Pre-Planning new domain and environment
- 
 @gjacobse said in Pre-Planning new domain and environment: I respect the owners stance, but wont have that information until then... and from that stand point, not important right now. But - I have every intention to do right by Enterprise IT standards. If the owner is giving requirements like - files must be stored locally onsite ... These these two statements don't really mesh. 
- 
 @scottalanmiller said in Pre-Planning new domain and environment: @gjacobse said in Pre-Planning new domain and environment: But - I have every intention to do right by Enterprise IT standards. If this is the plan, then how do you intend to deal with the owner making IT decisions that might run counter to that. Exactly! Now, it likely will be that local storage for these CAD files will be necessary for performance issues, etc... but he shouldn't be mandating/requiring this. He shouldn't care where they are stored. But something like - personal need to have 15 second load time for 1 GB files because we are looking to reduce wait time of our staff, as that wait time for files to load costs us money... then we're setting the expectation without setting the how, because he shouldn't give a shit how it's done. 
- 
 @Dashrender said in Pre-Planning new domain and environment: @gjacobse said in Pre-Planning new domain and environment: I respect the owners stance, but wont have that information until then... and from that stand point, not important right now. But - I have every intention to do right by Enterprise IT standards. If the owner is giving requirements like - files must be stored locally onsite ... These these two statements don't really mesh. Exactly, that was my point. Your owner should be saying "We have X work to do, what's the best way to do it to meet our needs?" Instead he's saying "Ignore our needs, do it this way, because doing it this way is more important that doing what's best." It doesn't mean he doesn't have the right answer, it just means he is approaching it (and telling you) as a hobby, not as a business. A business primarily cares about what's best, and only considers other things when they don't negatively impact that. A hobby cares about something else more and only avoids it when it impacts finances too much. 
- 
 @Dashrender said in Pre-Planning new domain and environment: personal need to have 15 second load time for 1 GB files because we are looking to reduce wait time of our staff, as that wait time for files to load costs us money... then we're setting the expectation without setting the how, because he shouldn't give a shit how it's done. Even that should have dollars and cents on it, not a hard requirement. It's better, but it's still treating the what as a requirement, just not the how. But that's often almost as bad. What if you could do 16 seconds for 1/4 of the price, or 1 second for only 1% more? Hard requirements on the "how" are horrific, but on the "what" are still bad. End of the day, if IT isn't tasked with "use business infrastructure to maximize the company's profits", then it's tasked with something else. 
- 
 So back to the question  Do you need a windows domain if the business needs to set access rights to files/folders? With CAD files being large then on prem storage is going to be high up on the solution list, can it be managed without a domain easily? I've only never used Windows Domains so be interesting to see other solutions. 
- 
 @hobbit666 said in Pre-Planning new domain and environment: So back to the question  Do you need a windows domain if the business needs to set access rights to files/folders? With CAD files being large then on prem storage is going to be high up on the solution list, can it be managed without a domain easily? I've only never used Windows Domains so be interesting to see other solutions. Sure it can - And NAS can do that, well, at least any business class NAS. They have their own users that you can create. The main reason I see to have a domain is GPO/PC managment/user management. There are other ways of doing this - for example, M365 accounts. They all have a baseline Azure AD, Windows 10 can join Azure AD, and Intune could be used to deploy permissions. Of course it's pretty likely this will cost as much if not more than a Windows Server license and CALs, assuming you already have a server for another reason, but then I already mentioned above that you could setup a SAMBA domain for free too, just need some place to host it. OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? 
- 
 @hobbit666 said in Pre-Planning new domain and environment: Do you need a windows domain if the business needs to set access rights to files/folders? No, domains are not a requirement for any function. There's really nothing that needs a domain. File serving was a feature of Windows OSes nearly a decade before they even introduced domains. 
- 
 @hobbit666 said in Pre-Planning new domain and environment: I've only never used Windows Domains so be interesting to see other solutions. There's no "solution" needed, the domain gives no functionality to this equation. It's like saying you're only seen file sharing while eating cookies and wonder what other solution is out there. But you can simply... not have cookies and everything keeps working because the cookie that you are eating isn't providing any of the functionality, it's just something "happening at the same time." 
- 
 @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. 
- 
 @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. 
- 
 @Dashrender said in Pre-Planning new domain and environment: @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. It will work just fine. but it will never be a fast solution for large CAD or Video files. 
- 
 @JaredBusch said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. It will work just fine. but it will never be a fast solution for large CAD or Video files. I wasn't mentioning it for the CAD/large files portion - only for the user/PC management portion... I still fully expect them to have some type of on prem storage solution for large files. 
- 
 @JaredBusch said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. It will work just fine. but it will never be a fast solution for large CAD or Video files. It's be just fine. The domain services over VPN will be milliseconds of delay once in a while, with the NAS still local, all of the CAD performance will be just as fast. There's extremely tiny amounts of authentication traffic for large file transfers like that. 
- 
 @scottalanmiller said in Pre-Planning new domain and environment: @JaredBusch said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. It will work just fine. but it will never be a fast solution for large CAD or Video files. It's be just fine. The domain services over VPN will be milliseconds of delay once in a while, with the NAS still local, all of the CAD performance will be just as fast. There's extremely tiny amounts of authentication traffic for large file transfers like that. Misread his question. Yes. that will work like any remote office where the DC is in the head office over VPN. 
- 
 @scottalanmiller said in Pre-Planning new domain and environment: @JaredBusch said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: @scottalanmiller said in Pre-Planning new domain and environment: @Dashrender said in Pre-Planning new domain and environment: OK this post has turned into rambling... I wonder how well a SAMBA domain hosted on say Vultr, with ZT used to connect all clients with the domain, then local NAS/server for fast local storage of large files? Exactly the same as a Windows DC hosted there. That's not saying much - because I've never done that and have no idea how good or not it would work. It will work just fine. but it will never be a fast solution for large CAD or Video files. It's be just fine. The domain services over VPN will be milliseconds of delay once in a while, with the NAS still local, all of the CAD performance will be just as fast. There's extremely tiny amounts of authentication traffic for large file transfers like that. It's the whole ZT/DNS issues that I would mainly be concerned about. I know DC authentication over VPN works very well, I'm doing it now, have been for nearly 20 years. 
 But I don't have multi-homed servers, and when I tested ZT in the past, machines having two IPs (LAN and ZT) it caused issues.
- 
 @Dashrender said in Pre-Planning new domain and environment: It's the whole ZT/DNS @Dashrender said in Pre-Planning new domain and environment: and when I tested ZT in the past, It is just DNS. You have to have it on EVERYTHING if you go that route. Or, you make the ZT network the same subnet and not different. Just take your 10.0.0.0/24 and make it a 10.0.0.0/23 instead. 
 have the local DHCP server hand out 10.0.0.101-254
 have ZT DHCP hand out 10.0.1.101-254or use ZT Bridging 
 Lots of ways to skin the cat.



