Small remote office and VPN

I have a small remote office with 3 XP and VPN connection to our main office, the bandwidth is 1-3M, I want them using our exchange server, should I let them join our domain, or just run as workgroup? Will the VPN be a problem for user logon? or should I put a DC there (I don't have the budget)
Thanks for help
Michael

Hi Michael,

Here are my 2 cents: join the XP computers to the domain and make sure that
cached credentials are used for logons on those computers in case the VPN is
not available when users try to authenticate to the domain (ie: when they
log in).

If the VPN is up and running at all times and your 3 XP boxes are set up
with the primary DNS server as your Active Directory / DNS server than
everything should be fine. And certenly there is no need to place a DC
there, not for 3 workstations.

Hope this helps.

Alex


"Michael" <(E-Mail Removed)> wrote in message
news:12A93679-9FEB-40F9-8E6A-(E-Mail Removed)...
> I have a small remote office with 3 XP and VPN connection to our main
office, the bandwidth is 1-3M, I want them using our exchange server, should
I let them join our domain, or just run as workgroup? Will the VPN be a
problem for user logon? or should I put a DC there (I don't have the
budget)?
> Thanks for help.
> Michael

Hi Michael,

In the group policy that affects those workstations change the following
setting to a value greater than the total number of users that would log on
to the same workstation (for example if 5 people log on to the same
workstation and you want to use cached credentials for all 5 people then set
the setting to 5):

'Computer Configuration -> Windows Settings -> Security Settings -> Number
of previous logons to cache (in case domain controller is not available)'

However I think that cached credentials might be used by default but it
would be safer to explicitely specify it through group policy.

Hope this helps.



"Michael" <(E-Mail Removed)> wrote in message
news:3FB8AE3B-87EE-4F0B-ABF7-(E-Mail Removed)...
> Hi Alex,
> Thanks for your response.
> How to enable cached credentials?
> Thanks,
> Michael

In addition to the VPN/domain advice - for remote users, it's usually best
to set up Outlook with an OST file (for offline use) and have the profile
set to work offline by default - you can set up Outlook to sync
automatically with the Exchange server in the background while offline.

Michael wrote:
> I have a small remote office with 3 XP and VPN connection to our main
> office, the bandwidth is 1-3M, I want them using our exchange server,
> should I let them join our domain, or just run as workgroup? Will the
> VPN be a problem for user logon? or should I put a DC there (I don't
> have the budget)? Thanks for help. Michael

I wouldn't do cached credentials. First the machines have to actually log
into the domain at least once just to get tham,...and then do it again if
you lose them. You'd probably have to physically transport the machines to
where the DC is to do that initially.

There are more than one kind of VPN....what kind is this?

If it is Remote Access VPN where each user makes their own
connection.........
Make the machines Domain Members. At the Crtl-Alt-Del prompt that user must
check the box that says "Log on using this dialup connection" and choose the
VPN Connectiod. It will then activate the VPN first then log the machine
into the Domain. This is as close as you will get to normal behavor with
this.

If it is a Site-to-Site VPN where it is always "up" and the users don't
activate it nor are even aware of it, then the client machines should behave
as normal with out doing anything unusual.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


"Michael" <(E-Mail Removed)> wrote in message
news:3FB8AE3B-87EE-4F0B-ABF7-(E-Mail Removed)...
> Hi Alex,
> Thanks for your response.
> How to enable cached credentials?
> Thanks,
> Michael