Computing option with "no funds"
-
Isn't Windows free for non-profits? In which case, you get a Windows laptop for the same price as a Chromebook and then replace the basic Windows edition with Enterprise and join it to a domain and encrypt the disks.
-
Pro versions of Windows 8 (not just Enterprise - and it sounds like for all versions of 10 so far) will allow for Bitlocker, so this might help.
-
@scottalanmiller said:
@g.jacobse said:
Since the goal is to create and manage a true network (Active Directory and all it's glory)....
Let's start here. Why is this a goal?
I was wondering the same thing.
Also, if the users are providing their own hardware - can you really be expected to require local encryption, etc?
-
@scottalanmiller Why should I not have AD? With 300+ devices across 14 counties there should be a central location - Main office has about 75 staff - each is in Workgroup mode.
Lat night had an issue with the Executive Director accessing a network resource because of no AD / Domain. With three 'file servers' each has different user accounts which becomes a pain to manage.
-
Well, you're talking about Chromebook and AD in the same sentence for starters - they don't really mix.
Chromebooks are designed to pull their data from Google's services (gmail or google drive, etc) and AD doles out data via fileshares and AD queries. (I'm sure my wording is wrong here, but you hopefully get my point).
Considering your constraints have you considered moving solely to Google Services or O365 services and getting away from local stuff at all?
Also, can you manage or lock down Chromebooks? i.e. prevent other google users from using a device sorta like you can a windows device on a domain?
-
@g.jacobse said:
@scottalanmiller Why should I not have AD? With 300+ devices across 14 counties there should be a central location - Main office has about 75 staff - each is in Workgroup mode.
It's good to consider the reasons "against", but before you do that make sure that you have a really strong reason "for" it. AD costs time and money, do you have a reason that you need it? Or are you starting from the position that you simply assume it is a "must" and haven't actually evaluated it? Starting with "why should I not" as the question implies that you've not actually considered why you should.
There is every possibility that AD makes sense. AD is great, it has a ton of value. But it is anything but free and it ties you into an ecosystem you've already said you can't afford. So given that you can't afford AD at all, I think we solidly know why you should not have AD. So the question is, do you have a reason "for" AD that outweighs the fact that it is beyond your budget?
-
@g.jacobse said:
Lat night had an issue with the Executive Director accessing a network resource because of no AD / Domain. With three 'file servers' each has different user accounts which becomes a pain to manage.
That seems like a minor issue compared to "we can't afford it." Moving to AD means you need not only Windows computers but computers with Windows Pro which eliminates the possibility of having users bring in their home machines (AD does this too, realistically, even if they had Pro machines at home - asking people to supply their own computers is probably not legal, demanding that they turn them over to the company to "own" them is certainly not legal.)
There are plenty of options that don't require AD. I work in a non-AD shop with nearly 300 users in 18 countries (and many locations in some of those countries like two in the US, three in Canada, two in Spain, etc.) AD is not a foregone conclusion. It never was and it is far less of one today.
-
@Dashrender said:
Also, can you manage or lock down Chromebooks? i.e. prevent other google users from using a device sorta like you can a windows device on a domain?
Yes, Chromebooks do all of that. Although it costs extra for the enterprise management suite.
-
It really sounds like you are a perfect candidate for Google Apps and Chromebooks, as Dash suggests. If you can't afford AD and you need to support a lot of people you are pretty much limited to one of three models:
- Windows without AD which is really complex.
- Regular Linux with an central authority like AD but not AD
- Chomebooks
Each of those is low enough in cost that you can theoretically afford to do it. The Windows without AD route is by far the worst of the three. The Linux route means a lot of work for you, it requires the most knowledge. The Chromebooks route is by far the easiest and most useful. There is a reason that so many companies are moving to that model.
-
The Chromebook ecosystem is actually a really awesome one. Once you go that route your costs become extremely predictable and management becomes super easy. You really can gain huge benefits going that way.
-
Agency wise (as a whole) getting into AD shouldn't be that costly. We can get Server 2012 with software assurance for next to nothing, add the required CALs and go forward. Being a Non Profit helps.
It is just this one department hasn't any funds. Over all funds are available and useable. I've been asked to get a better solution for backups - Unitrends is one option, as is the readyNAS you have been working with. And with the readyNAS, with two of them, I can set up off site replication and increase our data survivability.
Things can be done without AD, however there are a number of things which make having AD so much easier. I have the hardware - it needs to be upgraded a bit - but I have it.
-
Considering the geographically disperse company you have there, AD (in general) will require either dedicated communication links or VPN tunnels. Either costly or potentially painful to manage (granted once a VPN site to site is up, you rarely have to deal with it).
What advantages are you gaining using AD company wide vs moving to Google Apps or O365 along with some sort of management solution for the desktops outside of AD (managed engine for example).
-
Check out Tech Soup if you haven't already. They give stuff to non-profits. Also maybe check out electronics recycling centers for free old stuff.
-
@g.jacobse said:
Agency wise (as a whole) getting into AD shouldn't be that costly. We can get Server 2012 with software assurance for next to nothing, add the required CALs and go forward. Being a Non Profit helps.
I was basing the costs off of AD being free. If it costs anything, it is that much more. Your issue is that you can't afford the Windows machines necessary to connect to AD.
-
@g.jacobse said:
Things can be done without AD, however there are a number of things which make having AD so much easier. I have the hardware - it needs to be upgraded a bit - but I have it.
You're early post about people bringing their own machines or getting Chromebooks suggested that you didn't have and couldn't get the hardware. Do you have access to company-owned Windows Pro machines or not? I'm confused.
-
@Dashrender said:
Considering the geographically disperse company you have there, AD (in general) will require either dedicated communication links or VPN tunnels. Either costly or potentially painful to manage (granted once a VPN site to site is up, you rarely have to deal with it).
Pertino works really well for this.
-
@scottalanmiller said:
@Dashrender said:
Considering the geographically disperse company you have there, AD (in general) will require either dedicated communication links or VPN tunnels. Either costly or potentially painful to manage (granted once a VPN site to site is up, you rarely have to deal with it).
Pertino works really well for this.
But as you mentioned work best with windows machines, not personally owned Chromebooks.
-
@Dashrender said:
But as you mentioned work best with windows machines, not personally owned Chromebooks.
Doesn't work on Chromebooks at all. But Chromebooks don't need it as they get their storage from Google.
-
Funny I'm in an office of very high end tech people discussing right now how many of them have managed to almost never work in an environment with AD at all.
-
@scottalanmiller said:
Funny I'm in an office of very high end tech people discussing right now how many of them have managed to almost never work in an environment with AD at all.
Are the machines those users are working on managed by the company at all? just curious.