Scott244
asked on
Manually add client computers to sbs 2008
I had to do a reinstall of sbs 2008 and now need to re-join 2 remote users that vpn in. What are the steps to manually add a computer to the domain.
The sbs 2008 server is the only domain controller on the network.
The sbs 2008 server is the only domain controller on the network.
How is the VPN connected? Though the firewall?
ASKER
Yes
I would connect them up, make sure they can ping the server, and rejoin them as normal using the http://connect website.
ASKER
The http:\\connect reboot the client during the process. When that happens I am concerned that the VPN won't reconnect and then the connect process is stuck in the middle leaving me with an unconfigured remote PC. Note that these clients were joined to the domain before I reinstalled sbs 2008. I used the exact same server and domain names and the same server IP.
Since the clients should have all the configuration they need, was hoping I could add the client entries into the server and all would be OK.
Any more thoughts?
Since the clients should have all the configuration they need, was hoping I could add the client entries into the server and all would be OK.
Any more thoughts?
What type of VPN client is being used on the remote side? Is this a VPN client that establishes he VPN upon system startup?
A question pops to mind on why you would need to join the remote system into the domain, but I'll skip it for now.
A question pops to mind on why you would need to join the remote system into the domain, but I'll skip it for now.
ASKER
I am using the windows vista builtin vpn client.
Is the remote system a laptop that can be brought into the office? Why do you think you need to join the remote system into your domain?
The person would have to first login into the system and then establish a VPN connection.
The GPO you apply on the AD will not be applied on the remote system.
Is an option to join the domain via the properties of my computer\computer name network wizard availalbe?
You would need to make sure that the DNS server on the vista points to the internal IP of the win2k8 as the primary.
To what hardware is the VPN being established? It might be possible to configure that VPN client to run as a service that will establish.
Look at himachi test it out. Join the com.
When the user at a login screen, they may have an option to login into the domain via VPN. See if that is a workable option.
The person would have to first login into the system and then establish a VPN connection.
The GPO you apply on the AD will not be applied on the remote system.
Is an option to join the domain via the properties of my computer\computer name network wizard availalbe?
You would need to make sure that the DNS server on the vista points to the internal IP of the win2k8 as the primary.
To what hardware is the VPN being established? It might be possible to configure that VPN client to run as a service that will establish.
Look at himachi test it out. Join the com.
When the user at a login screen, they may have an option to login into the domain via VPN. See if that is a workable option.
ASKER
arnold,
I appreciate the response. I was looking for a tried and true solution. The client computer is to far away to bring back tot he domain server. I don't want to attent something that may render their computer useless.
I will leave this open a litle while longer to see if anyone has a solution to this.
I appreciate the response. I was looking for a tried and true solution. The client computer is to far away to bring back tot he domain server. I don't want to attent something that may render their computer useless.
I will leave this open a litle while longer to see if anyone has a solution to this.
The remote computer will still have the local login credentials as well as access via safe mode. The remote user should double check that their local login has a password.
I'm just trying to think things through to see why do you see a need to join the remote system into the domain?
What do you think is gained?
Even if you join the system into the domain, you will still have the same issue that the VPN must be up at startup for the user to login using Domain credentials.
Do you need to access from the SBS the local resources on the remote systems?
You can test this with your own home system. Setup a VPN from your home to the server. And perform the steps you would have the remote user do (make sure you use a domain account with similar rights).
I'm just trying to think things through to see why do you see a need to join the remote system into the domain?
What do you think is gained?
Even if you join the system into the domain, you will still have the same issue that the VPN must be up at startup for the user to login using Domain credentials.
Do you need to access from the SBS the local resources on the remote systems?
You can test this with your own home system. Setup a VPN from your home to the server. And perform the steps you would have the remote user do (make sure you use a domain account with similar rights).
ASKER
For machines that have not been joined to the domain, I have found that remote assistance doesn't work when they are vpn connected. Machines that have been joined work ok with remote assistance. This is what made me think I need to rejoin them. There were joined before I had to reload the sbs software.
In the long run we will use vpn to share software licenses.
Do you know why vpn connections do not show as online in the sbs console under "network/client computers".
I'll look into your ideas above.
Thanks
In the long run we will use vpn to share software licenses.
Do you know why vpn connections do not show as online in the sbs console under "network/client computers".
I'll look into your ideas above.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.