I'm working at a company with around 50-60 users, and I've noticed that the previous IT staff has completely ignored implementing Windows Active Directory, thinking it's unnecessary. I genuinely want to take charge and set it up, but I have zero experience with it. What should I be considering as I embark on this? I understand that I need at least one server with the Active Directory feature and I'll have to configure DNS. What else should I keep in mind during this process?
7 Answers
Make sure all your PCs are running Windows Pro or Enterprise; that's crucial for Active Directory functionality.
Great tips have already been shared! Just a few thoughts: What’s the company’s budget for this? And are you the only one handling IT, or is there someone else or even a third party involved? Building a new AD environment is fairly straightforward. However, getting people to adapt to the changes—like moving files and adjusting security protocols—can be much trickier. Don't hesitate to come back for more advice as you progress through this.
Like others said, use Entra. It’s much less complicated, and it’ll look better on your resume than traditional Active Directory. Before you dive in, make sure you get budget approval from your manager too!
If you decide to go ahead with Active Directory, remember to think about the naming convention. Using `company.local` or `ad.company.com` is standard, but be aware that `.local` is becoming outdated. A more modern approach would be something like `domain.com` for clarity and future compatibility.
If you don't see a real need for an on-prem setup, just stick with cloud solutions like Entra ID and Intune; it could simplify things a lot for you!
You might want to look into getting some help from a third party since it seems like there's a lot of groundwork that needs to be laid down for your organization. Also, if you're using Microsoft 365, consider going directly with Entra ID instead of setting up Active Directory. It could save you a lot of headaches!
I’ve been considering that too. We already have Microsoft 365 licenses, which includes Exchange and Microsoft Business Standard. But do I need a specific license for Entra ID, like the P2 version? I thought a local server might be a simpler option.
Here's what I recommend: 1. Ensure redundancy; set up a second domain controller so that if one fails, you won't lose your entire structure. 2. Install Windows Server and set up the Active Directory role; it’ll guide you through configuring DNS. 3. Familiarize yourself with Group Policies (GPOs) for managing resources. 4. You’ll need a file server and probably some sort of email solution. Also, remember to set up DHCP to manage IP addresses and ensure you have a solid backup strategy. Never skimp on backup! Lastly, consider setting up proper firewall protections as well.
That's a good point! I think I’ll stick to the newer format—it makes sense to keep it intuitive.