Relatively tech-capable but need some advice...
July 10, 2010 8:33 AM Subscribe
We've purchased the business (yay!), and now it's time to determine how to set up the office network. I'm fairly certain that we'll start with peer-to-peer (vs. client-server), but I could use some advice to make sure this is the way to go, and I'd also like to know if it's possible to make changes to a file on a computer (via a remote desktop tool) that's concurrently running an application.
Part 1:
I've done some research about peer-to-peer vs. client-server setups, and for our office I'm inclined to keep it simple and go with the former, and of course take the necessary security precautions. The office operations staff will be very light and none of the other employees require computers. We will have 2 computers/users on day one, and we're not expecting any major need to scale-- I may hire an assistant in the next year or two, but that's all that we can foresee for now. If there are more office employees down the line we could consider switching to a client-server setup at that point (we could convert an older machine to a Linux or Ubuntu server with relative ease). We will be sharing data only, not applications.
The setup: He will have a fast new desktop with plenty of memory and I just purchased a new laptop for office and home use (both running Windows 7). We will be sharing a Simply Accounting database as well as storing all of the company-related files in one location-- they will all live on the desktop (primary) machine and be backed up together, rather than on multiple drives. While I'm in the office I will be able to access the database on the network using the application on my laptop, and he needs to have the same ability on his desktop in the event that he needs to generate an invoice when I'm not around.
Can you confirm that we are going the right route, given the number of users and the relatively simple network setup we require in the near-term? If not, what do you recommend?
Part 2:
Now, it's been a long time since I've used a remote desktop application, but there's one need that I'm not sure I'll be able to cover using the peer-to-peer setup. There will be the occasion, though likely rare, that I will be out of the office and will need remote access to the Simply Accounting database, and that he will want to be running an application (SolidWorks, for example) on the primary machine concurrently. I may also need to print documents generated from Simply Accounting on my laptop (while off-site) to the networked printer located on-site. I know it's possible to print remotely but I'm not sure if this is possible on a machine in use.
If the general consensus is that peer-to-peer is what we want for now, and that part 2 of my question is impossible, we'll probably stick with peer-to-peer and just make sure the primary machine is free and clear while I remote in. I'm just wondering if it is technically possible. Instinct tells me that I can't get in and make changes to the database while he's using another application on the primary computer, because the last I remember about remote access is that you are commandeering the machine itself remotely (i.e., what you do on the computer remotely is visible on the monitor), and that you're not just accessing the files through the back door. Google isn't helping, or perhaps I'm asking the wrong questions. I'm pretty out of touch on what's available in networking options these days, so any advice you can give is very welcome, and if I've been unclear about anything please let me know and I'll elaborate. Thanks!
Part 1:
I've done some research about peer-to-peer vs. client-server setups, and for our office I'm inclined to keep it simple and go with the former, and of course take the necessary security precautions. The office operations staff will be very light and none of the other employees require computers. We will have 2 computers/users on day one, and we're not expecting any major need to scale-- I may hire an assistant in the next year or two, but that's all that we can foresee for now. If there are more office employees down the line we could consider switching to a client-server setup at that point (we could convert an older machine to a Linux or Ubuntu server with relative ease). We will be sharing data only, not applications.
The setup: He will have a fast new desktop with plenty of memory and I just purchased a new laptop for office and home use (both running Windows 7). We will be sharing a Simply Accounting database as well as storing all of the company-related files in one location-- they will all live on the desktop (primary) machine and be backed up together, rather than on multiple drives. While I'm in the office I will be able to access the database on the network using the application on my laptop, and he needs to have the same ability on his desktop in the event that he needs to generate an invoice when I'm not around.
Can you confirm that we are going the right route, given the number of users and the relatively simple network setup we require in the near-term? If not, what do you recommend?
Part 2:
Now, it's been a long time since I've used a remote desktop application, but there's one need that I'm not sure I'll be able to cover using the peer-to-peer setup. There will be the occasion, though likely rare, that I will be out of the office and will need remote access to the Simply Accounting database, and that he will want to be running an application (SolidWorks, for example) on the primary machine concurrently. I may also need to print documents generated from Simply Accounting on my laptop (while off-site) to the networked printer located on-site. I know it's possible to print remotely but I'm not sure if this is possible on a machine in use.
If the general consensus is that peer-to-peer is what we want for now, and that part 2 of my question is impossible, we'll probably stick with peer-to-peer and just make sure the primary machine is free and clear while I remote in. I'm just wondering if it is technically possible. Instinct tells me that I can't get in and make changes to the database while he's using another application on the primary computer, because the last I remember about remote access is that you are commandeering the machine itself remotely (i.e., what you do on the computer remotely is visible on the monitor), and that you're not just accessing the files through the back door. Google isn't helping, or perhaps I'm asking the wrong questions. I'm pretty out of touch on what's available in networking options these days, so any advice you can give is very welcome, and if I've been unclear about anything please let me know and I'll elaborate. Thanks!
Don't forward RDP or VNC ports directly into your network. Use SSH or a VPN.
Don't do pure p2p, you want to at least have a dedicated fileserver that you do not normally log directly into or run applications on (except maybe backend utilities, and I'd still try and put those on a separate box.) You'll still have to rely on human cooperation to manage files in shared directories in that scenario. Follow the backup advice above, or put in an offsite network based backup. Or both.
To avoid the complications of human managed shared directories, especially if your work primarily involves collaborating on documents, you may want to look into either some kind of onsite document management solution, or else some kind of hosted groupware perhaps tied into hosted email. Exchange and SharePoint are the off the shelf Microsoft solutions. Another popular option is Gmail for Domains plus Google Docs.
You may want to look into pricing for whatever the current equivalent of Windows Small Business Server is, if you want something more professional and integrated.
I'm leaving out Linux options, like a Samba domain controller.
posted by snuffleupagus at 9:19 AM on July 10, 2010
Don't do pure p2p, you want to at least have a dedicated fileserver that you do not normally log directly into or run applications on (except maybe backend utilities, and I'd still try and put those on a separate box.) You'll still have to rely on human cooperation to manage files in shared directories in that scenario. Follow the backup advice above, or put in an offsite network based backup. Or both.
To avoid the complications of human managed shared directories, especially if your work primarily involves collaborating on documents, you may want to look into either some kind of onsite document management solution, or else some kind of hosted groupware perhaps tied into hosted email. Exchange and SharePoint are the off the shelf Microsoft solutions. Another popular option is Gmail for Domains plus Google Docs.
You may want to look into pricing for whatever the current equivalent of Windows Small Business Server is, if you want something more professional and integrated.
I'm leaving out Linux options, like a Samba domain controller.
posted by snuffleupagus at 9:19 AM on July 10, 2010
And part two can be accomplished by clever use of SSH, using a VPN to log in, or a commercial remote access product.
posted by snuffleupagus at 9:21 AM on July 10, 2010
posted by snuffleupagus at 9:21 AM on July 10, 2010
I would recommend getting an off-the-shelf router that can support the Tomato firmware, then installing TomatoVPN and having that be your conduit to the outside world. Probably the cheapest solution that gets you a dedicated "box" with all the gravy for $50-$75.
posted by Civil_Disobedient at 9:27 AM on July 10, 2010
posted by Civil_Disobedient at 9:27 AM on July 10, 2010
If you use VNC or Remote Desktop in conjunction with a client version of Windows then yes you can only have one session active at a time. However if the machine is running a server version of Windows then you can have multiple active sessions going at the same time which means using RDP you can run your database app while the person sitting at the keyboard is doing something else entirely.
posted by Rhomboid at 9:33 AM on July 10, 2010
posted by Rhomboid at 9:33 AM on July 10, 2010
Response by poster: Interesting so far, thanks very much for your responses. My initial plan was to go with a fileserver setup but when I did some research most of it pointed to a peer-to-peer for a setup on my (very) small scale. While I am surprised that your advice is different than what I came across in my initial searching, I can see your points for the dedicated fileserver-- if we go this route it would have to be with minimal input costs, so open source solution ideas are especially welcome. I already planned to leap-frog USB backups and keep one off-site at all times, but I was only planning on 2-- having 3 is a very good idea.
posted by mireille at 9:38 AM on July 10, 2010
posted by mireille at 9:38 AM on July 10, 2010
I would suggest rethinking the peer to peer. IF you get small business server then your network can grow if needed.
if you must do peer to peer then why not just buy macs?
posted by majortom1981 at 10:15 AM on July 10, 2010
if you must do peer to peer then why not just buy macs?
posted by majortom1981 at 10:15 AM on July 10, 2010
You may be tempted to use Microsoft Groove.
Do not.
I cannot stress that point strongly enough.
Do. Not. Use. MS. Groove.
It works great, when it works. Unfortunately it's only fully functional about 23% of the time. The rest of the time it's pretending to sync (but not actually syncing), or refusing to sync (with no indication as to why), or syncing things incorrectly, moving things which you just moved on purpose, creating duplicates and triplicates and quadruplicate copies of meaningless files that no one's used for weeks, and generally eating up your time and patience.
Do get a file server. I'm not sure who you've found actually advocating a p2p setup for a small business, but I would be very skeptical of that advice.
posted by ErikaB at 2:06 PM on July 10, 2010
Do not.
I cannot stress that point strongly enough.
Do. Not. Use. MS. Groove.
It works great, when it works. Unfortunately it's only fully functional about 23% of the time. The rest of the time it's pretending to sync (but not actually syncing), or refusing to sync (with no indication as to why), or syncing things incorrectly, moving things which you just moved on purpose, creating duplicates and triplicates and quadruplicate copies of meaningless files that no one's used for weeks, and generally eating up your time and patience.
Do get a file server. I'm not sure who you've found actually advocating a p2p setup for a small business, but I would be very skeptical of that advice.
posted by ErikaB at 2:06 PM on July 10, 2010
Carbonite Pro will do secure, offsite backups automatically.
posted by blue_beetle at 6:30 PM on July 10, 2010
posted by blue_beetle at 6:30 PM on July 10, 2010
ErikaB wrote: "Do get a file server. I'm not sure who you've found actually advocating a p2p setup for a small business, but I would be very skeptical of that advice."
If you're literally talking about only two people sharing files locally, there's nothing wrong with using one of the two user's machines to store all the data. If it's backed up and the one acting as the pseudo-server doesn't ever leave the office, that is.
posted by wierdo at 3:09 AM on July 11, 2010
If you're literally talking about only two people sharing files locally, there's nothing wrong with using one of the two user's machines to store all the data. If it's backed up and the one acting as the pseudo-server doesn't ever leave the office, that is.
posted by wierdo at 3:09 AM on July 11, 2010
Yeah, I'll join in the "really, get a fileserver" mob. Peer-to-peer works okay for two people, but really won't scale very well at all for three or more. Things get murky fast, files don't get saved to the right place, a laptop gets lost, and suddenly you discover your accounting database was on that laptop.
Don't be that guy.
Set things up simply but properly from the start - a file server (windows if you like, a linux if you're capable of setting it up) and some sort of domain authentication. Then when you get your assistant in six months time, you just set them up with a domain account and they're good to go. Also helps for auditing (if you set it up), tracking who's done what to whom if it becomes necessary. Moreover, trying to implement this sort of thing "later", when it's already grown a bit and that hasn't worked very well but you're already in the habit of saving files there or doing this and that instead to get around that limitation of P2P and and and...
That's a lot harder, and will cost you more in time alone, than just setting it up properly from the start ;)
posted by coriolisdave at 3:47 AM on July 11, 2010
Don't be that guy.
Set things up simply but properly from the start - a file server (windows if you like, a linux if you're capable of setting it up) and some sort of domain authentication. Then when you get your assistant in six months time, you just set them up with a domain account and they're good to go. Also helps for auditing (if you set it up), tracking who's done what to whom if it becomes necessary. Moreover, trying to implement this sort of thing "later", when it's already grown a bit and that hasn't worked very well but you're already in the habit of saving files there or doing this and that instead to get around that limitation of P2P and and and...
That's a lot harder, and will cost you more in time alone, than just setting it up properly from the start ;)
posted by coriolisdave at 3:47 AM on July 11, 2010
Uh, you guys know you can map a drive to a computer, even using a p2p network, right? The confusion over where to save files is no greater one way or the other. Believe me, I have people lose their files somewhere on the file server when they mis-drag something pretty frequently.
A domain is certainly overkill for a 2 person office. The MCSEs seem not to think so, but it doesn't really save any work for a small network. Once you get up to 10 or so computers, it starts making more sense because at that size you actually have a use for group policy and maybe even single sign on.
And no, converting to a domain is not hard. If you were previously using a non-server version of Windows as a workgroup "server," the hardest part is copying the data files from the old "server" to the server, and that's just boring, not hard. Once you get up to 20 users or so, reentering the user credentials can be a drag, too, but for even 5 users, it's no big deal.
Unless you're pretty sure that there's going to be growth beyond 5 workstations in the next couple of years, it seems like a waste of money to implement infrastructure whose advantages aren't really seen at the small size of your company.
If you want to have access control, you'll want a server. If you've got computers that are easily accessible to visitors/the public, you'll want access control. Short of that, it's not really necessary unless you have reason not to trust your employees or you don't keep good backups (correct file ownership can prevent user A from deleting user B's file on accident)
So yeah, what' I'd do if I didn't want to spend the few hundred bucks on a separate machine to run as a workgroup server? Set up one user PC as a workgroup server. Share a folder (I usually call it "f-drive"), map the drive on all the other computers. Get some synchronization software and back up everything across the network each night to one of the other computers, preferably into daily folders that get overwritten each week (Monday, Tuesday, etc.) Take a backup offsite at least weekly, preferably daily.
The backup strategy, and as part of that making sure everyone saves their files in the same place, is more important than how the network gets set up at this point. There's just not enough people to make it matter unless you're dealing with huge multimedia files or you have 10 year old computers.
posted by wierdo at 2:57 PM on July 11, 2010
A domain is certainly overkill for a 2 person office. The MCSEs seem not to think so, but it doesn't really save any work for a small network. Once you get up to 10 or so computers, it starts making more sense because at that size you actually have a use for group policy and maybe even single sign on.
And no, converting to a domain is not hard. If you were previously using a non-server version of Windows as a workgroup "server," the hardest part is copying the data files from the old "server" to the server, and that's just boring, not hard. Once you get up to 20 users or so, reentering the user credentials can be a drag, too, but for even 5 users, it's no big deal.
Unless you're pretty sure that there's going to be growth beyond 5 workstations in the next couple of years, it seems like a waste of money to implement infrastructure whose advantages aren't really seen at the small size of your company.
If you want to have access control, you'll want a server. If you've got computers that are easily accessible to visitors/the public, you'll want access control. Short of that, it's not really necessary unless you have reason not to trust your employees or you don't keep good backups (correct file ownership can prevent user A from deleting user B's file on accident)
So yeah, what' I'd do if I didn't want to spend the few hundred bucks on a separate machine to run as a workgroup server? Set up one user PC as a workgroup server. Share a folder (I usually call it "f-drive"), map the drive on all the other computers. Get some synchronization software and back up everything across the network each night to one of the other computers, preferably into daily folders that get overwritten each week (Monday, Tuesday, etc.) Take a backup offsite at least weekly, preferably daily.
The backup strategy, and as part of that making sure everyone saves their files in the same place, is more important than how the network gets set up at this point. There's just not enough people to make it matter unless you're dealing with huge multimedia files or you have 10 year old computers.
posted by wierdo at 2:57 PM on July 11, 2010
This thread is closed to new comments.
Once your server is up, you should almost never log into it, except to make sure all of the service packs and updates are installed... and to TEST the backup. NEVER use it as a desktop, don't surf on it. If you do this, you don't have to worry about some update to Flash or the like taking things down.
The rule should be that everything lives on the server share, windows can auto-sync a local copy to laptops, etc. for travel.
Use Gigabit networking from the get go... it's cheap, and you won't have to buy your gear twice.
You can enable remote desktop on Windows, if you forward the appropriate port on your Firewall / Router. This allows you do pretty much do anything short of watching videos from anywhere... on pretty much any internet connected Windows, Linux, or Mac box. Doing so does lock the local user out, so you're not going to share apps between users like a Terminal Server.
I hope all of this helps.
posted by MikeWarot at 8:58 AM on July 10, 2010