• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 209
  • Last Modified:

Remote Domain Controller or Site-to-Site VPN or Both?

We have begun hosting some of our software with a remote vendor.  We now access this software via  RDP (RDS) and via RDP have access to our mapped drives and network printers via RDS services.  One of our newly hosted software products also requires local access to Outlook, which requires us to install Outlook at the hosted site as well as locally.  We were wondering whether the installation of a remote domain controller and/or a site-to-site VPN might allow us to have direct access to mapped drives and printers (instead of the RDP re-direct), direct access to local network machines and shares and allow us to open a single instance of Outlook.  The remote site is AD 2008 and we are currently AD 2003, but realize we will need to move to 2008 soon anyway,  Any thoughts and suggestion are considered valuable.

Thank you.

Ned Forster
IT Manager
West Point Association of Graduates
  • 2
1 Solution
In this case, I suppose the hosted RDS machine is not connected to a domain. Users are using local accounts to log on. Using the redirected drive features of RDS client, you can access files on your computers in the company network thanks to the credentials you entered to log on your workstation.

If you want to browse your company files from the hosted machine, you should include the hosted server in a domain, that means set up a site-to-site VPN.

ADding a controller is optional, since I dont think you have thousands of connections or need to massively serach objects in AD, I don't think a DC would be usefull.

Once your VPN is set up, modify hosted server DNS and add it into the domain. Lock or stop using local accounts and ask RDS users to use their AD login password to access this machine.
This way, users will have access to Printers, Shares, Files and everything else. Take good note that large files will be a pain to open (140Mb PPT from the hosted site will be quite bandwidth consuming)

Regarding Outlook (and assuming you are using Exchange Server), it will connect to your server using SSO, as if the it was in you local network.

If AD and File sharing is just optional, you can also leave everything as it is actually, and use Outlook Anywhere feature of Exchange (RPC over HTTP/s) to connect to your mailbox without even using a VPN.

Usually, machine hosted in datacenters with no VPN  have no access to company network and are able to work on their own. Ask yourself if browing files and printer is really a necessity or if a PDF printer with a SMTP mail account can do the trick



No news from you, I'm available if you have more questions or if you want to discuss about vpn / no vpn scenarios.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now