3

I currently have about 50 different work stations, all running windows xp who are part of various workgroups. These machines were all setup by different people with no communication between them. I honestly, don't know what to expect when I dive in to them. I'm working on migrating them over to a Domain. I have the DC set up and it seems to be working well.

What do I need to do and in what order to make this all happen?

How do I lock down these machines ? Group Policy? Do you know of any good resources for wrapping my head around what Group Policy is?

Can switching from 50 machines using NETBIOS and workgroups to a domain make the network run faster or no?

Noah Clark
  • 537

2 Answers2

6

Heh, well the good thing is that you're certainly heading in the right direction!! Not sure how much speed benefit you'll notice, but you will certainly improve the efficiency of things.

I would do things in this kind of order:

  1. Lock your door so the users can't get to you to gripe about locking them down (haha)
  2. Make sure you have Active Directory containers configured how you want them. This should't be too bad with only 50 PC's.
  3. Create domain user accounts for your users in AD
  4. Create home network shares if you want to use them
  5. Configure the domain's Group Policies in AD
  6. Write login scripts if you want to use them
  7. Configure your PC's to use your DC as the dns server if they're not already (or whatever dns server holds your AD SRV records). You might consider setting up DHCP at this point if you don't already have it in place. NOTE based on comments: DO USE DHCP! The prior wording was supposed to say that, but admittedly was not clear. Set up DHCP and configure your clients to use it.
  8. Back up your users' profiles on their PC's. They will get new user profiles with their domain accounts.
  9. Join your PC's to the domain

Some of that can be switched around a little but basically it's

  1. Set up your domain and group policies
  2. Set up your user resources
  3. Migrate the PC's

Do this with a handful of PC's in a a lab before you do this in production until you are comfortable with the process. You'll also benefit from a workstation naming standard when joining your PC's to the domain (from a sanity perspective).

Here's the site to start learning about group policy.

squillman
  • 38,163
1

A domain will sure allow for better management, and better network performance too (no more NETBIOS broadcasts all around).

Steps to bring all of this into a domain:

  • Give each computer (and your DC, of course) an IP address/subnet mask pair so that all of them are on the same subnet.
  • Make each computer use your DC as its DNS server.
  • Make each computer use the default gateway for your network.
  • Make sure your DNS server can resolve Internet names (it does, by default; but you should configure forwarders for better performance).
  • Join each computer to the domain.
  • Create user accounts for your users.
  • If needed, give users local administrator rights on their computers.

This should get you going.

For group policies, you can start here.

Massimo
  • 72,827