Windows "Workgroup" vs pfSense "Domain"



  • In pfSense, I left the default hostname.domain on System > General Setup as pfSense.localdomain (at least I think it's the default).  Is there any relationship between that domain and the Workgroup on my Windows machines?  This is just a tiny home network with no AD setup or domain at all.  I've just got the old "WORKGROUP" under Windows' System area.  Should I change the workgroup from "WORKGROUP" to "localdomain"?



  • SMB uses broadcasts. So 'workgroup' is fine.

    If you want to use fqdn domains to reach your devices, then you can still use the devicename.localdomain if you wish



  • They are not related although you'll often see the same name used for both at the same time. Windows workgroup is a MS Windows -specific association of computers to a workgroup where computers in the same workgroup can see and browse each other's shared resources. The pfSense domain is only a DNS domain and is only relevant to DNS lookups.


  • LAYER 8 Global Moderator

    workgroup in windows has zero to do with shared resources.  All a "workgroup" is what list to put it in the browselist, nothing more - it really is just utterly useless..  Might of be somewhat useful back in the day of windows for workgroups to group machines in specific lists like users, servers, etc.. dept A, dept B, etc..

    But they have zero to do with authentication to who can access shared resources off a machine.

    Might was just leave it at the default workgroup for the name.  The DNS domain that you setup in pfsense is just that the domain part of a FQDN (fully qualified domain name) so when you lookup pfsense.something.tld or whatever you want to call pfsense. Or other machines in your network.


Log in to reply