Learn how to a build a cloud-first strategyRegister Now


Active Directory over the Internet

Posted on 2006-05-05
Medium Priority
Last Modified: 2010-07-27
I am interested in setting up Active Directory to work over the internet. What I mean is that I have a domain controller in one location and I want PCs in other locations to access it. Here is what I have currently

Location One: (Datacenter) -
1 - Windows 2003 SP1 server setup with AD as the DC and DNS
1 - Windows 2003 SP1 server setup as a web server
1- Windows 2003 SP1 server setup as a development server

The 3 servers are joined by a router/firewall and all connected to the domain. I can access all servers with multiple static ips mapped to internal ips. The servers are working great and can pull all the information I need.

Multiple Locations: (Satellite Offices) -
I have multiple little satellite offices with one or two computers and I want to join them to the domain. All have broadband internet connections.

I have researched a lot and looked at the Windows 2003 R2 with ADFS as a possible option. Seeing that this a small operation I am curious if that is what I need to do. Is there a better method for what I want to accomplish?

I can get my way around networking pretty good, but this is a little above my head. What I am looking for are some steps to take to get my remote computers to join the domain I have setup in the datacenter. I appreciate any assistance you can provide and if I have neglected to provide any vital information please let me know and I will be happy to respond with it. Thank you for your time in advance.

Best regards,
Question by:bzappdev
LVL 51

Accepted Solution

Netman66 earned 1400 total points
ID: 16617904
All you need is a point-to-point connection from the satellite offices to the datacenter firewall.  Frame, DSL, T1 - as long as you can create a VPN tunnel to the edge device for your servers then you are good to go.

LVL 23

Assisted Solution

TheCleaner earned 200 total points
ID: 16618113
I agree with Netman, and would say that either a site-to-site VPN or a simply remote user VPN will work just fine.  With just 1 or 2 computers, and the fact that they are "internal" to your organization, I see no reason to mess with ADFS for that.
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 400 total points
ID: 16619909
Since your servers are all running Server 2003, you can actually accomplish this without any additional external devices if you have two NICs in each server.  

Windows Server 2003 is capable of creating an IPSec VPN Tunnel with other Windows Server 2003 machines natively.  See this KB for the how-to:  http://support.microsoft.com/kb/816514

However since you are still in the planning stages, I'd suggest you review Microsoft's Solutions for Branch offices to see what fits for your particular situation:  http://www.microsoft.com/windowsserversystem/solutions/branch/default.mspx


Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question