Solved

Remote Access to application

Posted on 2012-03-31
12
747 Views
Last Modified: 2012-04-19
Hello EE. We just installed MS Great Plains on our network. Currently we have a Hub and spoke network with Active Directory and a single domain. The spoke sites are connected to the hub via site to site IPSEC VPN tunnels.We have another location that is affliated with us but is not currently part of our domain but we would like to give them access to Great Plains. Trying to figure out what is the best way to accomplish this. Putting them on our domain is an option but they do have there own domain and Exchange Server and would not want to change that if possible. Any suggestions would be greatly appreciated.
0
Comment
Question by:InSearchOf
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
Can you build a trust between the domains?
0
 
LVL 6

Expert Comment

by:awaggoner
Comment Utility
The way we do this is via published applications using Citrix XenApp.

This reduces the amount of bandwidth you need to around 30-35kbps a session.  If you try to run GP across the WAN, it will choke unless you have a relatively huge amount of bandwidth.

If you don't want the expense of purchasing a full blown Citrix installation, you should at least set up a terminal server (or multiple servers depending on capacity and redundancy needs).   This will be much less expensive than Citrix, but not quite as efficient.
0
 
LVL 6

Expert Comment

by:awaggoner
Comment Utility
Using published apps or terminal services also means you do not need to modify AD in any way.  New accounts will need to be created in the GP domain, but that will bu much easier than anything else.  Plus these new accounts can be given very limited permission to the GP domain.  This will help with security configurations.
0
 

Author Comment

by:InSearchOf
Comment Utility
Well, what would a trust relationship accomplish?

What would be the difference between Terminal Services and Citrix?
0
 
LVL 6

Expert Comment

by:awaggoner
Comment Utility
A trust relationship would tie the two domains together.

Terminal services is built into Windows servers.  It just needs terminal services CALs for the server you want to be a terminal server.  Of course, you would want your terminal server be used for this role only.

Citrix XenApp is a third party solution that's sits on top of MS terminal services.  XenApp uses a more efficient protocol than RDP and has better features for printing and publishing apps, as well as management.
0
 
LVL 2

Expert Comment

by:robdl
Comment Utility
I would recommend  RD Web Access (Server2008R2) to publish apps. All you would need then is to purchase TS Cals and not all the Citrix stuff.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 6

Expert Comment

by:awaggoner
Comment Utility
A Microsoft only deployment can work well.  It will depend on your companies needs.  'All that Citrix stuff' may not be needed for this environment, but it does provide quite a few features which could help enhance the end user experience.  It shouldn't be dismissed out of hand.
0
 
LVL 2

Expert Comment

by:robdl
Comment Utility
Cost becomes a factor with Citrix licensing + Microsoft licensing. In a Microsoft only deployment, only RD User or Device CAL's need to be purchased.
0
 
LVL 6

Assisted Solution

by:awaggoner
awaggoner earned 250 total points
Comment Utility
Yes, the Citrix option is more expensive.  However, the additional cost may be worth it.  I did not say it was the best solution for this case, but it does deserve consideration.

The straight MS solution may be the correct solution in this case.

In my network we are using Great Plains and Citrix published apps, and have for a decade.  It has worked very well for us across our WAN and for our LAN users.  Each time our Citrix licenses come up for renewal we re-evaluate the need to keep using Citrix and continue to see the value.

The above is my opinion based on experience and research.  This solution is not the only method, and other options could be used.  We will be evaluating VDI soon to see if it can replace XenApp.
0
 
LVL 2

Expert Comment

by:robdl
Comment Utility
VMWare Horizon, which is a brand new SaaS solution (includes a solution for mobile devices) may be worth taking a look at also.
0
 

Author Comment

by:InSearchOf
Comment Utility
Thanks for the info guys. What is the difference between Terminal Services and RD Web Access? The remote location is running a mix of XP and Win 7.
0
 
LVL 2

Accepted Solution

by:
robdl earned 250 total points
Comment Utility
Terminal services is now called RD Web Access (Remote Desktop Web Access). The legacy Terminal Services of just using RDP to connect to a server desktop is still an option but published apps is definitely less process intensive and lowers bandwidth. Here's a really good link that should explain it.

http://technet.microsoft.com/en-us/library/cc731923.aspx
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now