Re: Remote Users - How do you handle them?
- From: "Ace Fekay [Microsoft Certified Trainer]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 3 May 2009 19:53:42 -0400
"Mike" <Mike@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:ACF14D0C-48B3-4914-BDD6-F794FC099A33@xxxxxxxxxxxxxxxx
Hi folks,
We are a small non-profit agency, but even with the tough economic times, we
are growing. We now have four remote offices. Currently, the computers in
these offices are not part of the corporate domain, and use Terminal Services
via Remote Desktop to connect to the home office and run server based apps
and network shares. This works well, but I keep thinking I could do better.
At three of the remote offices I have Sonicwall TZ-190 firewalls, and a VPN
connection back to the main office. However, all I do with this is remote in
and look at network devices and desktops if they are having trouble. I'm
exploring the VPN client, but haven't used it yet. Ideally, I would like to
make these clients authenticate against our corporate domain and receive
group policy's, easily map network shares and run apps, etc. Is the VPN
client the way to go? Perhaps a server at the remote locations that are DC's
to the main office?
Any suggestions, or comments about how you handle remote offices? I'm
looking for any advice you might have.
Thanks,
Mike
I performed something similar for a customer, but with only one location. They have SBS, with a mixture of joined and non-joined PCs and laptops, as well as a separate server running Terminal Services in App mode. Nothing was working for them correctly. I found numerous problems from the previous IT consulting company had used the ISP's DNS server addresses in all the machines in conjunction with the SBS server's IP. The SBS was set this way as well. The laptop users complained that they can get their 'stuff' (pretty much mostly Office-based files including Outlook for email), using Term server, but when in the office it didn't work whether on the laptop or on their desktops. It was a mess.
I pretty much phased out the Term Server, joined all machines, got a quote for a VL copy of Office and installed it on all machines. Acquired a Cisco ASA5505 for firewall/VPN remote access for laptop users, fixed DNS settings across the board, moved DHCP to the SBS, setup Folder Redirection/Offline Files for all users (laptop and desktops), logon scripts to control mappings, told the laptop users to only use their laptops and forget their desktops, making sure they worked internally and externally, customized 'companyweb' to include other links internally and made it accessible from the outside, ActiveSync for the Windows mobile users, and numerous other things.
As for your remote locations, if you have more than 10 users at any location, I suggest to install a Windows 2003 server and promote it as a domain controller into your current SBS domain. Join all machines. Install DNS, WINS and DHCP on each server to serve that location. Setup WINS as a hub/spoke replication partnership with the central location, setup DNS so that respective server is the first in the list, and home plate as the second in the list. Setup WINS address for each respective location to be their first WINS server and the central as the second. Setup Forwarders on each DNS server to your ISP. Acquire a Cisco ASA5505 (my preference, but there are other brands to choose from), and setup a VPN tunnel between location to the central location as a hub/spoke. The VPN tunnel will connect each location to the central office making it look like it is all one big network.
With the ASAs, setup any laptop users with the Cisco client (or whatever brand name you use) so they can connect into their respective locations to access files, or whatnot. Setup Outlook on the laptops using Outlook Anywhere (also called RPC/HTTPS).
There's more. This is pretty much a synopsis. I'm sure others will have additional suggestions. Keep in mind, SBS has a 75 user limit. If you have or will grow more than that, then you may need to look at migrating/upgrading to non-SBS.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer
aceman@xxxxxxxxxxxxxxxxxxxxxxx
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
"Efficiency is doing things right; effectiveness is doing the right things." - Peter F. Drucker
http://twitter.com/acefekay
.
- Follow-Ups:
- Re: Remote Users - How do you handle them?
- From: Mike
- Re: Remote Users - How do you handle them?
- References:
- Remote Users - How do you handle them?
- From: Mike
- Remote Users - How do you handle them?
- Prev by Date: Re: Remote Users - How do you handle them?
- Next by Date: Re: Remote Users - How do you handle them?
- Previous by thread: Re: Remote Users - How do you handle them?
- Next by thread: Re: Remote Users - How do you handle them?
- Index(es):
Relevant Pages
|
Loading
