Ignoring the Citrix question, if I had three day link outages to places like the UK and Australia, I'd be looking for another circuit provider.
Malcolm -----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Monday, 07 July, 2008 12:30 To: NT System Admin Issues Subject: Re: Remote Location AD Question High cost, and doesn't take care of link outages, which we've suffered for as much as 3 days at a time. We have engineering development staff in these offices as well. Kurt On Mon, Jul 7, 2008 at 10:22 AM, David Mazzaccaro <[EMAIL PROTECTED]> wrote: > Citrix > > -----Original Message----- > From: Kurt Buff [mailto:[EMAIL PROTECTED] > Sent: Monday, July 07, 2008 12:28 PM > To: NT System Admin Issues > Subject: Re: Remote Location AD Question > > You must not have any overseas or other high-latency links to your > offices. > > One example will demonstrate what I mean: > > Using Windows Explorer to browse the US file server from either our AU > (40 people) or UK (20 people) offices, there are some directories - > fairly large one, but under 1k files in the directory - that take as > much as 30 minutes to paint the screen. > > Yes, we could mitigate some of that with a Riverbed or other caching > appliance, but those cost money too. We've chosen to mitigate it with > a Win2k TS server - we're hesitant about going to Win2k3 because of > cost for the CALs. I'll probably use our new SonicWal SSL VPN > appliance to mitigate some of this, by exporting shares over a web > interface - that should be much quicker to browse. > > Requiring all browsing to go through the US office would be insane, > and siting a DC/GC in each office is pretty much required, along with > an Exchange and file server. > > Kurt > > > On Mon, Jul 7, 2008 at 8:53 AM, David Mazzaccaro > <[EMAIL PROTECTED]> wrote: >> Everything goes over the wire, including internet access. There are > no >> servers at the remote locations. >> >> As for IP addresses: >> Office1 = 192.168.50.0/24 >> Office2 = 192.168.51.0/24 >> Office3 = 192.168.53.0/24 >> Etc. >> >> >> -----Original Message----- >> From: Joe Heaton [mailto:[EMAIL PROTECTED] >> Sent: Monday, July 07, 2008 11:46 AM >> To: NT System Admin Issues >> Subject: RE: Remote Location AD Question >> >> What do you guys use for IP assignment? We have 3 remote offices, > each >> with less than 15 users, that I'd love to get to a point of not having > a >> DC there. Do you have member server in place for files, etc? Or do > you >> have everything going over the wire to your central site? >> >> >> Joe Heaton >> >> -----Original Message----- >> From: Steven Peck [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 02, 2008 9:32 AM >> To: NT System Admin Issues >> Subject: Re: Remote Location AD Question >> >> You definitely want those workstations joined to the domain. GPO for >> management, Anti-virus updates, patch management, reporting/inventory > of >> the systems, remoting in for troubleshooting etc. Logon traffic for > 50 >> workstations across a t1 is negligible as long as latency is low. >> >> On Wed, Jul 2, 2008 at 9:14 AM, David Mazzaccaro >> <[EMAIL PROTECTED]> wrote: >>> We don't use RDP, but rather ICA (Citrix) and it works great - all >>> their apps are available. >>> As for locking down - we use GPOs rather than locking them down >>> individually. >>> >>> >>> ________________________________ >>> From: N Parr [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, July 02, 2008 9:53 AM >>> To: NT System Admin Issues >>> Subject: RE: Remote Location AD Question >>> >>> Thanks, I guess I won't worry about it for now. It's just a shipping >>> warehouse at the moment and I'll be ok as long as they don't decide > to >> >>> put office staff at the location. >>> ________________________________ >>> From: David Mazzaccaro [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, July 02, 2008 8:37 AM >>> To: NT System Admin Issues >>> Subject: RE: Remote Location AD Question >>> >>> I have a remote location w/ 30 workstations and IP phones, no remote >>> DC, connected over a MPLS VPN T1 circuit. >>> >>> Works great! Less filling! >>> >>> >>> >>> >>> >>> >>> >>> ________________________________ >>> >>> From: N Parr [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, July 02, 2008 9:23 AM >>> To: NT System Admin Issues >>> Subject: Remote Location AD Question >>> >>> >>> >>> How many member workstations would you put at a remote location >>> connected with a Site to Site VPN over a T-1 without a local DC? > Only >> >>> other traffic on the line will be an IP phone, random print jobs and >>> RDP sessions from remote workstations. What I'm thinking is since >>> these remote workstations will run everything over their RDP sessions >>> I shouldn't even bother making them domain members. Just lock them >> down and only allow them access to RDP. >>> >>> Thanks >>> >>> Niles >>> >>> >>> >>> >>> >>> >>> >>> >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ This e-mail, including any attached files, may contain confidential and privileged information for the sole use of the intended recipient. Any review, use, distribution, or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
