Setting up a domain (not website) for home use

Server is great as you suspect (IMHO).  But largely due to cost, it's not generally practical in a home environment.  If cost isn't an issue, go for it, but keep in mind, all the other computers in the home must be running XP Pro, not XP Home (XP Home cannot connect to a domain environment in an effective manner).

Hi lcapurso,

 There will be no real advantages of using the one computer to become a server, and anything that windows server 2003 can do windows xp can do too. Just that there is extra services that it needs to run as a server. So if you main concern is logins you can do the same with Win XP, if your looking at an extra computer with Win2003 then you could setup accounts on there an limit hd profile roaming and profile storage on the server and not really use up winXP space.

But the thing is that you will still have the same problems with spyware etc unless you install some decent software to compabt these, Virus Protector Nod32, Nortons and Anti Spyware such as Spybot and MS AntiSpyware (use both of these).

Other than that your really looking at the wrong approach.

Cheers!

lcapurso,
> I could give them a limited account, however that really only controls
> the things I’m not worried about.  

A limited account SHOULD prevent them from installing applications and reduce the risk from spyware/adware/viruses.

> These types of issues are exactly
> why I opted for a server installation at my office.  Being that I do
> not know what I’m doing, which server edition would be best for this
> type of home use?  

Windows Server 2003.  Or Windows 2000 Server if you can get it.  But see my first comment.

> Can it be installed in a WinXPpro desktop currently
> used at home?  

No, only server can do the sort of management tasks your asking about.

> Can it be installed as an upgrade?  

No, you can't - Server cannot upgrade a workstation OS.

> Being that my husband
> uses this computer; will regular programs continue to run the same (MS
> Office)?  

Yes, I haven't encountered many, if any programs that won't run on Server.

I would suggest some alternate methods of managing your kids usage.  For example, you could:

1.  Lock out Internet Explorer and force them to use Netscape/Firefox/Mozilla
2.  Make them use Linux - Knoppix or some other Live Linux distribution.  Such things boot of a CD and are not subject to the viruses/spyware/adware so prevalent in the Windows systems.  In addition, since they boot off the CD, restart the computer and you're right back where you want to be.
3.  Buy a few copies of GoBack (not the bundled version, but the full product).  you can use this software to "revert" the system back to a known good configuration.  (I find it more useful and reliable than Windows "System Restore" which seems to fail me half the time.

A limited account would also prevent them from installing items that they actually want to install.  Perhaps a limited account is best for my 13yr. old, however my oldest son will be 20 in Nov. and the other barely 17.  I don't want them to believe I'm treating them like infants, someone untrusted, or as potiential online M.J. victims.  I'm trying to prevent what they do not realize they're doing.  Much was the case at the office with my employees.

Then don't treat yourself differently.

Everyone is so used to running with the power of GOD on the computer - so that they can do anything they want whenever they want.  The problem is, Windows is FULL of security flaws and unless your a knowledgeable tech few people know what to allow and what not to allow and fewer people understand just how vulnerable they make their systems running as someone with admin rights.

In Unix and Linux, NO ONE has admin rights.  There is an admin account (root) and people can invoke it when they need to use it, but NO ONE runs as the admin.

So, what I would suggest is setup your home computer so that there's a passworded "admin" account.  Then setup individual accounts, ALL LIMITED, for everyone including yourself.  Then only use it to install programs YOU want to allow to be installed.

Who bought the computer?  If you reinstall it as often as you say, everyone should be able to understand why your doing this.  And if they don't like it, they can go buy their own computer.  Ebay - $150 - or less will get a workable system and then THEY can reinstall it every time it gets screwed up instead of wasting your time.

Why is that?  I've almost put a computer under my tires for that.  Why do they even have that option?  Mine fails most of the time.  I usually grab a beer and lock up the office when that happens.  I'm not as knowledgeable as you guys.  I can usually figure out a work around, but it will always make for a long night.  

I've heard of firefox, what makes that different from Internet Explorer.  How do you lock out Internet Explorer?  Interesting you should suggest Linux.  My oldest son is already expermenting with Linux at school.  I don't imagine it's a user-friendly OS.  

All you need to do is create user accounts that they can log into on the winXP and don't give them full administration access, thus limiting what they can and can't install. Also gives you the knowledge that if they need to install something that you can supervise what is going on.

After all whos computer is it, yours or theirs...

leew you are too funny.  How many teenager do you have?  Me, I figure I can repair the computer faster, and they will not have an excuse to get that term paper done, or chemisty project, whatever the case may be.  The sooner they get out of school, the sooner they can get out of the house!  If they don't get their work done, I usually end up with bigger problems.  One computer is a $300.00 e-machine, and the other 2 are old office IBMs that I paid a fortune for many years ago- Aptivas.  

Oh the aptiva's, I shiver at the thought of those machines now.

cyberdevil67

This may be my best option, what type of limited account are you suggesting?  Yes the computer is mine, however when you're 5'1 and 118lbs, the kids literally carry me around.  Of course they don't do that when I'm angry, however I tend to not be as intimidating as I used to be!  Don't ask about dad.  It's very hard having multiple adult men in the house, especially when 2 of the 3 are not working.  

Good night.  I'll review in the morning.  I have to wake up in 3 1/2 hours.

Thanks I've alot to consider.  

Linux is TREMENDOUSLY user friendly.  I have this theory - Mac OS is considered the easiest because there's only one or two ways of doing things - whatever it is you want to do.  You ask someone for help and you consistantly get the same answer.  Windows is fairly easy, but has several ways of doing something.  You ask 10 different people, you'll get 3 different answers overall.  It can be confusing as you start to remember parts of each persons answer and that just gets you into trouble.  With Linux, you 10,000 ways of doing the same thing.  and SEVERAL different Windowing environments.  You ask 100 people how to do something, you'll get 100 different answers.  Now your REALLY confused.  But, it's free, there are MANY programs available, most of which are free.  And it's not nearly so vulnerable to all the viruses, spam, adware, etc that are out there.  Download a copy of Knoppix and try it out - you don't have to install anything, just burn the CD and make sure your computer boots off the CD drive first.  One thing I love is the astronomy program it has - never seen anything (especially free) for Windows that compares.

Why is that what?

Well by adding the account and not making them administrator for starters, and by setting the policies of the account would mean that your limiting what they can and can't do, also means that they can't uninstall without your permission.

This is what we do with workstations here, you have no idea the amount of software illegal that wil get installed on a computer if the user was allowed too:-)

You still can't really control spyware or virus, but with the options I gave you with these then you can at least try and controll them.

lcapurso,
> leew you are too funny.  How many teenager do you have?  Me, I figure
> I can repair the computer faster, and they will not have an excuse to
> get that term paper done, or chemisty project, whatever the case may
> be.  The sooner they get out of school, the sooner they can get out of
> the house!  If they don't get their work done, I usually end up with
> bigger problems.  One computer is a $300.00 e-machine, and the other
> 2 are old office IBMs that I paid a fortune for many years ago- Aptivas.  

I have none, but as a consultant, I've seen many households with this problem.  Those that have taken my advice don't generally call me back.  Those that don't I make a lot of money off of.  How much is your time worth?

I'm sure you already know the answer to that.......Mom.  That's they way it will stay, as long as they continue bringing home 4.0 averages.  I never brought home that type of average.  If you have teenagers maining that type of average, they ARE learning responsibility.  I know you're implying their spoiled, they are.  But I may be they only person in their lives that will ever do that for them.  I'm mom, that my election.

Good night, for real this time!

Well, I gotta say that Microsoft's Small Business server is PERFECT for home use... one server with 5 CAL's usually works out great.  I've installed 3 such networks lately... for families and one for a couple that wanted to digitize their media (including a 5,000 CD collection).

Check these discussions out:  http://msmvps.com/bradley/archive/2004/10/16/15982.aspx

and one that we were musing a Small Home Server where  I posted my setup:  http://msmvps.com/bradley/archive/2005/02/05/35058.aspx

Jeff @
TechSoEasy

Ok, I'll give my 2 cents here.  

With XP you can lock down the systems as much as you want to limit their access and what they can do.  If you have the time and inclination with limited budget do it this way.  If the machines are shared among everyone then that means each machine will have to be setup with each profile.  That gets to be alot in the way of administration.

My coworker has teens and has done exactly what you are suggesting.  My opinion, Small Business Server is way overkill for what you want.  Just get Windows Server 2003 Standard.  It comes with the 5 Client Access Licenses and will do exactly what you need it to do.  As someone else said, the Workstations will have to be XP Professional or 2000 Professional.

The machine does not need to be a dedicated, high dollar box, just a reasonable processor, some good drive space and the more RAM the better.  If you have 512mb to 1gb you will be just fine.

Programs......  Well most everything will run on 2003 now.  Office will run just fine.  You will find issues if you try to run your high end game on it though.

Lets look at the positives now....  One set of administration.  No matter what they log on to, they have the same permissions and access.  You can set it as loose or tight as you want depending on machine or user.

Lets go further....  What about using the group policy to redirect their My Documents to the "server".  That way no matter what machine they are one, they can get their documents just as if they were on their regular machine.  You could do all your data backups off of this machine.  A simple way is to use a little program from www.centered.com called Second Copy 2000.  If you have a CD or DVD burner, put in a rewritable disk and have Second Copy backup all those My Documents or data directories to CD or DVD at night.  No muss, no fuss and it just gets done!

This will also give you some experience in management of the 2003 server which will give you more knowledge to do the same at work.  This translates into a better, more secure system at work and fewer dollars spent on consultants coming in to do simple things or troubleshoot.

Server also gives you the ability to VPN back into your system should you need it.  What if you are on vacation or one of them is away at a seminar, etc.?  It is easy to VPN into the box, get documents, etc., that might be needed.

I say, go for it.  The administrative burden alone to me would be worth it.

Do you realize that Windows Server STANDARD is MORE EXPENSIVE THAN SBS?

Thank you samccarthy!  You're absolutely right (in my opinion).  

The bottom line is I do not have the kind of time to go back and forth assisting my teens with things an xp limited account won’t allow them to do.  That would eventually equal the amount of time I’m currently wasting.  If I understand correctly, I can customize the permission levels with windows server 2003 to that necessary of a 19 & 17 year old vs an 8 yr old.  I can “safe keep” documents, and the biggest benefit, (as you pointed out) is that I now have safe environment to experiment with a server.  At work I tend to shy away from experimenting as I’m so concerned I’m going to really going screw something up and halt our operation.   It’s not a big strain on the budget to purchase a dedicated server, and the value on time is priceless.  

Are you guys comfortable with that sentiment?

Well of course not.  Is Small Business Server is overkill vs Windows Server 2003 Standard, why is that?

If you're mostly worried about internet access, then why not just use something like http://www.childsafe.com

Jeff

SamCarthy,

I did actually mention that, seems that I wasn't right:-(

SBS is a version of Windows 2003 Server that is bundled with Exchange, SQL Server, etc.  It is a great product for a small business, but in that, it is limited in some areas and not very expandible.  Server 2003 Standard is the full server product that does not have Exchange, SQL, etc packaged with it.

SBS needs to be installed as a Domain Controller.  Not buts or if's.....  You cannot add another DC to the domain it runs and it is limited to 75 licenses.  This in itself, IMHO is a reason not to buy for a business.  If the DC goes down, your domain is down.  

OK, back to you......  Here is what I would do.  If you just want to control the kids and you want the absolute cheapest product, then get SBS.  If you want what will benefit you more in the long run and as your business grows, then get Standard Server 2003.

For an even better learning experience,
You can get Microsoft Virutual PC or VMWare Workstation, (My Preference is VMWare).  This will let you load up numerous virtual Servers and Workstations, use and abuse them, try out your settings and when you are happy, implement them on your home or work networks.  You can download the evaluation versions of the OS's, so you don't have to worry about buying them for use in the virtual machines.  You can do that too for Exhcange or SQL if you want to experiment and learn them later.

Soooooo, I would use Server 2003 Standard and then VMWare Workstation for training and experimentation.  You don't need to buy a server machine.  A nice workstation or desktop with some extra memory will do fine for you.  If you can put a RAID 1 on it for disk drives, even better, but like I said, a nice workstation with a CD or DVD burner for backups will do just fine.  Keep it simple, determine how much access you want them to have, set it up and enjoy the extra time you are not rebuilding one of the machines.!!

SamCarthy, if you weren't right I wouldn't know!  At any rate, you've revealed some very interesting points.

I've pretty much decided on a server. I understand that some of you might not agree.  

The Linux idea doesn’t appeal to me for a couple of reasons.  First, I do not want to take the time to learn something I would never use in any other environment outside my home.  Second.  My husband and I have run our business for many years now based on the philosophy quality and service come at a price.  Why would I not follow that philosophy now by using a free OS?  I understand that my perception may not be accurate with Linux, free may actually be ok.  Yet to me, perception is reality.  

I can afford AMOST all that is luxury to me.  Not Donald Triumph, me.  We’ve a relatively small corporation (about 45 employees total), however to leew’s point, the one luxury I value most is time.  I can’t afford it.  I’m not the smartest person, but am quick to learn.  So my question now is, which OS is going to be the most practical for what I'm looking to do?  Considering what’s been collectively stated, it would seem I could benefit from a server in more ways than initially thought.

LCapurso

SamCarthy it would appear we were typing at the same time.

I wish I'd had that info about 5 months ago.  SBS is currently in my office.  I'm going to do a little bit of reasearch prior to closing out my question.  That will also allow time for any additional comments.  Thanks.

lcapurso

SamCarthy... while this may not be the forum to discuss this because ANY server environment may be overkill for her situation, I do need to correct your comment about SBS.  Yes it needs to be the PRIMARY DC, but it doesn't have to be the ONLY DC.  You can add AS MANY additional BDC's as you want!!!!

It is intended to be marketed to the approx 18,000,000 businesses that DON'T have a server at all... and probably never would get a server if it wasn't so affordable and well designed.  

Most small businesses of under 20 employees will NEVER grow beyond 50 employees... that's just the fact of it.  SO... expanding beyond the limits of SBS's CAL restriction are not really a problem... BUT if their computing needs grow to need additional servers... you can add as many additional servers as you want...

There are many misconceptions about SBS, and I don't want any further ones propagated in a place that's supposed to be a source of expert information.

For further info check out:  http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/generalfaq.mspx

Jeff @
TechSoEasy

Jeff,

I'm a bit uneasy.  I do not want any misconceptions.  I’m neither too young nor old to be as naïve or gullible as your impression of me may be.   Although I do appreciate your passion and you looking out for my interests in this forum.  

I don’t think there’s any question about whether or not a server is overkill, it is.  At least it is to my knowledge now.  Regardless, it would still provide benefit to me.  While exploring the server I might discover features and resources that I really did need the server for.  It would certainly be a resource for future needs.  Please do not feel anyone here or any other forum is capable of leading me in any direction I won’t further research, or generally already want to go.

That being said, in pursuing a server os, I'd rather not spend more than necessary.  I do have a question concerning the link you posted.  While reviewing, I encountered this reference.  Can you elaborate?

Q. Can I use more than one Windows Small Business Server 2003 server in the same company?
 
A. There can be only one Windows Small Business Server 2003 server in a domain. Each Windows Small Business Server 2003 server is typically connected to the Internet either directly, or via a firewall. Windows Small Business Server 2003 does not support trusts between domains; therefore, user names and resources could not be shared between those Windows Small Business Server 2003 servers. Further, Windows Small Business Server 2003 installs at the root of the Active Directory forest, and it cannot be demoted, or have the flexible single-master operation (FSMO) roles removed.
 

I have to pick up my 13 year old. I'll return in about 45min.

Did everyone go out for the night?  I was certain I'd get a response on that one.  

Jeff, (anyone) is what you suggested previously contradicting what Microsoft is referencing in my previous comment.  Or is there indeed hierarchy allowing me to add another dc running sbs, or any other operating system to the domain?

In answer to you question

Q. Can I use more than one Windows Small Business Server 2003 server in the same company?

yes you should be able too

Can you elaborate why Microsoft details the following:

Q. Can I use more than one Windows Small Business Server 2003 server in the same company?
 
A. There can be only one Windows Small Business Server 2003 server in a domain. Each Windows Small Business Server 2003 server is typically connected to the Internet either directly, or via a firewall. Windows Small Business Server 2003 does not support trusts between domains; therefore, user names and resources could not be shared between those Windows Small Business Server 2003 servers. Further, Windows Small Business Server 2003 installs at the root of the Active Directory forest, and it cannot be demoted, or have the flexible single-master operation (FSMO) roles removed.

Is this reference about 2 small business servers with different domain names?

If you read this right, you can only have one SBS in a domain, but a company can have multiple domains, so yes you cane potentially have more than one in a company.

but thats splitting hairs I know, as most small compnaies wouldn't have more than one domain.

Ok, let me ask this:

Can a client computer somhow be a member of both an sbs and windows standard domain?  

Yes and no, A computer can be a member of a domain only when they sign into that domain, but only when the login. So at login stage you can select the domain to login into, which means you become a meber of that domain during that login session.

Thanks.  I certainly have some things to consider.  

Didn't know you were going to open up all that with 1 little question huh??? ;)

No I didn't.  That's okay though.  In my line of work that's pretty typical.  It's not anything I'm not used to.  

Thanks and Good Luck.   Check out VMWare's workstation.  It is a great learning tool.  I have one XP machine that I run 4 virtual Servers and 2 virtual workstations on to play with group policy and check configurations.

Although you've already closed the question... a couple of thoughts...

1.  You are wise indeed to consider the various options you have and I didn't doubt that from the get-go.
2.  You should really only consider adding a server to your home environment if and only if you are interested in learning more about how servers work... there will be much to learn and while many of us find it interesting, you may not prioritize it as such and it could do more harm then good.
3.  Client machines on a domain MUST BE XP PROFESSIONAL not HOME.  So if they are already HOME you gotta upgrade.
4.  Consider learning just about GROUP POLICY which can be applied locally to each of your kid's machines -- as the local administrator.  This will provide EXACTLY the same controls as you would find in a domain, but must be administered on each individual machine.  
5.  Instead of VMWare, since you have stated you don't really want to learn additional systems... try Microsoft's VirtualPC -- a free trial is downloadable here:  http://www.microsoft.com/downloads/details.aspx?FamilyID=360cafd6-5098-4c64-9ca7-a30f225859f6&DisplayLang=en
6.  Your question about being a member of two domains... no, but you can have permissions on another... AS LONG AS you have a different IP subnet... for instance, if your IP subnet on your home machine is 192.168.1.x and the other network you want to connect to uses 192.168.1.x you will have problems.  If your home IP range is 10.10.10.x and the remote is 192.168.1.x then all is good.

Good luck!

Jeff

Thanks Jeff.  Over the past 24 hours I'd already researched Microsoft’s Virtual Pc for exactly that reason.  That's the program I intend to go with.  The IP range and subnet are different.  

At home I work with a desktop that belongs to my husband, 3 laptops which are my old one, new one, and one that I use for power point presentations at workshops while training customers.  My workshop laptop rarely sees the internet.  I also have 3 other desktops which are my old office desktops and now belong to the kids.   Those run 2000 pro.  I plan on upgrading those to xp pro as that’s what I’m a little more familiar with.

Jeff I’m one who has to have hands on knowledge.  I’ve hired an outside party to set up my server but have worked with him every step of the way, at least with what he’s currently done.   I’ve actually worked with it more alone that with him.  I don’t believe I’m one of his favorite customers.  I think he’d prefer me either take one of his certification classes or simply allow him to bill me for being completely dependant on him.  I’m sure many of the guys (or gals) in this forum could relate to his strategy.  

To be honest, I wouldn’t mind paying him to do everything for me and not take up my time.  That is after I know what he’s doing.  There’s not a job in my office I don’t know how to do, from pulling orders out of the cooler, to driving the delivery trucks to back doors.  Fortunately my husband and I can afford a staff to take care of those things.   However, should I be in a pinch, like I am time and time again, as I said before, there’s not a job I can’t do.  I can assist my employees and company however need be.

What separates me from my husband, is that I take the same approach with almost every other aspect in the company.  I can change my own wall outlets, light fixtures, change the car’s oil, hot wire delivery trucks, pick a lock, and damn it I will find a way to make my computer system run day in and day out.  I do not want to have to depend on some tech guy who may be working banking hours when my system is down at 3 o’clock in the morning.  If having a server at home helps me not panic if the IT guy isn’t around, that in itself is worth it to me.  I back up my documents as well as my husband’s documents daily.  As long as I have my program disks, what harm can I really do?  If I take on this type of project, it will become a priority.  I’m so sick of being intimidated by my office server and the F…ing IT guy who doesn’t return my calls or emails ½ the damn time.  Oh and lets not forget my kids who keep asking me to reformat their computers!


I truly appreciate the help of all you gentleman who’ve participated in this not so simple question.

Thanks.  

l...
you go!

I got into IT Consulting after owning my own businesses for the past 20 years (restaurant, small resort, travel agency, water utility, and a few others).  I approached my businesses exactly the same way... but when Microsoft launched Small Business Server 2003, I realized that what I had been trying to accomplish with technology in my businesses was finally possible.  (a longer version of this thought is in the middle of this post:  http:Q_21384400.html).

It does sound like you would benefit from doing this at home... I might suggest that you key into a couple of sbs groups, the links for which are all at http://www.sbslinks.com 

Good luck!

Jeff @
TechSoEasy