Feb 23 2007

Moving Spaces

Here's how to shift from a peer-to-peer to a centralized network.


Photo: Christopher Navin
Dave Howe says that making updates to PCs on the peer-to-peer network for Howe Lumber in East Brookfield, Mass., forces him to be a night owl.

Most businesses begin with a peer-to-peer network: a set of networked computers that each have distinct user accounts and data. But this type of infrastructure typically lacks a central repository. User accounts and critical data are scattered across your employees’ systems. What’s worse, if an employee’s hard drive fails, all his or her data goes with it. How can you back up critical data when you don’t even know where it is?


Take Howe Lumber, for example. Dave Howe, vice president of systems at the growing East Brookfield, Mass., lumber company, has had moving from a peer network to a centralized one as a pet project for some time, but he voiced concerns about additional hardware and software costs. Although the retailer’s point-of-sale and document management systems are centralized, the rest of its hardware environment isn’t.

“We have 30 PCs in a peer environment, which makes it time-consuming to do anti­virus updates and to update our quoting tools,” Howe says. “I usually can’t update the machines during operating hours because that’s like replacing a tire while driving down the interstate. That forces me to be a night owl or catch systems when they’re not in use, which means even minor updates take longer than necessary.”

If this scenario sounds familiar, it’s time to shift from peer-to-peer to a centrally managed network. By storing data in one location, backup becomes easier, as do manageability and reliability. In a Microsoft Windows environment, this means moving from a common workgroup environment to an Active Directory domain (for common user accounts) and Windows 2003 Server for file and printer sharing on networks with more than 10 incoming concurrent connections.

Moving to a Windows 2003 Active Directory Domain

Step 1: Document your Transport Control Protocol/Internet Protocol network environment, including who the users are and where they store their data. Consider whether to organize users into groups based on data access and how to categorize shared data. Estimate your data storage needs.

Step 2: Select a server. A single-Pentium system with 1 gigabyte of RAM should be sufficient, but you should consider fault-tolerant hard-drive configurations, such as redundant arrays of independent disks. With a RAID subsystem, a disk can fail, but the server will continue to work. When the failed disk is replaced, the server automatically rebuilds the redundancy. You also will need Windows 2003 Server with the appropriate number of client access licenses — typically one CAL for each employee.

A Windows 2003 Domain Controller is required for Active Directory, which is a centralized user and computer account service. Active Directory relies on a solid TCP/IP infrastructure.

Step 3: Configure the server for the Active Directory domain. Active Directory relies on and integrates with critical TCP/IP services such as Dynamic Host Configuration Protocol and Domain Name System, so these services need to be well understood first. Active Directory comes as part of Windows 2003 Server; it only needs to be added as a role via the management console. Active Directory will support centralized management of computers and user accounts. Create one user account for each employee, and create and populate any security groups.

Step 4: Prepare the server’s file system for centralized file management. Create one shared file folder that will contain users’ private files and one each per user underneath. Create another shared file folder for shared data and add one subfolder per division, such as accounting, clients and proposals. These subfolders should more or less mirror your security model, so that accountants are the only ones who need access to the accounting folders, for example. Some of these subfolders will simply be logical ways to organize data. A log-on script can be used to map the server’s shared folders to drive letters, such as S: for shared and U: for user directories.

Step 5: Configure the server backup before migrating any critical data. There are commercially available backup programs available, but Windows Backup will be sufficient for most servers. Select all the drives on which you have data — especially the System State backup. The System State option backs up Active Directory and all of the user accounts. As for a destination, tape backups can be prohibitively expensive. Disk-based backups, especially external USB hard drives, can also be stored offsite. Howe Lumber swaps its disk backups daily, Howe says.

Get on Board

At this point, the server is ready to go but has operated outside of your production environment, so it’s time to migrate. If you have numerous users, consider migrating groups of them at a time — for example, start with the sales team and migrate the accounting staff. Link each employee’s system to the new domain and migrate critical data to the appropriate folder. You can also redirect users’ local “My Documents” folders from the local drive to their private folders on the server; Windows will move all of the files for you, but to the user, the “My Documents” folder will act just as it always did. Migrated users should log in to their systems now using their domain user name and password; to avoid confusion, rename or delete their existing local user accounts.

Windows Server 2003 also includes Volume Shadow Copy Service. This service, which requires less than 10 percent of hard-drive space, takes a snapshot of any changes to files on designated volumes twice a day, keeping replicas for 30 days (the default setting). Users can restore these previous versions by right-clicking on a file, selecting “Properties” and exploring the “Previous Versions” tabs. If a file is deleted, a user simply needs to create a file with the exact same name and follow the same procedure to restore it.

CEO Takeaway
There’s little doubt that a centralized architecture is easier to manage, but before you spend $2,000 on a server, consider:

• Does someone in your organization have the required level of expertise to configure and manage a Windows 2003 domain and a TCP/IP infrastructure?
• For centralized file sharing, would a network-attached storage device, which generally costs one-third the price of a server, be adequate for your needs?
• Does your organization expect to continue to grow? If so, a domain infrastructure is required to support other applications, such as Exchange and Office SharePoint Server.
Dr. Jeff Sheen is a senior corporate network engineer for Software Architects of Chicago and works in the company’s Columbus, Ohio, office.