RE: Best way to handle SBS 2003 users who are permanently remote
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Fri, 18 Nov 2005 08:14:12 GMT
Hi Mike,
Thanks for using the SBS newsgroup!
For your description, I understand that you want to get best practices that
SBS remote users acces internal resource of the SBS network. If I am off
base, please don't hesitate to let me know.
In SBS 2003 environment, SBS provides several methods to make remote users
conveniently connect to the internal resources. That is: VPN, RWW and RDP.
===================
I. Using RRAS wizard (Server Management console -> Configuration E-mail and
Internet Connection Wizard -> Configure Remote Access), we can easily setup
VPN server and when remote users VPN to the SBS network, they can work as
internal computers and access resources with appropriate access permissions.
Detail information:
How to install and configure a Virtual Private Network server in Windows
Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323441
314076 HOW TO: Configure a Connection to a Virtual Private Network (VPN) in
Windows XP
http://support.microsoft.com/?id=314076
===================
II. Another easier method is that through RWW (Remote Web Workspace) site
to connect to internal computers and access the Companyweb site.
The SBS RWW is a dynamically created web site that provides a single,
simple, and consolidated entry point for remote users to access SBS
features. It empowers external SBS users by providing one place from which
all relevant features of SBS, such as Outlook Web Access, Windows
SharePoint Services, and the remote user desktop, can be accessed from
outside the network firewall. To access RWW, one can access
http://fully_qualified_domain_name/remote remotely, or
http://servername/remote locally.
Connecting through RWW allows users to connect to the server resources
without additional configuration such as VPN or RAS. It also allows VAPs to
connect directly to the internal workstations for troubleshooting purposes.
If SSL is deployed along with RWW, you ensure the communication is secured,
and all data is encrypted and protected over the web.
===================
III. We can also publish terminal services to internet and use RDP client
application to connect to internal computers.
To configure any method to use, it is recommended you take a look at the
following KB article to get detail steps:
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763
===================
IV. To your scenario, you need not configure roaming profile or folder
redirection and the both features need to be used in internal network. You
may choose enable offline files and save some important files or folders in
server side and enable them offline files. Those users can edit those files
and synchronize them with server when they VPN to the SBS network.
A: Roaming user profiles enable users to log on to any computers in a
domain while preserving their user profile settings. In another word, when
enabled roaming profiles, users have same profiles (such as desktop) when
logon any domain computers. In this way, User profiles are stored at an
administrator specified server location. When a user logs on and has been
authenticated within the directory service, the user profile, including
user settings and documents, are copied to the local computer. User profile
changes made on the local computer are then captured. Changes will then be
copied to the user profile stored on the server and be applied the next
time the user logs on.
314478 How to Create and Copy Roaming User Profiles in Windows XP
http://support.microsoft.com/?id=314478
314886 Some Issues to Consider If Windows XP Users Have Roaming Profiles
http://support.microsoft.com/?id=314886
324749 How To Create a Roaming User Profile in Windows Server 2003
http://support.microsoft.com/?id=324749
B: Folder Redirection is a User group policy. This means that a user for
whom you configure folder redirection must have a group policy linked to
some folder structure where their user object is subordinate, such as a
site, domain, or organizational unit.
When we enabled some folders' Folder Redirection, the folders content in
client computer will be saved in one server box. And when we click the
folder on workstations, we will be redirected to server box and open the
files located the server box.
For example, we enabled My Documents Redirection, The My Documents item on
the desktop or Start -> My Documents just is a link to the server shard
folder location and there is not factual content in the folder.
Additionally, if we open My Computer -> Documents and Settings -> domain
user profile folder, we will not see My Documents folder for we enabled My
Documents redirection.
More detail inforamton:
Folder Redirection feature in Windows
http://support.microsoft.com/kb/232692/EN-US/
The option related Users will show the default settings in Server
Management you open it every time.
Server Management Console-> Users->Configure my Documents Redirection, you
will find the item in Client Documents Redirection page.
C: Offline files: You can make network files available offline by storing
shared files on your computer so that they are accessible when you are not
connected to the network. If you do this, you can work with the files the
same way that you work with them when you are connected to the network.
When you reconnect to the network, changes that you made to the files are
updated to the network.
How to use offline files in Windows XP
http://support.microsoft.com/kb/307853/EN-US/
How To Configure Offline Files to Synchronize When a Particular Network
Connection Becomes Active
http://support.microsoft.com/?id=312171
841171 How to configure client-side caching on a Windows Server 2003 server
http://support.microsoft.com/?id=841171
274789 The Folder Redirection Feature Does Not Function
http://support.microsoft.com/?id=274789
===================
Hope above information helps! If you have any unclear about the post
content please feel free to let me know. I am looking forward to your reply!
Have a nice day!
Sincerely,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: mike@home
>Subject: Best way to handle SBS 2003 users who are permanently remote
>Date: Thu, 17 Nov 2005 19:11:20 +1100
>Message-ID: <cpdon1ho6r4vrs3ekol70ec5cgkpc4htir@xxxxxxx>
>X-Newsreader: Forte Agent 1.91/32.564
>MIME-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: 140.125.233.220.exetel.com.au 220.233.125.140
>Lines: 1
>Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:223121
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Hi,
>
>I wonder if anyone can recommend a best practice for the situation
>where a few sbs 2003 users are more-or-less permanently remote? If I
>have understood roaming profiles correctly, these are only used from
>the server during local access. Please tell me if this is incorrect.
>
>My current thoughts are to use local profiles coupled with folder
>redirection. Is there a better way?
>
>In this particular instance these users need intermittent access to
>some shared data on the server and also access via a terminal server
>session to a stock control application running on the server.
>
>Mike
>
.
- Follow-Ups:
- References:
- Prev by Date: Re: Remote Web Workplace (RWW) not listed in web services of CEIW
- Next by Date: RE: Faxing a document to multiple user fax number
- Previous by thread: Best way to handle SBS 2003 users who are permanently remote
- Next by thread: Re: Best way to handle SBS 2003 users who are permanently remote
- Index(es):
Relevant Pages
|
