• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 238
  • Last Modified:

Remote Windows Server Access

Right now we use VPN access to our desktops, which gives us full network access. We have switched everyone to Win7 laptops so that they may take them home. What is the best way to setup full access to our network (according to their Active Directory permissions)? We have three Windows 2008 servers and two 2003 servers. The 2003 servers will be removed shortly. We are not yet virtualized. Thanks, Greg
0
grgar
Asked:
grgar
  • 3
  • 2
3 Solutions
 
kirankkhblCommented:
For windows server 2008 you can configure PPTP VPN, they can login using active directory credential (not recommended because low security and old technology)

http://blogs.technet.com/b/rrasblog/archive/2009/03/25/remote-access-deployment-part-2-configuring-rras-as-a-vpn-server.aspx

If you can afford for windows server 2008 R2 or 2012, go for Direct access
http://technet.microsoft.com/en-us/magazine/hh922970.aspx
0
 
grgarAuthor Commented:
Thank you for the excellent articles which explain the solutions. Unfortunately, we need high security so option 1 is out. The second one is great and we do have a 2008 R2 server available, but the two public IP addresses  may be a problem. Your second recommendation deserves half credit, at least, if I find another solution that will work for us; otherwise, it is a great solution and very detailed article and so good to know of. I am going to leave this question open for right now to see if there are any other solutions. Thank you!
0
 
Lionel MMSmall Business IT ConsultantCommented:
Is there a reason you no longer want to use VPN? With Windows 7 you have more option of different types of VPN and different security levels. http://technet.microsoft.com/en-us/security/ff730324. Or do you want options other than VPN?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
grgarAuthor Commented:
Thanks for another great article. I will have to read through and go over this with my work colleague. We have been using RSA VPN tokens that route us through our downtown office --  but we had been recently considering switching to LogMeIn, as the RSAs are expiring, and by passing the VPN server downtown.

But, that still left us with the situation of not having a desktop to login to, if we take our laptops home with us. I like the sounds of the Direct Access method, and I need to look further as to how this or the other methods provide a user profile to login to and allow them a view of the network as if they were at their desktop or whether the setup recognizes their work laptop remotely and all the mapped drive settings work as if they were directly connected to network. Thanks, Greg
0
 
Lionel MMSmall Business IT ConsultantCommented:
Yes logmein won't work if there is no system to log into. Plus logmen in subscriptions can get expensive and an ongoing monthly cost. Don't get me wrong--it s great product but I don't see it as a solution for the situation you described. If you want users to have network resources, to go through the domain login process then solutions like VPN's and direct access are the way to go.
0
 
grgarAuthor Commented:
Thanks all. We have decided to keep our VPN tokens and go through our VPN server at headquarters and setup a server with Direct Access for our local network access. Our RSA VPN tokens are only $107 per user for 3 years. Logmein didn't provide the same screen resolution.Thanks again for your input!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now