Active Directory : users accessing server via RDP or domain ... which is better?

i did not set up the structure at the company i currently work at...i'm wondering if the current structure is the best...
currently, there are several remote locations.  each remote location has site to site VPN. i am at the main location, where the servers are at.

users at the remote locations connect to a Terminal Server here, and can access shared drives, print to other locations and run an important application from their RDP session.
users at the main location (where i'm at) are joined to a domain and can do all of the above from their client pc's.

each location is on a different subnet, but i can ping any computer on the network because of the site to site VPN.

1) is it possible for computers on the different subnets to join the same domain?
2) if not, is it possible to set up different domains (one for each location) without impeding access to the servers and shared drives?
3) what are the pro's/con's of accessing the servers via RDP versus joining a domain?  should i leave the current structure as it is or is it better to have everyone join a domain?

keep in mind... i am only at one location (and i am the only IT person in the company), so i also need to consider what is easiest to manage in terms of technical support and administration.

thanks :)
LVL 44
zephyr_hex (Megan)DeveloperAsked:
Who is Participating?
 
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
Hi zephyr_hex,
> 1) is it possible for computers on the different subnets to join the same domain?
Absolutely - there is NO problem whatsoever with this

> 2) if not, is it possible to set up different domains (one for each
> location) without impeding access to the servers and shared drives?
You do NOT want to do this - administering multiple domains is going to be FAR more of a headache.

> 3) what are the pro's/con's of accessing the servers via RDP versus
> joining a domain?  should i leave the current structure as it is or is
> it better to have everyone join a domain?
I don't see any problems with this - OTHER THAN the fact that the remote systems are not managed in any way.  Security updates, etc are not pushed out to the clients.  THIS can be a problem.

Your setup is PROBABLY the easiest way to do things  -  the only thing is, if you could afford it, I'd replace the existing systems at the remote sites with more secure systems, such as Linux systems or WinTerms.  With your current setup you need only upgrade the terminal server's software to upgrade software at ALL the sites - don't you think that's more convenient for you?



Cheers!
0
 
zephyr_hex (Megan)DeveloperAuthor Commented:
i do see the benefit of only having to maintain the Terminal Server for things like setting up a new printer.  it's much easier for me to just install something on the server and that takes care of the remote clients being able to access it... or... if there is a problem with an application that a remote client uses, i can figure it out and fix it on just the 1 server.

i just wasn't sure if this was the best way to manage things.  i can see your point about being able to push updates out, etc via a domain.

i dont want to replace the client computers at the remote locations... the employees use their computers for tasks other than accessing the server.  for example, they run their mail off their local pc and not via the RDP connection.  the main reason why the clients connect to the server is to use 1 major application, and to print to other locations on the network.

i also have to consider CAL licensing, too.  i am going to do an audit and i believe we will need to purchase more licenses with our current config.  i am not sure if we will need to purchase more licenses if we go to a domain config for the remote clients.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.