Remote Domain Controller or Site-to-Site VPN or Both?

Posted on 2011-10-03
Medium Priority
Last Modified: 2012-10-23
We have begun hosting some of our software with a remote vendor.  We now access this software via  RDP (RDS) and via RDP have access to our mapped drives and network printers via RDS services.  One of our newly hosted software products also requires local access to Outlook, which requires us to install Outlook at the hosted site as well as locally.  We were wondering whether the installation of a remote domain controller and/or a site-to-site VPN might allow us to have direct access to mapped drives and printers (instead of the RDP re-direct), direct access to local network machines and shares and allow us to open a single instance of Outlook.  The remote site is AD 2008 and we are currently AD 2003, but realize we will need to move to 2008 soon anyway,  Any thoughts and suggestion are considered valuable.

Thank you.

Ned Forster
IT Manager
West Point Association of Graduates
Question by:WPAOG-ISD
  • 2

Accepted Solution

Gerald26 earned 1500 total points
ID: 36904160
In this case, I suppose the hosted RDS machine is not connected to a domain. Users are using local accounts to log on. Using the redirected drive features of RDS client, you can access files on your computers in the company network thanks to the credentials you entered to log on your workstation.

If you want to browse your company files from the hosted machine, you should include the hosted server in a domain, that means set up a site-to-site VPN.

ADding a controller is optional, since I dont think you have thousands of connections or need to massively serach objects in AD, I don't think a DC would be usefull.

Once your VPN is set up, modify hosted server DNS and add it into the domain. Lock or stop using local accounts and ask RDS users to use their AD login password to access this machine.
This way, users will have access to Printers, Shares, Files and everything else. Take good note that large files will be a pain to open (140Mb PPT from the hosted site will be quite bandwidth consuming)

Regarding Outlook (and assuming you are using Exchange Server), it will connect to your server using SSO, as if the it was in you local network.

If AD and File sharing is just optional, you can also leave everything as it is actually, and use Outlook Anywhere feature of Exchange (RPC over HTTP/s) to connect to your mailbox without even using a VPN.

Usually, machine hosted in datacenters with no VPN  have no access to company network and are able to work on their own. Ask yourself if browing files and printer is really a necessity or if a PDF printer with a SMTP mail account can do the trick



Expert Comment

ID: 36933356

No news from you, I'm available if you have more questions or if you want to discuss about vpn / no vpn scenarios.



Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question