I am setting up a new small network (10 users). In the past I have installed active directory by default, but I am wondering if there is really any advantage in a small network like this. Wouldn't the server run faster withouth AD installed? Are there compelling reasons to install AD on a single server small network?

I would think the only reason I can think of for a small company would be the ability to have centralized management of accounts and security.

Which to me is a pretty big thing.

-R

If we are talking about one server, the accounts are already centralized, right?

AD shouldn't be too much of a major hit, and it's easy to manage. However, AD doesn't normally like being alone in the sandbox, and might throw out stupid sync errors (DNS/AD) even though it knows damn well that it's the only box out there.

Normally, even on small networks, I still use 2 servers and make them both DCs as one is a file server and the other is an Exchange box, and either could host SQL, IIS, etc. Then I can have DDNS setup on both and not have issues. This is something that MS generally recommends, but you should still be fine with a single AD server.

This client really has no need for a second server. So, once again, what is the ADVANTAGE of AD on a single server 10 user network?

OK, what have you actually done with AD? You can push out applications with it, such as Office, that use MSI files. That's a pretty big plus. And personally, I have never really care for workgroup setups, as their security management has always been poor. But then again, the last time I even bothered with workgroups was with Win9x using an NT 4 server. So, does that answer your question?

I would also add that while your company may not be big enough for AD now, it's likely to grow, so that in the future the requirement for AD is more pressing.

Surely it's easier to install AD now, and allow it to "grow" with the company, rather than have to change everything in one sudden hit in a couple of years?!

Sometimes you have to look forward as well as looking at the present.

Rgds
AndyF

You can also apply Group Policies to the workstations that can control many aspects of the systems. That's much easier to do through AD than editing them on each station (I am not sure how a workgroup config would work with it, if at all).

Thank you,
Those last replies seemed compelling enough!