do with file writing is verrrrrry verrrrry slow.

I thought I might serve files from the C2D machine also, if it becomes the DC and boots on request.

JWR

731 posts

Ultimate Geek
+1 received by user: 236

Reply # 1396210 28-Sep-2015 23:18

Your PC caches Active Directory logon credentials.

So you can still logon without a domain controller being present.

Eventually, the credentials will become stale and you will need a DC again.

Also, there are some issues if you get your cached and DC credentials out of sync. But, that probably won't happen if you are careful.

What are you using for a domain controller?

tardtasticx

Doesn't know what he doin
2810 posts

Uber Geek
+1 received by user: 319

Subscriber

Reply # 1396231 29-Sep-2015 00:57

If your PCs all have a compatible OS, then go for it! Perhaps get a program that automates shutting down/sleep and startup of the DC machine so it's only on when you will use the computers to save power etc. And backup like no tomorrow.

Would love to try this at home but I run Mac mostly and cannot be bothered dealing with that and any ensuing dramas. I can setup an AD environment in a few hours no sweat but I feel Mac + Parents computers will end in fights.

Side note though:

I might be wrong, but doesn't the computer need to be using a pro/enterprise version of windows to connect to an AD?

This could change things if you're using this at home as I don't think many home PCs come with a pro version of Windows (haven't gone shopping for a Windows PC in many years tho).

Bachelor of Computing Systems (2015)

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland

timbosan

1281 posts

Uber Geek
+1 received by user: 116

Reply # 1396312 29-Sep-2015 08:45

I run SBS2011 at home, which gives me a domain controller as well as SharePoint, WSUS (so I only need to download each Windows Update once for all machines), RDP Gateway, etc. At first this was a steep learning curve but the advantages are worth it - just a single location to manage all user accounts.

You could also run Server 2012R2 Essentials, which is designed for more SOHO type environments. Both products make the domain setup easy.

Varkk

25 posts

Geek
+1 received by user: 3

Reply # 1396321 29-Sep-2015 08:56

Side note though:

I might be wrong, but doesn't the computer need to be using a pro/enterprise version of windows to connect to an AD?

This could change things if you're using this at home as I don't think many home PCs come with a pro version of Windows (haven't gone shopping for a Windows PC in many years tho).

Joining a domain is one of the main benefits of Pro versions of Windows over the home versions. So all of the PCs running Windows would have to be Pro edition or better for it to work.

I think there are other options to achieve what you are trying but I think they will require a lot of fidgeting about to get it going and keep it working.

chiefie

I iz your trusted friend
5755 posts

Uber Geek
+1 received by user: 134

Mod Emeritus

Trusted

Subscriber

Reply # 1396337 29-Sep-2015 09:24

2 people support this post

Running Windows 10 Home? Why not create Microsoft Account for your kids - using Family Sharing - so you can manage their accounts from your account being parent. Though Mauricio said he had difficulty to get his and his daughter's to link up somehow.

Internet is my backyard...

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

Please read the Geekzone's FUG

Yabanize

2004 posts

Uber Geek
+1 received by user: 463

Reply # 1396338 29-Sep-2015 09:24

timbosan: I run SBS2011 at home, which gives me a domain controller as well as SharePoint, WSUS (so I only need to download each Windows Update once for all machines), RDP Gateway, etc. At first this was a steep learning curve but the advantages are worth it - just a single location to manage all user accounts.

You could also run Server 2012R2 Essentials, which is designed for more SOHO type environments. Both products make the domain setup easy.

How many laptops, desktops? How many people use them? They switch between them, dont just use one device?

Do you do it to enforce things through group policy etc

timbosan

1281 posts

Uber Geek
+1 received by user: 116

Reply # 1396347 29-Sep-2015 09:30

Yabanize:
timbosan: I run SBS2011 at home, which gives me a domain controller as well as SharePoint, WSUS (so I only need to download each Windows Update once for all machines), RDP Gateway, etc. At first this was a steep learning curve but the advantages are worth it - just a single location to manage all user accounts.

You could also run Server 2012R2 Essentials, which is designed for more SOHO type environments. Both products make the domain setup easy.

How many laptops, desktops? How many people use them? They switch between them, dont just use one device?

Do you do it to enforce things through group policy etc

A bit of a mix - 2 Mac laptops, 2 Windows laptops, 2 desktops (one is a HTPC)
I am the only one to use more than one device
Main reason for joining to the domain is backups

Actually, I try to stay away from GP. I have tried both joining the domain and NOT joining the domain on each Windows machine. I have found the best solution is to install the Server 2012 Essentials connector (which adds the ability to backup the machine each day, and do bare metal restores) but with a switch to not join the domain. The reason being I am not an AD expert and there where some things I couldn't figure out. Like moving from a workgroup account to a domain, and keeping all the files/settings etc (by default joining the domain always seems to create a new login).

elpenguino

239 posts

Master Geek
+1 received by user: 66

Reply # 1396568 29-Sep-2015 12:54

timbosan: I run SBS2011 at home, which gives me a domain controller as well as SharePoint, WSUS (so I only need to download each Windows Update once for all machines), RDP Gateway, etc. At first this was a steep learning curve but the advantages are worth it - just a single location to manage all user accounts.

You could also run Server 2012R2 Essentials, which is designed for more SOHO type environments. Both products make the domain setup easy.

If I am going to do something like this, I feel it's easier to follow the script and use MS Server with MS desktop rather than try to cobble together something from disparate parts.
In answer to the other posters, yes I have 'pro' machines.

So , do you leave your SBS2011 machine powered on 24/7?

timbosan

1281 posts

Uber Geek
+1 received by user: 116

Reply # 1396581 29-Sep-2015 13:18

elpenguino:
timbosan: I run SBS2011 at home, which gives me a domain controller as well as SharePoint, WSUS (so I only need to download each Windows Update once for all machines), RDP Gateway, etc. At first this was a steep learning curve but the advantages are worth it - just a single location to manage all user accounts.

You could also run Server 2012R2 Essentials, which is designed for more SOHO type environments. Both products make the domain setup easy.

If I am going to do something like this, I feel it's easier to follow the script and use MS Server with MS desktop rather than try to cobble together something from disparate parts.
In answer to the other posters, yes I have 'pro' machines.

So , do you leave your SBS2011 machine powered on 24/7?

Yup - it actually runs as a VM on the Server 2012R2 box, so I run 2 'machines' without the power of 2 machines. The Server 2012R2 box has all my file shares on it, and does the backups during the night (from the clients ro the server, and from the server to external drives) which can take a few hours. so its' easier to leave it running. It also means that running SBS2011 in a VM gets the VM backed up as well.