Solved

Trying to set up remote office with 2003 Server Standard at main office

Posted on 2009-05-15
8
303 Views
Last Modified: 2012-05-07
I am setting up a remote office to connect to our main office which has a Sonicwall Pro 2040 with VPN. The main office has DC, AD, Exchange 03, DHCP, on a Windows 03 Server Standard.

I was thinking of connecting this remote office (3 end users - no IT Dept) via a TZ 180 or similar product. We have a program in house (main office) that I want the remote office to use ( emulator) but have a question - would I need to add each user to our domain, albeit remotely, in order for them to use this program? I doubt that simply connecting the office via VPN would allow a remote user to access the software unless they are actually added to our domain. Am I correct in thinking this? If so, any special procedure in adding a remote office user to our domain?

Thanks in advance
0
Comment
Question by:renniscom
  • 4
  • 4
8 Comments
 
LVL 4

Expert Comment

by:jschweg
ID: 24400621
It really depends on how far you want to go with this. Can you go into more detail about the program you want to run as far as it's requirements? If the software you speak of doesn't require any sort of domain authentication, then you probably wouldn't *need* to have those machines on the domain, but it would be a lot easier to manage if they were on the domain

As far as adding another office to your domain, this is pretty straightforward. Assuming that you create a VPN tunnel between two sonicwall devices as you already mentioned:

1) Put another domain controller in the new office so they have local domain services

2) They can run Outlook in cached mode over the VPN to get their mail from the Exchange server in the main office

3) They can run the software they need

0
 

Author Comment

by:renniscom
ID: 24400712
The software I speak of is connected to the main office server already via serial port server. It is located on the actual 2003 Server and employees currently connect to it via Terminal Services.

I do believe we need to add the remote machines to the domain in order to manage more efficiently.

How would i go about putting another domain controller at the new office? Would I need a remote server there?
0
 
LVL 4

Expert Comment

by:jschweg
ID: 24400816
Ok, if we assume that it is required that we add the remote machines to the domain, and the two sites will be connected via a WAN link, then we have two possibilities for connectivity.

What kind of internet connection do you have at the main office? At the remote office?

1) If both sites are connected via VPN, this is more or less and extension of the network at the main office (albeit very slow). You could simply join the remote machines to the domain like to would join any other machine. Since the remote machines would be contacting the domain controller across the WAN to login, the performance here may or may not be acceptable

2) You could put a second domain controller at the remote office, which, yes, would be another physical server. Clients logging in at the remote office would authenticate and login using this server to keep the performance high.

I didn't originally notice that this remote office only has 3 users, I don't know if solution #2 would be all that practical, and I would worry with #1 that your login performance, as well as the performance to your shared application in general.

What about using Terminal Server? You wouldn't need to setup any VPN WAN link between the two offices or join the host machines to the domain. You could setup a Terminal Server at the main office which would be part of the domain and have direct contact with your application/email/ect. The remote people would essentially just RDP in, and start working.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:renniscom
ID: 24400846
Currently we have about 15 users accessing via Terminal Services, but currently at the main office we only have one server so overloading the server is a concern, hence the reasoning behind setting up remote offices via VPN.

We have a T-1 currently at the main office, and each other remote location is different - some have broadband while a few have DSL.

I truly appreciate your detailed explanations!
0
 
LVL 4

Expert Comment

by:jschweg
ID: 24400896
You could get an additional server and dedicate it to Terminal Services for all the remote users perhaps. This would take the user load off the main server so this wouldn't be a concern.

I can tell you in advance that a VPN tunnel with a T1 on one end, and DSL/cable on another is going to be painful, especially with all of the VPN overhead. You also have to worry about reliability with residential internet services. If the link on their end goes down, they can't login or access your application.





 
0
 

Author Comment

by:renniscom
ID: 24400967
I had not thought of that, the reliability of the connections itself - thank you.

I know this might be a whole other topic altogether but would adding a second server to our current main office setup be complicated?
0
 
LVL 4

Accepted Solution

by:
jschweg earned 500 total points
ID: 24401043
Not complicated at all, setting up a simple terminal server is very straight-forward. There are tons of tutorials and how-tos all over the web like this one for example:

http://www.windowsnetworking.com/articles_tutorials/Windows_2003_Terminal_Services_Part1.html

0
 

Author Closing Comment

by:renniscom
ID: 31582140
Thank you again for all your help
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question