Mapped Drives or UNC Paths, Domain or Workgroup? - best practice for Windows 7?

Posted on 2011-05-04
Last Modified: 2012-05-11
Should I stop operating in a Windows workgroup and start using my domain controller?
Should I stop using mapped drives and switch to UNC paths?

My small biz network has been very simple since Win 95 days. All workstations run as administrator. Everyone has read/write access to every file & folder on 3 or 4 mapped drives.  We're all on one workgroup. I've used batch scripts to map the drives after each reboot. Up through Win XP, this worked well for our 70 employees and 35 workstations for years. (Yes, some people are sharing PCs, such as cash registers and reference workstations).

As I start to poke around with my first couple of Windows 7 PCs, I'm finding that some apps don't like mapped drive letters. They want UNC paths. An MS Support person, for one of my MS apps, suggested that "mapped drives aren't recommended any longer...."- which made me scratch my head.

It looks as though I can use UNC without adopting a domain. Is that true? Do I just change my NET USE syntax in the scripts?

Should I use a domain? I have a Windows Server 2003 (maybe R2?) that has been configured as a domain controller. Its main job is an instance of SQL Server for MS Dynamics SL accounting. It just has the 5 CALs. 40 or so workstations have been able to map S: to a shared folder on that server. All PCs are doing NET USE S: \\SLSERVER\MyFolder\ , logging in as ADMINISTRATOR. [I've suspected that only 5 PCs are actually using that folder at any given time, but I'm not sure. It just works.] Using the Domain Controller and the Active Directory, can I define another user (regularGuy), and use that login from multiple workstations? Or, will I need a bunch of CALs? Does the domain controller decision interact with the mapped vs. UNC decision?

We have a minor, minor business need to limit access to some folders. In the past, the need for simplicity and uniformity has trumped the need for user-level access control. Now, it looks like the whole world is using domain controllers and UNC paths. It looks like simple workgroup networking might be squeezed out of future editions of Windows. Should I bite the bullet and make the transition to a domain?

I also have a Samba server for the workgroup. If I adopt the domain controller for use with the Windows Server shared folder, can I still use the workgroup and mapped drive letters to the Samba folder?

Thanks for reading.
Question by:oakie22
    LVL 89

    Assisted Solution

    by:John Hurst
    I use the structure NET USE S: \\SLSERVER\MyFolder\  to map from my Windows 7 Pro laptop to any other machine. I have multiple clients so a domain does not work for me. I don't have any difficulty with applications working like this. I do authenticate properly and give the password.

    That said, there is nothing wrong with a domain. I am just saying you don't have to if you don't wish to.

    ... Thinkpads_User
    LVL 76

    Accepted Solution

    With the number of systems in your LAN, you are better off with a DC which will provide you a way to centrally manage your users. (with a single DC, you should make sure you have a good Disaster Recovery plan.  This consists of making sure you backup the system state on the server AD DC.) Make sure to readup on how to restore the AD after reinstalling OS or setting up a replacement server.

    Since you mentioned the SAMBA server later on, in your question, and since I tried to answer one thing at a time, an alternative to have a DC, is to have samba+ldap PDC setup. You would still have to deal with the licesing to the SQL server, but I am uncertain whether the same licensing requirement will exist to the server and the only place to find this out is from ......................

    As far as licensing is concerned, you would have to determine whether you want to use the per device or per user license model.

    I think there is an EE article detailing the MS licensing model/consideration but not sure where it is here are some questions/answers that may help you decide:

    Now back to your situation, running anything as an administrator is just asking for trouble. One should control the environment such that userA has access to only what userA needs to do perform their duties.The reason you are running it this way because of the administrative issues where you would need to setup 70 employee accounts on 35 computers. unless you want to split the employees into pairs and designating which computer they can use.

    A UNC works as long as all the workstations/systems are in the same Workgroup
    LVL 11

    Assisted Solution

    I'll add one little info:
    To use UNC path you have to create shortcut pointing to, i.e. \\SERVER\SHARE

    I'd go with Arnold: giving administrator rights to the users is asking for trouble. Centralized management will make your life easier: automating and managing configuration with GPO, centralized antivirus software, etc.
    The real problem may be user CALs: if you don't want to buy more you'd have to stick with shared accounts - and that's not a good idea...

    UNC vs mapped drives.
    My users are still operating on the drive letters so I'm stuck with it (well, most of them can't even see the difference between slash and backslash ;) ).

    Check this KB:
    "Mapped drives vs. UNC" paragraph. This may be the greatest obstacle.

    Author Closing Comment

    I don't think I stated the question very well. It's probably hard for folks to imagine a business where people do not sit at desks, but walk around a 20,000 square feet space, using whatever computer is nearest. It's probably hard to imagine that I really don't need to secure certain files & folders And yet, that has worked for us for years and years. Thanks for your responses.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
    The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
    Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
    Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now