Do I really need to DC this server or am I just being Lazy?

[thecomputerguy]

I'll start with ... yes I'm being lazy but here's the deal.

Client has 5 stations and an old Dell Server that I'm replacing. Primary program is Lacerte. Employee turnover is non-existent. It's a small accounting firm and there is simply just no turnover. Everyone that works there is younger and very enjoyable to work with because it doesn't take 15 minutes to explain how to install my remote support tool. They are all somewhat knowledgeable and it's quite a rare treat to be dealing with people like this.

After installation they will be on $800 p/m remote only MSP.

I got them into a Dell T340 5TB RAID10 with a 5-Year NBD Warranty

Current setup is Workgroup.

Email is O365.

Client specifically requested that Folder Redirection not be implemented because they are very good with file management (and I believe them), and they don't want to flood the server with unnecessary garbage. If I did want to do some sort of workstation redundancy it would probably be Onedrive.

Shares will basically be PUBLIC (X) and LACERTE (L)

DHCP reservations are essentially not needed.

DNS can be handled just fine with a USG.

Remoting in is handled by splashtop and they like it and they are fine with it.

Group Policy basically not needed since I can probably manually map 5 computers faster than I could using GP. No need for Folder Redirection.

So should I just make this easy on myself and just plop the server in, transfer the data and be done with it? I know promoting it to a DC isn't that big of a deal but I always get uneasy using ProfWiz because I have had some issues in the past (can't remember what exactly) using ProfWiz.

AND

Plopping the new server in and just transferring the data sounds just wonderfully easy... (and lazy).

I'm just trying to wrap my head around what the benefits would be of promoting this to DNS, DHCP, and DC?

All of the my other servers I manage are DC's so I get WHY it is good but ... eg.gh..h...?

@YeOldeStonecat Imput?

 

[Sky-Knight]

I would say, you don't need the server at all.

Folder redirection shouldn't be applied, it's been replaced by OneDrive as a part of their M365 subscriptions.

NO ONE should be using folder redirection anymore, any one that is needs to be planning to phase it out. Except perhaps a handful of enterprise applications...

If you can manually map 5 computers in less time than deploying a single GPO, you need to practice your group policy preferences... because that's rather silly. Besides, 5 today means 5 tomorrow. Automation means a monkey can do the work and not screw it up! But I do understand the concern, AD is work...

But all that being said, 5 users? Why do they even HAVE a server? The public share is a OneDrive sync'd team folder.

Now, I don't have any experience with LACERTE, but I do have some experience with UltraTax. The latter doesn't really have a server, it's just a folder with files. In essence, each record is a document that can be opened or not. Think MS Word opening documents from wherever they happen to be. Which means the folder the software is in needs to be common, but that's about it. That's yet another Teams group, because you can use the subst command in a login script to make a drive letter aim at the local one drive folder that gets all the data. If you want convenient drive letter access anyway.

Now, I'm not saying that bit will work... but even if all you do is subst the folder on the "server" desktop, share it, and map to the desktop you could still do all of that for a 5 user network off a single Win10 pro station. Datto costs a bit less than $2 / user / month with zero volume to you... you can easily sell it for $3-4 / user / month and that gives you 1 year of backup of everything in the M365 tenant.

So I'm right back to the question...

Why are you deploying a server at all? If you want AD that's fine, but in my mind if you're questioning the work of setting up AD, you should be questioning the need for the server period. M365 is the server for my offices below about 30 seats, somewhere between 20 and 30 desktops depending on complexity AD and GPOs start to be a thing. But given the costs involved... that's what M365 Business Premium's InTune is for!

On premise servers are old news... if the client wants it sell it, otherwise it's time to 2020 that mess! 3rd party protected M365 tenants replace most servers entirely. And you have it already! USE IT!

 

[YeOldeStonecat]

Yeah the reasons for having a domain in such a small network are diminishing....as you noted, don't need or want folder redirection, I enjoy the print deploy group policy (printers get installed to workstations upon login) but on such a small network it's not as time saving.

LaCerte is a pig...hey, it's from Intuit...and as we all know from Slowbooks..I mean...Quickbooks...it's a .NET based pig. So a fast "host" is good.
Of course...there is also LaCerte hosted online....so one could argue even a local file server in workgroup mode isn't needed.

You have your compliance things for accounting offices you can still manage in other ways. Manage/monitor Bitlocker full disk encryption in 365...create a rule in Azure to force and manage and document that. Manage screensaver lock workstation after xx idle, etc.

Aside from LaCerte....I'm not sure how else this office uses their server...or...file storage needs. Most have some "scan to" folders, and LaCertes file cabinet storage offering isn't well liked so not sure if your client uses it or just home growns their own. They may have MFPs that scan to folders on the server. Some MFPs ...if updated, have support for scanning to 365...OD and SP. Others may offer a middleware option to do so. Yet other people have hacked tricks to get it scanning to SP...such as share that folder from a workstation and have the MFP scan there...and the workstation OD sync pushes 'em up.

 

[YeOldeStonecat]

Had to close to get to HQ to prep some Ubiquiti stuff for a deploy...
So....for down the road a hair, since you already have a new server in place, the "cost of the cloud" can be weighed against the "cost of a server". I have a larger accounting firm, they run on the big Thompson Reuters suite. Their "hosted" plans are steep. Currently my client has some life remaining on his server....so when it comes time to replace his server (about 2 more years)....we'll revisit this. As currently his server has ongoing monthly costs...my support, vendor support, backup. So to pay for that, AND pay for TR hosted suite....too costly.

 

[Markverhyden]

My main concern would be compliance with a customer like an account/tax prep business. That's an area where a DC shines with the automation as well as logging.

Of course there's more than one way to skin that cat so it becomes a a balancing act of how much time vs how much you can charge the customer.

 

[thecomputerguy]

Yeah ... but some of these cloud services get ridiculously expensive especially when you get into higher user counts. For example this client would be paying $138 per user (at least 5) per month, or at least $8280 per year not including Lacerte licensing.

Assuming this Server will last at least 5 years thats a total investment of almost $42,000 over 5 years. I could replace their server twice a year and they would have still spent less money for arguably ... comparable performance?. On top of that I don't get any of that $42k... Intuit does.

I ran into this problem with my Uncle he uses QB enterprise and has about 9 users. When we were looking to go fully cloud based with Sharepoint/Teams/Ondrive and Hosted QB through right networks it just stopped making sense at a certain point. They have no need for remote access and I think we were looking at almost $70 per user per month or almost $8k a year. That or I go with a hybrid approach and get a decent server in there with a RAID10 SSD setup just to host QB (Fast is good) then use SP/Teams for the other stuff.

Again assuming that server will last 5-Years (I say 5-Years because that's the warranty), he's as well is looking at over $40k over 5-Years just to host Quickbooks, Add in the other stuff like replacing workstations, setting it all up etc... that turns his 5-Year investment closer to $50k.

I think I quoted him $15k for a decent server and 8 Workstations.

 

[YeOldeStonecat]

Yeah, there's a balance.
For the TR suite of my client, he needs full blow SQL...so now we have 2x servers to maintain (one physical box...but 2x of my MSP fees....plus larger backup). Has to be biz continuity backup..so not cheap, at least several hundred bucks a month right there. And licensing.
And there is a sense of comfort in cloud services....nothing to deal with for local backups, or screwed up program updates. Easier to support. Workstations...less horsepower needed....don't need i7's with 16 or 32 gigs...can get by with i5's and 8 gigs.

15k for a server and 8 workstations...wow that's cheap.

 

[marley1]

Dunno why u would do a workgroup when you have a server.

AD
Azure Dir Connect
hybrid Join GPO
Sso
Auto sign into OneDrive
Redirect Known Folders

Gpo for Lacerate drives
Teams for chat

Remote Gateway for remote

 

[Sky-Knight]

Azure Dir Connect without Password write back means M365 passwords can only be changed from the office. Which is why I don't bother deploying it. I'm not paying for Azure AD Premium P1 just for that, my clients won't either. But if you're at M365 Business Premium... why not?

 

[marley1]

Add p2 to ask clients domain on the admin user. Get all the benefits

Accountants are always on the colors rdg is heavily used by our accountants