[Last Call] Learn how to a build a cloud-first strategyRegister Now


Why Join a Domain

Posted on 2006-05-15
Medium Priority
Last Modified: 2010-03-18
Dear Experts,
  My boss for some reason insist on not joining the domain.  He connects via vpn, disconnects then works like normal.  I'm assuming that he connects to grab a key then when he disconnects he still has the key for authentication and since he is still sitting on the network he moves freely about the LAN.  Since he does all the administration/management/updates on his computer himself then what reason would there be for him to Join the domain?  I would like the answer to have some sort of reference to receive an A in grading.

Question by:thcit
  • 2

Assisted Solution

Mad_Jasper earned 750 total points
ID: 16683794
Security, security, security and centralized management (if you are an admin).

This article is as a good a place to start as any.


Author Comment

ID: 16684292
Mad Jasper...thank you for the article.  It is a good reference that I'll definitely note.  Although nothing in the article truly said why the joining of a domain is needed outside allevation of administration and management for a Domain Admin.  I guess my question in response to your answer should be "Why join a domain from a users point of view?" since in the article it states "In fact if your workgroup account has the same name and password as a domain account then you can access resources in the domain without having to manually supply credentials!) ".  You said that security was the big reason, would you explain a bit further why you said that.
LVL 48

Accepted Solution

Jay_Jay70 earned 750 total points
ID: 16686249
Hi thcit,

from a users point of view, there is often many reasons NOT to join a domain! i know the majority of mine are constantly winging about the restrictions that are enforced.

The important thing is to sell some of the benefits to them, take for example, if you implement a simple solution such as folder redirection you can sell the point that there data is stored centrally and backed up every night

internet restrictions will help protect their machines, which is another point

on a whole, joining a domain as mentioned above, is much more an admins benefit rather than the user as the centralied management capabilities are awesome

Expert Comment

ID: 16686881
To be honest, I never put much thought from the user standpoint. I have always been in a situation where I had a general direction from managment and the IT department was to put in place a policy and enforce it.

For instance, the reason that teachers and students join our academic domain and login ito it is because I say so. I am the expert and I have full support of the administration. I know that sounds arrogant, but in simple terms it is the reason. And not only do I have the right to dictate policy, I have the responsibility to ensure that teachers and staff have access to the files they need, when they need them, no matter if they delete all of the files and folders in their redirected "My Documents" folder.

From the security standpoint, your boss only poses a threat to the network if he has data on his computer that may provide network passwords, confidential files, etc. The fact that they are on his local machine without any centralized security means that he is soley responsibile for the administration of his machine - and any loss of data as far as I am concerned.

Jay_Jay70 does make some good points as far as convience to the user. When a user is a member of a domain, he can benefit from Group Policy implemetation, redirected folders, centralized backup. There are also antivirus and spyware protection products that work much better when a user/computer is a member of a domain instead of a workgroup (Symantec Corporate Antivirus and Etrust PestPatrol are two products that come to mind).

If he was a typical user, I would not grant him access to anything within the domain and he would be soley responsible to adminstration, troubleshooting, and repair of his machine. Since he is your boss, I don't hink there is much you can do if his mind is made up - especially if is an old school network admin.


Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Resolve DNS query failed errors for Exchange
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

826 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question