Why Join a Domain

Posted on 2006-05-15
Last Modified: 2010-03-18
Dear Experts,
  My boss for some reason insist on not joining the domain.  He connects via vpn, disconnects then works like normal.  I'm assuming that he connects to grab a key then when he disconnects he still has the key for authentication and since he is still sitting on the network he moves freely about the LAN.  Since he does all the administration/management/updates on his computer himself then what reason would there be for him to Join the domain?  I would like the answer to have some sort of reference to receive an A in grading.

Question by:thcit
    LVL 5

    Assisted Solution

    Security, security, security and centralized management (if you are an admin).

    This article is as a good a place to start as any.
    LVL 3

    Author Comment

    Mad Jasper...thank you for the article.  It is a good reference that I'll definitely note.  Although nothing in the article truly said why the joining of a domain is needed outside allevation of administration and management for a Domain Admin.  I guess my question in response to your answer should be "Why join a domain from a users point of view?" since in the article it states "In fact if your workgroup account has the same name and password as a domain account then you can access resources in the domain without having to manually supply credentials!) ".  You said that security was the big reason, would you explain a bit further why you said that.
    LVL 48

    Accepted Solution

    Hi thcit,

    from a users point of view, there is often many reasons NOT to join a domain! i know the majority of mine are constantly winging about the restrictions that are enforced.

    The important thing is to sell some of the benefits to them, take for example, if you implement a simple solution such as folder redirection you can sell the point that there data is stored centrally and backed up every night

    internet restrictions will help protect their machines, which is another point

    on a whole, joining a domain as mentioned above, is much more an admins benefit rather than the user as the centralied management capabilities are awesome
    LVL 5

    Expert Comment

    To be honest, I never put much thought from the user standpoint. I have always been in a situation where I had a general direction from managment and the IT department was to put in place a policy and enforce it.

    For instance, the reason that teachers and students join our academic domain and login ito it is because I say so. I am the expert and I have full support of the administration. I know that sounds arrogant, but in simple terms it is the reason. And not only do I have the right to dictate policy, I have the responsibility to ensure that teachers and staff have access to the files they need, when they need them, no matter if they delete all of the files and folders in their redirected "My Documents" folder.

    From the security standpoint, your boss only poses a threat to the network if he has data on his computer that may provide network passwords, confidential files, etc. The fact that they are on his local machine without any centralized security means that he is soley responsibile for the administration of his machine - and any loss of data as far as I am concerned.

    Jay_Jay70 does make some good points as far as convience to the user. When a user is a member of a domain, he can benefit from Group Policy implemetation, redirected folders, centralized backup. There are also antivirus and spyware protection products that work much better when a user/computer is a member of a domain instead of a workgroup (Symantec Corporate Antivirus and Etrust PestPatrol are two products that come to mind).

    If he was a typical user, I would not grant him access to anything within the domain and he would be soley responsible to adminstration, troubleshooting, and repair of his machine. Since he is your boss, I don't hink there is much you can do if his mind is made up - especially if is an old school network admin.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now