Mapped Drives or UNC Paths, Domain or Workgroup? - best practice for Windows 7?

Should I stop operating in a Windows workgroup and start using my domain controller?
Should I stop using mapped drives and switch to UNC paths?

My small biz network has been very simple since Win 95 days. All workstations run as administrator. Everyone has read/write access to every file & folder on 3 or 4 mapped drives.  We're all on one workgroup. I've used batch scripts to map the drives after each reboot. Up through Win XP, this worked well for our 70 employees and 35 workstations for years. (Yes, some people are sharing PCs, such as cash registers and reference workstations).

As I start to poke around with my first couple of Windows 7 PCs, I'm finding that some apps don't like mapped drive letters. They want UNC paths. An MS Support person, for one of my MS apps, suggested that "mapped drives aren't recommended any longer...."- which made me scratch my head.

It looks as though I can use UNC without adopting a domain. Is that true? Do I just change my NET USE syntax in the scripts?

Should I use a domain? I have a Windows Server 2003 (maybe R2?) that has been configured as a domain controller. Its main job is an instance of SQL Server for MS Dynamics SL accounting. It just has the 5 CALs. 40 or so workstations have been able to map S: to a shared folder on that server. All PCs are doing NET USE S: \\SLSERVER\MyFolder\ , logging in as ADMINISTRATOR. [I've suspected that only 5 PCs are actually using that folder at any given time, but I'm not sure. It just works.] Using the Domain Controller and the Active Directory, can I define another user (regularGuy), and use that login from multiple workstations? Or, will I need a bunch of CALs? Does the domain controller decision interact with the mapped vs. UNC decision?

We have a minor, minor business need to limit access to some folders. In the past, the need for simplicity and uniformity has trumped the need for user-level access control. Now, it looks like the whole world is using domain controllers and UNC paths. It looks like simple workgroup networking might be squeezed out of future editions of Windows. Should I bite the bullet and make the transition to a domain?

I also have a Samba server for the workgroup. If I adopt the domain controller for use with the Windows Server shared folder, can I still use the workgroup and mapped drive letters to the Samba folder?

Thanks for reading.
Who is Participating?
With the number of systems in your LAN, you are better off with a DC which will provide you a way to centrally manage your users. (with a single DC, you should make sure you have a good Disaster Recovery plan.  This consists of making sure you backup the system state on the server AD DC.) Make sure to readup on how to restore the AD after reinstalling OS or setting up a replacement server.

Since you mentioned the SAMBA server later on, in your question, and since I tried to answer one thing at a time, an alternative to have a DC, is to have samba+ldap PDC setup. You would still have to deal with the licesing to the SQL server, but I am uncertain whether the same licensing requirement will exist to the server and the only place to find this out is from ......................

As far as licensing is concerned, you would have to determine whether you want to use the per device or per user license model.

I think there is an EE article detailing the MS licensing model/consideration but not sure where it is here are some questions/answers that may help you decide:

Now back to your situation, running anything as an administrator is just asking for trouble. One should control the environment such that userA has access to only what userA needs to do perform their duties.The reason you are running it this way because of the administrative issues where you would need to setup 70 employee accounts on 35 computers. unless you want to split the employees into pairs and designating which computer they can use.

A UNC works as long as all the workstations/systems are in the same Workgroup
JohnBusiness Consultant (Owner)Commented:
I use the structure NET USE S: \\SLSERVER\MyFolder\  to map from my Windows 7 Pro laptop to any other machine. I have multiple clients so a domain does not work for me. I don't have any difficulty with applications working like this. I do authenticate properly and give the password.

That said, there is nothing wrong with a domain. I am just saying you don't have to if you don't wish to.

... Thinkpads_User
I'll add one little info:
To use UNC path you have to create shortcut pointing to, i.e. \\SERVER\SHARE

I'd go with Arnold: giving administrator rights to the users is asking for trouble. Centralized management will make your life easier: automating and managing configuration with GPO, centralized antivirus software, etc.
The real problem may be user CALs: if you don't want to buy more you'd have to stick with shared accounts - and that's not a good idea...

UNC vs mapped drives.
My users are still operating on the drive letters so I'm stuck with it (well, most of them can't even see the difference between slash and backslash ;) ).

Check this KB:
"Mapped drives vs. UNC" paragraph. This may be the greatest obstacle.
oakie22Author Commented:
I don't think I stated the question very well. It's probably hard for folks to imagine a business where people do not sit at desks, but walk around a 20,000 square feet space, using whatever computer is nearest. It's probably hard to imagine that I really don't need to secure certain files & folders And yet, that has worked for us for years and years. Thanks for your responses.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.