Solved

Remote Access with SBS 2003 in a Windows Server 2003 Standard AD

Posted on 2010-11-30
17
207 Views
Last Modified: 2012-05-10
I wanted to use SBS 2003 server for users to have remote access to applications that are on our Windows Server 2003 server, which also acts as our PDC. Has anyone had any experience with this and can it be done? Are there easier programs that can accomplish what I want to do but is inexpensive? We have a VPN right now and the performance is very slow at one location and inoperable at another location.
0
Comment
Question by:KenaiAK
17 Comments
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
CANT BE DONE    SBS 2003/2008/2011 must be the First Server in the AD Forest/Domain and must hold all the FSMO Roles.     Now you can introduce a SBS 2003 server into the existing AD and have it take over all the roles from the current server if you want  http://support.microsoft.com/kb/884453   Are you under 75 users??
0
 

Author Comment

by:KenaiAK
Comment Utility
We are under 75 users. If I add the SBS 2003 server to the existing domain do I then turn on Terminal Services on the other Server?
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
Not necessarily.   Do the remote users have pc's in the office that they will be connecting to?
0
 

Author Comment

by:KenaiAK
Comment Utility
I might have posed the question wrong, as we have it now there is one location going through the VPN with DSL to our application server,which the transmission of some of the applications is very slow. Then we just added another office that goes through a VPN through a DSL modem, which also connects to the application server, which is even slower. I thought that if I could implement Terminal Services it would increase the speed issue we are having to open applications through the VPN. They will be in the office using their PC's to connect to data and applications on the server. Maybe I used the wrong terminology by stating remote access, sorry about that. At times they will be accessing their computers remotely though. I am up to any suggestions so that the users can access the data and not have the speed issue.
Thanks.
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
Then what you really want is to add a Terminal Server to handle the remote users...if I were going to do this, I would add a Windows Server 2008 R2 server (64 bit)  (not as a domain controller), then add the Remote Desktop Services role (formerly known as Terminal Services) to the new server.

Depending on the actually number of remote users using this application at the same time...you'll need plenty of RAM (at least 16GB of RAM...maybe more) and processor power (4 or 6 core)

You should also explore a technology called Remote Apps which is really cool and much easier for the end user
0
 

Author Comment

by:KenaiAK
Comment Utility
Thanks for your help. It clarified it for me alot better.
0
 

Author Comment

by:KenaiAK
Comment Utility
So they would not go through the VPN connection instead it would be through the Internet is that correct?
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
VPN may still be required...are the remote computers "domain joined"   do they need the VPN connection for other things?   But as far as this particular application, it would not need to use the VPN connection
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:KenaiAK
Comment Utility
They are domain joined.
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
Then VPN has to remain in place for logons etc, but the application will run via terminal services
0
 
LVL 6

Expert Comment

by:Flipp
Comment Utility
Couldn't they utilise RWW to connect to the Remote Server, therefore not needing the VPN, but still working over HTTPS?
0
 
LVL 12

Expert Comment

by:ktaczala
Comment Utility
Don't forget if you set up a terminal server, you will need terminal server client access licenses.
0
 

Author Comment

by:KenaiAK
Comment Utility
Is there more of a security issue with using the VPN or HTTPS for access?

0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
Depends on how they authenicate to the domain?  if they have a DC in each remote location, those DCs have to have a VPN connection to the main office SBS Server for AD Replication   If there is no remote DC and they are authenicating directly to the SBS Server, that would be by VPN as well.

They could connect to the Terminal App Server via RWW but VPN will still be in play
0
 

Author Comment

by:KenaiAK
Comment Utility
So if I did what you had suggested previously: I would add a Windows Server 2008 R2 server (64 bit)  (not as a domain controller), then add the Remote Desktop Services role (formerly known as Terminal Services) to the new server.

Then they would still authentic through the VPN but access the applications through the Terminal Server via remote desktop services, correct?

Is Remote Apps part of Server 2008? Will I still need to buy Terminal Service Licenses. I suspect I would for each user or device.
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
Comment Utility
You're right on...and yes you'll need CALs   Remote Apps is simply a setup/functionality of RDS/Terminal Services, so once the new server is installed and joined to the domain, then you go to Server Manager on the new server and add the role
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
Here's a great step by step guide on using Remote Apps http://technet.microsoft.com/en-us/library/cc730673(WS.10).aspx
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now