?
Solved

Active Directory : users accessing server via RDP or domain ... which is better?

Posted on 2006-05-10
2
Medium Priority
?
185 Views
Last Modified: 2010-03-18
i did not set up the structure at the company i currently work at...i'm wondering if the current structure is the best...
currently, there are several remote locations.  each remote location has site to site VPN. i am at the main location, where the servers are at.

users at the remote locations connect to a Terminal Server here, and can access shared drives, print to other locations and run an important application from their RDP session.
users at the main location (where i'm at) are joined to a domain and can do all of the above from their client pc's.

each location is on a different subnet, but i can ping any computer on the network because of the site to site VPN.

1) is it possible for computers on the different subnets to join the same domain?
2) if not, is it possible to set up different domains (one for each location) without impeding access to the servers and shared drives?
3) what are the pro's/con's of accessing the servers via RDP versus joining a domain?  should i leave the current structure as it is or is it better to have everyone join a domain?

keep in mind... i am only at one location (and i am the only IT person in the company), so i also need to consider what is easiest to manage in terms of technical support and administration.

thanks :)
0
Comment
Question by:zephyr_hex (Megan)
2 Comments
 
LVL 97

Accepted Solution

by:
Lee W, MVP earned 2000 total points
ID: 16649544
Hi zephyr_hex,
> 1) is it possible for computers on the different subnets to join the same domain?
Absolutely - there is NO problem whatsoever with this

> 2) if not, is it possible to set up different domains (one for each
> location) without impeding access to the servers and shared drives?
You do NOT want to do this - administering multiple domains is going to be FAR more of a headache.

> 3) what are the pro's/con's of accessing the servers via RDP versus
> joining a domain?  should i leave the current structure as it is or is
> it better to have everyone join a domain?
I don't see any problems with this - OTHER THAN the fact that the remote systems are not managed in any way.  Security updates, etc are not pushed out to the clients.  THIS can be a problem.

Your setup is PROBABLY the easiest way to do things  -  the only thing is, if you could afford it, I'd replace the existing systems at the remote sites with more secure systems, such as Linux systems or WinTerms.  With your current setup you need only upgrade the terminal server's software to upgrade software at ALL the sites - don't you think that's more convenient for you?



Cheers!
0
 
LVL 44

Author Comment

by:zephyr_hex (Megan)
ID: 16652224
i do see the benefit of only having to maintain the Terminal Server for things like setting up a new printer.  it's much easier for me to just install something on the server and that takes care of the remote clients being able to access it... or... if there is a problem with an application that a remote client uses, i can figure it out and fix it on just the 1 server.

i just wasn't sure if this was the best way to manage things.  i can see your point about being able to push updates out, etc via a domain.

i dont want to replace the client computers at the remote locations... the employees use their computers for tasks other than accessing the server.  for example, they run their mail off their local pc and not via the RDP connection.  the main reason why the clients connect to the server is to use 1 major application, and to print to other locations on the network.

i also have to consider CAL licensing, too.  i am going to do an audit and i believe we will need to purchase more licenses with our current config.  i am not sure if we will need to purchase more licenses if we go to a domain config for the remote clients.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question