Best Practices for deploying Windows 2000 in Remote Sites

G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Hi,

I've a situation whereby the main office houses all the critical Servers for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server and File and Print Services.

We have opened a new remote site(20 users) which is connected by VPN(via internet) to this main office. The Remote site currently has only desktops (domain mode) and are authenticated by the DC's in the main office via the VPN link ( email access is also done remotely via VPN). There are no administrators in the remote site.

We wish to provide file and print services to this remote site by installing a File & Print Server at that site (to provide better access to resources) but would like to reduce the overhead of installing DC's, DNS, Server maintenance and at the same time would like to provide reasonable performance to these remote users.

What would be the best and most economical way to accomplish this ? Having a dedicated link between the sites is too expensive and business cannot afford.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

I would personally install DC, DNS, DHCP, WINS and Terminal Services in
Admin mode on the server in remote location. Since you are adding a server
anyway, it implies that infrastructure is already in place. And modern
servers can handle extra load without problems.

Anyway, I suggest you read deployment guide inWin2k resource kit.

Planning, testing, documenting, managing, maintaining are necesary steps in
any project like this. Even if it looks small at the beginning and not worth
the effort. But you will win in the long run.

I'd personally write a policy:
1. Site policy. Any site with more than n-number of employees should have a
DC etc
2. Hardware policy. Each server having DC role should have mirrored system
disk etc.
3. Antivirus policy
4. Backup (disaster recovery) policy
5. User policy
6. Support routes
7. Exchange, e-mail policy
8. Communications policy (x Mbps per n employees) etc

And so on.

When you have all on paper (or spreadsheet), everything will fit in nicely
(hopefully).
Since you are doing this job professionally, I'd suggest you go for MCSE
certificate. You may start by looking for a training kit that addresses
design of Windows network infrastructure.

Dusko Savatovic

"silvy" <silvy@discussions.microsoft.com> wrote in message
news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> Hi,
>
> I've a situation whereby the main office houses all the critical Servers
for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server
and File and Print Services.
>
> We have opened a new remote site(20 users) which is connected by VPN(via
internet) to this main office. The Remote site currently has only desktops
(domain mode) and are authenticated by the DC's in the main office via the
VPN link ( email access is also done remotely via VPN). There are no
administrators in the remote site.
>
> We wish to provide file and print services to this remote site by
installing a File & Print Server at that site (to provide better access to
resources) but would like to reduce the overhead of installing DC's, DNS,
Server maintenance and at the same time would like to provide reasonable
performance to these remote users.
>
> What would be the best and most economical way to accomplish this ? Having
a dedicated link between the sites is too expensive and business cannot
afford.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Hi Dusko,

Many thanks for your feedback. Definitely installing all the necessary server roles would improve performance at remote site. However I think this approach will involve additional hardware, replication/maintenance issues, thorough planning and costs as you highlighted.

We have a simpler network with most remote sites/offices on the same subnet/network and one Windows 2000 Domain in the organistation. Our remote sites have firewall(hardware and software), DHCP in place and all connected via VPN. There is not much complex settings in routing as well.

Currently remote users in this site login remotely via VPN and also access email( Exchange 2000) remotely and performance seems acceptable. They are also using a Fileserver running in workgroup mode.

My current concerns are

a) If I install a File/Print Windows 2000 member Server in the remote site ( in domain mode) which will be on the same subnet as the user segment(remote site) and users in the remote site periodically access the File/Print Server, will there be a drop in performance as the DC/DNS/WINS servers are all in the main office. i.e. even though the workstations and file server will be on the same subnet ( and local), does every request from user workstation for access to file/folder on the fileserver have to travel all over the VPN or will it be just once during authentication(login) for that active session ?

If there is not much network traffic across the VPN with this setup then I think it will solve our short term goals at a reasonable cost. Server Management will be easier if we have to maintain just that server.

On a long term basis, we'll need to look at all possible options like as you specified.

What do you think ?

Silvy




"Dusko Savatovic" wrote:

> I would personally install DC, DNS, DHCP, WINS and Terminal Services in
> Admin mode on the server in remote location. Since you are adding a server
> anyway, it implies that infrastructure is already in place. And modern
> servers can handle extra load without problems.
>
> Anyway, I suggest you read deployment guide inWin2k resource kit.
>
> Planning, testing, documenting, managing, maintaining are necesary steps in
> any project like this. Even if it looks small at the beginning and not worth
> the effort. But you will win in the long run.
>
> I'd personally write a policy:
> 1. Site policy. Any site with more than n-number of employees should have a
> DC etc
> 2. Hardware policy. Each server having DC role should have mirrored system
> disk etc.
> 3. Antivirus policy
> 4. Backup (disaster recovery) policy
> 5. User policy
> 6. Support routes
> 7. Exchange, e-mail policy
> 8. Communications policy (x Mbps per n employees) etc
>
> And so on.
>
> When you have all on paper (or spreadsheet), everything will fit in nicely
> (hopefully).
> Since you are doing this job professionally, I'd suggest you go for MCSE
> certificate. You may start by looking for a training kit that addresses
> design of Windows network infrastructure.
>
> Dusko Savatovic
>
> "silvy" <silvy@discussions.microsoft.com> wrote in message
> news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> > Hi,
> >
> > I've a situation whereby the main office houses all the critical Servers
> for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server
> and File and Print Services.
> >
> > We have opened a new remote site(20 users) which is connected by VPN(via
> internet) to this main office. The Remote site currently has only desktops
> (domain mode) and are authenticated by the DC's in the main office via the
> VPN link ( email access is also done remotely via VPN). There are no
> administrators in the remote site.
> >
> > We wish to provide file and print services to this remote site by
> installing a File & Print Server at that site (to provide better access to
> resources) but would like to reduce the overhead of installing DC's, DNS,
> Server maintenance and at the same time would like to provide reasonable
> performance to these remote users.
> >
> > What would be the best and most economical way to accomplish this ? Having
> a dedicated link between the sites is too expensive and business cannot
> afford.
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Hi Silvy,

I won't push you to go for AD if you're feeling unconfomfortable with it.

If you decide to use member server only, I would strongly recommend that you
control access to resources on file server by using A-G-L-P scheme.
This means that, based on user needs, you create local groups on member
server and domain global groups on DC. Put user accounts (A) to domain
global groups (G). Put domain global groups (G) to member server's Local
group (L). Assign permissions (P) to local groups (L), not directly to
global groups or individual user (A) (unless, of course, you are controlling
access to personal files).
With this scenario you get minimum authorization traffic, because access is
authorized localy on member server.

Hint. Note that I'm using word authorization. Authentication traffic will
still go over the network.

I would still encourage you to obtain some training literature for Win2k/2k3
networking and AD and give it some light browsing (no need for hard study),
just to see some best practices.

I would also recommend upgrading to WS2k3. AD is better and DNS is
definitely better.
BTW, keep an eye on DNS's at all times. This is most important service if
you use AD. Keep it running smoothly, and your entire network will run
smoothly.

Good luck,
Dusko Savatovic



"silvy" <silvy@discussions.microsoft.com> wrote in message
news:3F703772-89E6-47E9-9F6C-03DA2EAA1BDC@microsoft.com...
> Hi Dusko,
>
> Many thanks for your feedback. Definitely installing all the necessary
server roles would improve performance at remote site. However I think this
approach will involve additional hardware, replication/maintenance issues,
thorough planning and costs as you highlighted.
>
> We have a simpler network with most remote sites/offices on the same
subnet/network and one Windows 2000 Domain in the organistation. Our remote
sites have firewall(hardware and software), DHCP in place and all connected
via VPN. There is not much complex settings in routing as well.
>
> Currently remote users in this site login remotely via VPN and also access
email( Exchange 2000) remotely and performance seems acceptable. They are
also using a Fileserver running in workgroup mode.
>
> My current concerns are
>
> a) If I install a File/Print Windows 2000 member Server in the remote site
( in domain mode) which will be on the same subnet as the user
segment(remote site) and users in the remote site periodically access the
File/Print Server, will there be a drop in performance as the DC/DNS/WINS
servers are all in the main office. i.e. even though the workstations and
file server will be on the same subnet ( and local), does every request from
user workstation for access to file/folder on the fileserver have to travel
all over the VPN or will it be just once during authentication(login) for
that active session ?
>
> If there is not much network traffic across the VPN with this setup then I
think it will solve our short term goals at a reasonable cost. Server
Management will be easier if we have to maintain just that server.
>
> On a long term basis, we'll need to look at all possible options like as
you specified.
>
> What do you think ?
>
> Silvy
>
>
>
>
> "Dusko Savatovic" wrote:
>
> > I would personally install DC, DNS, DHCP, WINS and Terminal Services in
> > Admin mode on the server in remote location. Since you are adding a
server
> > anyway, it implies that infrastructure is already in place. And modern
> > servers can handle extra load without problems.
> >
> > Anyway, I suggest you read deployment guide inWin2k resource kit.
> >
> > Planning, testing, documenting, managing, maintaining are necesary steps
in
> > any project like this. Even if it looks small at the beginning and not
worth
> > the effort. But you will win in the long run.
> >
> > I'd personally write a policy:
> > 1. Site policy. Any site with more than n-number of employees should
have a
> > DC etc
> > 2. Hardware policy. Each server having DC role should have mirrored
system
> > disk etc.
> > 3. Antivirus policy
> > 4. Backup (disaster recovery) policy
> > 5. User policy
> > 6. Support routes
> > 7. Exchange, e-mail policy
> > 8. Communications policy (x Mbps per n employees) etc
> >
> > And so on.
> >
> > When you have all on paper (or spreadsheet), everything will fit in
nicely
> > (hopefully).
> > Since you are doing this job professionally, I'd suggest you go for MCSE
> > certificate. You may start by looking for a training kit that addresses
> > design of Windows network infrastructure.
> >
> > Dusko Savatovic
> >
> > "silvy" <silvy@discussions.microsoft.com> wrote in message
> > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> > > Hi,
> > >
> > > I've a situation whereby the main office houses all the critical
Servers
> > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
Server
> > and File and Print Services.
> > >
> > > We have opened a new remote site(20 users) which is connected by
VPN(via
> > internet) to this main office. The Remote site currently has only
desktops
> > (domain mode) and are authenticated by the DC's in the main office via
the
> > VPN link ( email access is also done remotely via VPN). There are no
> > administrators in the remote site.
> > >
> > > We wish to provide file and print services to this remote site by
> > installing a File & Print Server at that site (to provide better access
to
> > resources) but would like to reduce the overhead of installing DC's,
DNS,
> > Server maintenance and at the same time would like to provide reasonable
> > performance to these remote users.
> > >
> > > What would be the best and most economical way to accomplish this ?
Having
> > a dedicated link between the sites is too expensive and business cannot
> > afford.
> >
> >
> >
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Just one thing to add to that. If you place a DC in a remote office, you
have to be sure of its security. If someone nicks a DC, you have a problem
and it's time to reset all passwords in the domain, at the very least.

Oli



"Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
>I would personally install DC, DNS, DHCP, WINS and Terminal Services in
> Admin mode on the server in remote location. Since you are adding a server
> anyway, it implies that infrastructure is already in place. And modern
> servers can handle extra load without problems.
>
> Anyway, I suggest you read deployment guide inWin2k resource kit.
>
> Planning, testing, documenting, managing, maintaining are necesary steps
> in
> any project like this. Even if it looks small at the beginning and not
> worth
> the effort. But you will win in the long run.
>
> I'd personally write a policy:
> 1. Site policy. Any site with more than n-number of employees should have
> a
> DC etc
> 2. Hardware policy. Each server having DC role should have mirrored system
> disk etc.
> 3. Antivirus policy
> 4. Backup (disaster recovery) policy
> 5. User policy
> 6. Support routes
> 7. Exchange, e-mail policy
> 8. Communications policy (x Mbps per n employees) etc
>
> And so on.
>
> When you have all on paper (or spreadsheet), everything will fit in nicely
> (hopefully).
> Since you are doing this job professionally, I'd suggest you go for MCSE
> certificate. You may start by looking for a training kit that addresses
> design of Windows network infrastructure.
>
> Dusko Savatovic
>
> "silvy" <silvy@discussions.microsoft.com> wrote in message
> news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
>> Hi,
>>
>> I've a situation whereby the main office houses all the critical Servers
> for the company which includes Windows 2000 DC's, DNS, Exchange 2000
> Server
> and File and Print Services.
>>
>> We have opened a new remote site(20 users) which is connected by VPN(via
> internet) to this main office. The Remote site currently has only desktops
> (domain mode) and are authenticated by the DC's in the main office via the
> VPN link ( email access is also done remotely via VPN). There are no
> administrators in the remote site.
>>
>> We wish to provide file and print services to this remote site by
> installing a File & Print Server at that site (to provide better access to
> resources) but would like to reduce the overhead of installing DC's, DNS,
> Server maintenance and at the same time would like to provide reasonable
> performance to these remote users.
>>
>> What would be the best and most economical way to accomplish this ?
>> Having
> a dedicated link between the sites is too expensive and business cannot
> afford.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Agreed. I was sweating reading this thread up until now :)

Maintaining good physical security of your DCs should be a very high priority.

-Erik

"Oli Restorick [MVP]" wrote:

> Just one thing to add to that. If you place a DC in a remote office, you
> have to be sure of its security. If someone nicks a DC, you have a problem
> and it's time to reset all passwords in the domain, at the very least.
>
> Oli
>
>
>
> "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
> news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
> >I would personally install DC, DNS, DHCP, WINS and Terminal Services in
> > Admin mode on the server in remote location. Since you are adding a server
> > anyway, it implies that infrastructure is already in place. And modern
> > servers can handle extra load without problems.
> >
> > Anyway, I suggest you read deployment guide inWin2k resource kit.
> >
> > Planning, testing, documenting, managing, maintaining are necesary steps
> > in
> > any project like this. Even if it looks small at the beginning and not
> > worth
> > the effort. But you will win in the long run.
> >
> > I'd personally write a policy:
> > 1. Site policy. Any site with more than n-number of employees should have
> > a
> > DC etc
> > 2. Hardware policy. Each server having DC role should have mirrored system
> > disk etc.
> > 3. Antivirus policy
> > 4. Backup (disaster recovery) policy
> > 5. User policy
> > 6. Support routes
> > 7. Exchange, e-mail policy
> > 8. Communications policy (x Mbps per n employees) etc
> >
> > And so on.
> >
> > When you have all on paper (or spreadsheet), everything will fit in nicely
> > (hopefully).
> > Since you are doing this job professionally, I'd suggest you go for MCSE
> > certificate. You may start by looking for a training kit that addresses
> > design of Windows network infrastructure.
> >
> > Dusko Savatovic
> >
> > "silvy" <silvy@discussions.microsoft.com> wrote in message
> > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> >> Hi,
> >>
> >> I've a situation whereby the main office houses all the critical Servers
> > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
> > Server
> > and File and Print Services.
> >>
> >> We have opened a new remote site(20 users) which is connected by VPN(via
> > internet) to this main office. The Remote site currently has only desktops
> > (domain mode) and are authenticated by the DC's in the main office via the
> > VPN link ( email access is also done remotely via VPN). There are no
> > administrators in the remote site.
> >>
> >> We wish to provide file and print services to this remote site by
> > installing a File & Print Server at that site (to provide better access to
> > resources) but would like to reduce the overhead of installing DC's, DNS,
> > Server maintenance and at the same time would like to provide reasonable
> > performance to these remote users.
> >>
> >> What would be the best and most economical way to accomplish this ?
> >> Having
> > a dedicated link between the sites is too expensive and business cannot
> > afford.
> >
> >
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Thanks everyone.

Security is definitely a problem in small sites like ours. Hence was worried on the network performance if DC"s and other critical servers are housed in main/head office.

In the meanwhile, I'll review the suggestions/documentations as suggested by Dusko. If you guys are aware of any registry settings changes( knowledgebase/technet articles) on the Win2k workstation/member server which can improve network performance over the VPN ( quick fix if we have performance realted issues) kindly let me know.

Thank you,

Silvester

"Erik Szewczyk" wrote:

> Agreed. I was sweating reading this thread up until now :)
>
> Maintaining good physical security of your DCs should be a very high priority.
>
> -Erik
>
> "Oli Restorick [MVP]" wrote:
>
> > Just one thing to add to that. If you place a DC in a remote office, you
> > have to be sure of its security. If someone nicks a DC, you have a problem
> > and it's time to reset all passwords in the domain, at the very least.
> >
> > Oli
> >
> >
> >
> > "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
> > news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
> > >I would personally install DC, DNS, DHCP, WINS and Terminal Services in
> > > Admin mode on the server in remote location. Since you are adding a server
> > > anyway, it implies that infrastructure is already in place. And modern
> > > servers can handle extra load without problems.
> > >
> > > Anyway, I suggest you read deployment guide inWin2k resource kit.
> > >
> > > Planning, testing, documenting, managing, maintaining are necesary steps
> > > in
> > > any project like this. Even if it looks small at the beginning and not
> > > worth
> > > the effort. But you will win in the long run.
> > >
> > > I'd personally write a policy:
> > > 1. Site policy. Any site with more than n-number of employees should have
> > > a
> > > DC etc
> > > 2. Hardware policy. Each server having DC role should have mirrored system
> > > disk etc.
> > > 3. Antivirus policy
> > > 4. Backup (disaster recovery) policy
> > > 5. User policy
> > > 6. Support routes
> > > 7. Exchange, e-mail policy
> > > 8. Communications policy (x Mbps per n employees) etc
> > >
> > > And so on.
> > >
> > > When you have all on paper (or spreadsheet), everything will fit in nicely
> > > (hopefully).
> > > Since you are doing this job professionally, I'd suggest you go for MCSE
> > > certificate. You may start by looking for a training kit that addresses
> > > design of Windows network infrastructure.
> > >
> > > Dusko Savatovic
> > >
> > > "silvy" <silvy@discussions.microsoft.com> wrote in message
> > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> > >> Hi,
> > >>
> > >> I've a situation whereby the main office houses all the critical Servers
> > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
> > > Server
> > > and File and Print Services.
> > >>
> > >> We have opened a new remote site(20 users) which is connected by VPN(via
> > > internet) to this main office. The Remote site currently has only desktops
> > > (domain mode) and are authenticated by the DC's in the main office via the
> > > VPN link ( email access is also done remotely via VPN). There are no
> > > administrators in the remote site.
> > >>
> > >> We wish to provide file and print services to this remote site by
> > > installing a File & Print Server at that site (to provide better access to
> > > resources) but would like to reduce the overhead of installing DC's, DNS,
> > > Server maintenance and at the same time would like to provide reasonable
> > > performance to these remote users.
> > >>
> > >> What would be the best and most economical way to accomplish this ?
> > >> Having
> > > a dedicated link between the sites is too expensive and business cannot
> > > afford.
> > >
> > >
> >
> >
> >
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Yes,
other guys are right. Physical security is number 1 requirement in all
scenarios.
Imagine this.
Your server has system disk configured as mirror.
Your server has hot-plug disks to speed up recovery, replacements etc.
A Black Hat (probably an inside employee) comes to remote office on friday
afternoon and steals one hard disk (half of a mirror).
Since remote office is closed during weekend, you don't have anybody to call
until Monday morning.
On monday morning, Black Hat returns to work and replaces stolen disk as if
nothing happens.
The chances are that within several hours, the mirror will be resynchronized
and the theft might end up unnoticed.
In the meantime, Black Hat has taken copy of your system disk which
conntains complete AD database.
He/she can run password cracking program like l0phtcrack LC4.

If you are intersted in security recommendation guides, you can find many on
this web site:
http://nsa2.www.conxion.com/win2k/download.htm

It is also good practice to keep an eye on various security related web
sites and news groups.

Dusko Savatovic


"silvy" <silvy@discussions.microsoft.com> wrote in message
news:9A0902A1-9A23-4976-9EBB-A72AD4ED6F7C@microsoft.com...
> Thanks everyone.
>
> Security is definitely a problem in small sites like ours. Hence was
worried on the network performance if DC"s and other critical servers are
housed in main/head office.
>
> In the meanwhile, I'll review the suggestions/documentations as suggested
by Dusko. If you guys are aware of any registry settings changes(
knowledgebase/technet articles) on the Win2k workstation/member server which
can improve network performance over the VPN ( quick fix if we have
performance realted issues) kindly let me know.
>
> Thank you,
>
> Silvester
>
> "Erik Szewczyk" wrote:
>
> > Agreed. I was sweating reading this thread up until now :)
> >
> > Maintaining good physical security of your DCs should be a very high
priority.
> >
> > -Erik
> >
> > "Oli Restorick [MVP]" wrote:
> >
> > > Just one thing to add to that. If you place a DC in a remote office,
you
> > > have to be sure of its security. If someone nicks a DC, you have a
problem
> > > and it's time to reset all passwords in the domain, at the very least.
> > >
> > > Oli
> > >
> > >
> > >
> > > "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
> > > news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
> > > >I would personally install DC, DNS, DHCP, WINS and Terminal Services
in
> > > > Admin mode on the server in remote location. Since you are adding a
server
> > > > anyway, it implies that infrastructure is already in place. And
modern
> > > > servers can handle extra load without problems.
> > > >
> > > > Anyway, I suggest you read deployment guide inWin2k resource kit.
> > > >
> > > > Planning, testing, documenting, managing, maintaining are necesary
steps
> > > > in
> > > > any project like this. Even if it looks small at the beginning and
not
> > > > worth
> > > > the effort. But you will win in the long run.
> > > >
> > > > I'd personally write a policy:
> > > > 1. Site policy. Any site with more than n-number of employees should
have
> > > > a
> > > > DC etc
> > > > 2. Hardware policy. Each server having DC role should have mirrored
system
> > > > disk etc.
> > > > 3. Antivirus policy
> > > > 4. Backup (disaster recovery) policy
> > > > 5. User policy
> > > > 6. Support routes
> > > > 7. Exchange, e-mail policy
> > > > 8. Communications policy (x Mbps per n employees) etc
> > > >
> > > > And so on.
> > > >
> > > > When you have all on paper (or spreadsheet), everything will fit in
nicely
> > > > (hopefully).
> > > > Since you are doing this job professionally, I'd suggest you go for
MCSE
> > > > certificate. You may start by looking for a training kit that
addresses
> > > > design of Windows network infrastructure.
> > > >
> > > > Dusko Savatovic
> > > >
> > > > "silvy" <silvy@discussions.microsoft.com> wrote in message
> > > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
> > > >> Hi,
> > > >>
> > > >> I've a situation whereby the main office houses all the critical
Servers
> > > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
> > > > Server
> > > > and File and Print Services.
> > > >>
> > > >> We have opened a new remote site(20 users) which is connected by
VPN(via
> > > > internet) to this main office. The Remote site currently has only
desktops
> > > > (domain mode) and are authenticated by the DC's in the main office
via the
> > > > VPN link ( email access is also done remotely via VPN). There are no
> > > > administrators in the remote site.
> > > >>
> > > >> We wish to provide file and print services to this remote site by
> > > > installing a File & Print Server at that site (to provide better
access to
> > > > resources) but would like to reduce the overhead of installing DC's,
DNS,
> > > > Server maintenance and at the same time would like to provide
reasonable
> > > > performance to these remote users.
> > > >>
> > > >> What would be the best and most economical way to accomplish this ?
> > > >> Having
> > > > a dedicated link between the sites is too expensive and business
cannot
> > > > afford.
> > > >
> > > >
> > >
> > >
> > >