Most local area networks created with Microsoft products follow the workgroup model. Generally, people believe that they are getting the advantages of the domain model, but have not created a working domain. Workgroups are very easy to create, and they will suit only the smallest local area networks (2-20 nodes).
|simple design to implement||no central management|
|easy to share resources||duplicate accounts|
|distributed resources||everybody must be an administrator|
|convient for a limited number||inefficient for large networks|
It is necessary to have a central place to store this database and to control changes. Therefore, all Domains must have a Primary Domain Controller, or PDC. The PDC must be the first machine created in the domain, and the name given to the domain must be unique. Also, an important design consideration: Microsoft gives a pratical limit of 15,000 accounts per domain. Depending on which model your domain's design is based upon, I would suggest a much lower number.
|centralized administration||administration becomes more complex|
|centralized access control||sharing resources becomes more complex|
|control of user's environment||additional administrative overhead|
|grouping of resources||browsing may become a problem|