Hey everyone! I'm 19 years old and recently became the sole IT guy for a manufacturing company that mainly operates as a woodshop. About 10 months ago, I was thrown into this role with full authority over tech-related matters, but little guidance. I've mostly been troubleshooting and putting out fires. Now it feels like the right time to overhaul our tech infrastructure since it's currently quite chaotic.
Here's the situation I inherited:
- Our network is organized under a single, flat subnet.
- The Wi-Fi security is set to WPA2 Personal.
- None of the Ethernet runs around the shop are labeled.
- We use Google Workspace for email and productivity.
- Our so-called "file server" is just a Windows 11 Pro desktop accessed by everyone using a shared login.
- I have a few MSSQL Express instances running on different machines for specific applications.
I recently got NinjaOne RMM installed on my endpoints, which has been a lifesaver. A vendor told me I need to set up a machine running a Windows Server OS for a new monitoring application, and since I have to do that, I want to take the opportunity to fix the infrastructure in general.
I'm feeling a bit overwhelmed trying to juggle this job with school, so here are my main questions:
1. Do I really need to set up a domain and Active Directory? Since we already use Google Workspace, can we just use Google as our Identity Provider for Windows logins? Setting up AD feels like overkill for our size if I can avoid it.
2. How do I go about getting a Windows Server license? I've never handled enterprise Microsoft licensing before.
3. Any general advice? What should I prioritize as I start to untangle this situation?
I would be grateful for any insights, resources, or motivation you can share!
5 Answers
General advice: Backups, backups, backups! That’s essential for all your servers, and make sure your MSSQL instances have adequate backups too. You should also figure out your networking basics; understanding subnets and gateways will come in handy. If your company can handle a subscription, consider looking into Microsoft’s Entra ID, as it helps with identity management without needing a full AD setup initially. Just take it slow—make a change, let it stabilize, and then move onto the next one.
Honestly, you seem to be on the right track already with NinjaOne. As for needing AD, while it can be useful for user management, if you handle under 40 users, you might stick to workgroup setups, at least until you grow more. Stick with Google for now, but just remember that if you plan to scale up, you'll want something more structured like AD. As for backup solutions, don’t skimp, these can save you from potential catastrophes!
Don't forget to document everything, from your networking setup to the applications currently running. Creating a map of your system will be super helpful! Invest in a good firewall too; pfSense can work well for small businesses. Gradually introduce VLANs for better security segmentation in your network, and look into transitioning your file sharing from that Windows 11 desktop to a proper server—best practice for any business. Remember, this is a marathon, not a sprint. You're doing great!
Yes! An organized map of your infrastructure will save you so much hassle. Good luck with everything!
First off, don’t stress too much! You’re definitely not alone in dealing with such a fragmented setup. Definitely consider moving to a proper Windows Server environment with AD, especially since you're managing around 30 workstations. It’ll make user account management much easier. You can get authentic licenses through places like CDW, and they can help guide you on what kind you need based on your user count. Starting with a basic server setup to migrate your file services and SQL databases is crucial. Just remember to implement security measures along the way—having a solid backup plan is key!
You’re right on about separating roles. A single server handling everything can create vulnerabilities. Segment them to improve security.
It's fantastic to see a 19-year-old handling such responsibilities; you have my respect! As for your question about needing Active Directory, it really depends on your user count. If you have around 30 office workers, a domain controller could simplify user management significantly. However, since you're using Google Workspace, you might be able to integrate it with Microsoft Entra for identity management.
For licenses, you'll want to contact a third-party reseller like CDW or SHI. They will help secure the appropriate Windows Server license for your needs. Regarding your network, I suggest labeling all the Ethernet runs as a top priority. Document everything you do for future reference.
Take it step-by-step; don’t rush into it all at once!
I like the idea of using Entra with Google Workspace; it could streamline a lot of processes! Just remember to keep everything backed up and documented.
Glad to hear you've got backups set up already! That's a great start. Just ensure your scripts are efficient and tested regularly.