Hi,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Vicky
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi all!
In our office we have the following constellation. If you work with a laptop via VPN, you have no access to fileshares cause of security reasons.
In the past we had a lot of performance issues when users are connected via VPN, especially when users opened an office application and recent files or templates are stored on a mapped drive or UNC Path, which is not available. After configuring homedrives etc. to sync by "Work Folders" everything becomes much better. Some problems especially with the duration of logontime (searching for loginscript?), open command prompt or open other programs with recent files on a share are still coming up sometimes.
So i want to know, what kind of experience do you have. Are there any best practices or do´s and don´ts for this kind of configuration? Is there a chance to prevent the notebook to search the connected network if it is not the company network - to prevent time outs?
In the past there have been a lot of good changes like the Work Folders. Are there best practices for notebooks not connected to the domain network?
Thanks a lot
Micha
Hi,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Vicky
The problem you mentioned is that when users work from home, they can only contact intra domain through VPN. When an operation needs to contact the domain, it will affect the performance of the corresponding applicaiton.
There are two cases of this impact:
To
When the customer logs on: If the VPN can be turned on after the logon, the user login is to use the locally cached credential without contacting the DC, which usually does not affect the duration of the logon; if the VPN is turned on after the startup before the logon, and the VPN bandwidth Limitations may affect the time for users to load the group policy in the domain during the logon process, resulting in longer logon time. Regarding the second case, there are some GPO settings such as older Redirection, Software Installation, which must be run at startup. See https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj573586(v=ws.11)#asynchronous-and for details -synchronous-processing
When the user needs to access the resources of the domain after logging on: the user needs to send a verification request to the domain controller. If the network bandwidth of the VPN to the DC is not large, the speed of accessing resources will be affected.
If the user can't contact the domain at all, but there is still a problem of slow opening, we need to pick an application to view the performance problem when the app is opened separately. This problem may not be related to AD.
May be you misunderstood my question. The clients are normally connected to the domain network and the controller, when they are in the office. If they are @/c/ , they have no connection to the domain and when they connect via VPN, they have no access to shares (cause of security policy).
The problem is the delay or poor performance when opening programs while beeing "offline".... So i am looking for best practices concerning Folder redirection, Loginscripts etc....
There are any number of circumstances where you may want to have a client computer join to a domain when they have no access to a domain controller.
On example might be if you are creating a new branch office and the servers are not functional yet in that location, but you would like to begin rolling out the clients.
1 – On the Windows Server, open CMD and type :
Windows = your Domain name
CLIENT-10 = PC Client
djoin /provision /domain “Windows” /machine “CLIENT-10” /savefile win10blob.txt
~~ If the djoin /provision command completes successfully, you’ll see your new Clients PC account in the Computers container in AD. ~~ (Please Refer to the Pictures)
reference:https://newhelptech.wordpress.com/2017/07/05/step-by-step-how-to-use-offline-domain-join-djoin-exe-active-directory-in-windows-server-2016/
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Best wishes
Vicky