Profiles for VPN clients - best practices/advice?

[Guest]

How can I make Active Directory work best with my mobile VPN users?

I have two problems:

1. Users that login to their laptop machine at home with a domain account
(automatically dialing vpn when they login) can't access computers on their
home network, since those computers aren't part of the domain, and aren't
trusted. They need to be able to access files/resources both on their home
network, and on the office network.

2. Home users logging in through vpn will have two profiles, DOMAIN/user and
the local account user. When they come in to the office for meetings, they
need to login with the DOMAIN/user account in order to access printers and
network resources. When they go home, if they aren't connected through VPN,
they need to login locally. Now they will have two profiles, and can't share
data (Outlook PST's, My documents, etc.). Which profile should they use to
store their data in? Is there a way to share data among the domain and local
profiles?

It appears that Active Directory doesn't scale down well for small companies
with mobile users. Is there anything I can do?

 

[Brian Desmond [MVP]]

Adam-

AD works fine with mobile users. As far as the issue with clients accessing
local and remote resources, this is a common problem - something you may not
be able to work around. It isn't AD specific.

Your users should use domain credentials regardless of whether or not they
are connected to the LAN or via VPN. Once they have logged on once with
their domain credentials, NT/2000/XP will cache them and make them available
regardless of being connected.

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com