Virtualizing a customers remote employees ...

[thecomputerguy]

I have a client who is about to get a new server and him and his wife work at home. In the past when he gets a new employee he buys two new computers ... one for his office, and one for the new employee, 2 total and then install gotomypc on the local terminal.

I told him that with the new server we could consolidate all of these dummy computers into the server.

Based on my research my options are:

Install VMware workstation on the server and virtualize all of the existing workstations into the server.

Setup remote desktop services on the server and have the employees start over with their profiles but transfer all their information into their new RDS profile in the server (employees hate when their icons move and their background changes though ).

Vsphere (not clear about this one).

Any ideas which is the best route to take? The server should be able to handle quite a bit .. it will have a newer xeon 6core processor and 16-32gb ram.

 

[YeOldeStonecat]

Well, I think, depending on what application(s) they need to run at his office, that Remote Desktop Services is the approach you want.

I don't see a need for VMWare or any hypervisor though...just straight up remote desktop services role on a server. Unless you want to take your physical server and host other servers for other clients on it (gives YOU flexibility if you're hosting this).

VSphere is for managing multiple vmware physical hosts....probably not needed by you.

ESX is what you want for a single server
Or Microsofts Hyper-V....
...but again, I don't see a need to put it on a hypervisor if it's just 1x terminal server at a client.

 

[thecomputerguy]

Well, I think, depending on what application(s) they need to run at his office, that Remote Desktop Services is the approach you want.

I don't see a need for VMWare or any hypervisor though...just straight up remote desktop services role on a server. Unless you want to take your physical server and host other servers for other clients on it (gives YOU flexibility if you're hosting this).

VSphere is for managing multiple vmware physical hosts....probably not needed by you.

ESX is what you want for a single server
Or Microsofts Hyper-V....
...but again, I don't see a need to put it on a hypervisor if it's just 1x terminal server at a client.

Is it ok to enable the RDS role on a server hosting AD? Im talking about maybe 5 people connecting remotely.

Does RDS allow the users to fully customize their experience, background ... icons ... etc?

If I install office on the server can all the users use that one installation of office, but configure all of the outlooks differently?

They really only use MSword, excel, and outlook.

 

[angry_geek]

It's not recommended to install RDS on a DC; you'll see warnings all over the place. With that being said, I've done it a few times in small environments such as the one you describe. What I normally do is install Hyper-V and set up a VM just for the RDS role. This will help maintain the security of the DC. It's also not really necessary; I'm just paranoid. There are also some considerations to remember when choosing which Windows Server version you buy. I'm not up to snuff on SBS Version licensing and capability. Stonecat may know more than I regarding this, but some versions of SBS have limited RDS ability. Also, remember to change your default listening port. 3389 is under constant attack these days. As for Office, you have to buy a license for terminal server (rds) enablement. You may want to check into Office 365. As for user customization, this is all dependent on what you allow with your GPO's.

 

[nlinecomputers]

WHY do they need this kind of Remote Access? In my experience on the few clients I've come across doing this it has been totally unneeded.

 

[YeOldeStonecat]

Is it ok to enable the RDS role on a server hosting AD? Im talking about maybe 5 people connecting remotely.

Does RDS allow the users to fully customize their experience, background ... icons ... etc?

If I install office on the server can all the users use that one installation of office, but configure all of the outlooks differently?

They really only use MSword, excel, and outlook.

Technically...you can, but it's frowned upon. You're letting desktop users do stuff on a domain controller. Possibly doing stuff like surfing the web, opening e-mail that may have viruses. just think of the ramifications!

You can install the desktop experience feature...to allow users to play with their desktop. But don't forget, based on RDP client settings..that desktop may be blanked out! Kills performance for other remote technology products too.

 

[YeOldeStonecat]

I'm not up to snuff on SBS Version licensing and capability. Stonecat may know more than I regarding this, but some versions of SBS have limited RDS ability.

He mentioned end users need Outlook. You don't want to install Outlook on a server that has Exchange. Nope...that mapi file will tank Exchange.

 

[thecomputerguy]

WHY do they need this kind of Remote Access? In my experience on the few clients I've come across doing this it has been totally unneeded.

Ok so how exactly should I accomplish this? Selling him two workstations per employee, and having 5 dummy workstations that are just used to login to at his home office seems so clunky and so expensive because we are getting to the point where these workstations are going to need to be replaced.

Do I sell him a new server because he needs it and just tell him that he needs to continue buying two computers per new employee (1 for his home office and one for the employees taking?) then continue adding a license of gotomypc for every new employee?

Its sounding like RDS is not going to work TBH because each user needs their own desktop experience. For 7 Users I dont want to have to sell him two servers ... one a file server/AD server, and one an RDS Server.

There has got to be a better way than having 5 dummy computers at his house with gotomypc installed being used just as login points.

Im probably going to be using Server 2008 R2 for the OS.

 

[thecomputerguy]

I gave VMware a call and their solution to this is to either use VMWare Workstation 9 which would support what I am trying to do (Create VM's for all users) or Go with VMWare View which would require me to 1.) Virtualize the server OS and 2.) Virtualize all of the Client VM's and access all of them through VSphere. VMView is bare metal virtualization.

 

[nlinecomputers]

Ok so how exactly should I accomplish this? Selling him two workstations per employee, and having 5 dummy workstations that are just used to login to at his home office seems so clunky and so expensive because we are getting to the point where these workstations are going to need to be replaced.

Do I sell him a new server because he needs it and just tell him that he needs to continue buying two computers per new employee (1 for his home office and one for the employees taking?) then continue adding a license of gotomypc for every new employee?

Its sounding like RDS is not going to work TBH because each user needs their own desktop experience. For 7 Users I dont want to have to sell him two servers ... one a file server/AD server, and one an RDS Server.

There has got to be a better way than having 5 dummy computers at his house with gotomypc installed being used just as login points.

Im probably going to be using Server 2008 R2 for the OS.

Why the hell does it need to two workstatations at all? What application is he running that can't be done via VPN over the internet?

 

[thecomputerguy]

Why the hell does it need to two workstatations at all? What application is he running that can't be done via VPN over the internet?

In my experience VPN's have been pretty crappy ... especially when the internet is running at 3down/1up maximum ... not upgradable.

 

[YeOldeStonecat]

VPN ....depends on a lot of things.
*Speed of the upload of the host. In some areas where faster cable packages are abundant, this works great. I have some clients on 50/10 connections...VPN tunnels at 10 megs...heck we had LANs of 10 megs common just 10 years ago. Yet some other areas may be stuck with slower cable of less than 1 meg up, or even slower DSL.
*What application(s) are going to be run through this VPN tunnel. Some apps are more tolerant of a skinny connection than others. And some aren't. Quickbooks 2000 or so would run tolerably through a tunnel, yet the newer .NET frame based versions are too bloated and you can end up with frequently corrupted company files.

OP...,..since you're talking such a few amount of remote users...I agree the costs of such a project may seem imposing. You may want to consider a hosted terminal server setup at some data center/web host that offers hosted servers. Such as RackSpaceCloud. Setup a virtual hosted office! Resell for some steady monthly revenue for yourself.

 

[nlinecomputers]

In my experience VPN's have been pretty crappy ... especially when the internet is running at 3down/1up maximum ... not upgradable.

It entirely depends on the application. My point is I've had two or three clients that were using remote access mostly just to run Word on the "office" desktop. Seriously. They didn't know that you could make a connection and treat the home connection just like it was a PC in the office and share docs.

Not everything works well this way. Quickbooks for example sucks over a VPN. Most any DB based LOB application will not work well.

I never take the end users word on WHY they have setup something they way they have as gospel. That is my point.

 

[thecomputerguy]

It entirely depends on the application. My point is I've had two or three clients that were using remote access mostly just to run Word on the "office" desktop. Seriously. They didn't know that you could make a connection and treat the home connection just like it was a PC in the office and share docs.

Not everything works well this way. Quickbooks for example sucks over a VPN. Most any DB based LOB application will not work well.

I never take the end users word on WHY they have setup something they way they have as gospel. That is my point.

Were talking about word docs, excel, pdf's, some access databses, and some pictures.

 

[nlinecomputers]

Like I suspected. Access is the only item there that might be an issue. Terminal Services is unneeded. I simple file server and vpn connections and your good to go I'd bet. You'd need to test the connection and that access app.

 

[thecomputerguy]

Like I suspected. Access is the only item there that might be an issue. Terminal Services is unneeded. I simple file server and vpn connections and your good to go I'd bet. You'd need to test the connection and that access app.

So just setup the VPN in the router and use the VPN login built into windows? That's what i've done in the past and the connection was just awful even with decent internet... like opening word documents was painfully slow.

Not to mention ... they are still using PST files and before I could convert them to exchange i'd have to hand deliver all of the PST files.

 

[nlinecomputers]

No you use an ipcop router and openVPN.

If not for the Access DBs I would just setup a hosted exchange account for them and get them on dropbox for file exchange. If they really need more collaborative functions then that a hosted exchange/sharepoint system might be the solution. Or Keiro. Or Zimbra if you like linux based options.

And this will need some testing of course. A Terminal Server may been what is needed here. Bandwidth is an issue. And Access isn't keen on being run on VPN connections.

 

[YeOldeStonecat]

some access databses,

May want to do some testing and digging about regarding the access database....depending on how the split tables are done..they can get wonky on skinny sporadic connections.

For VPN, I Like SSL. Just browser based...no fat VPN clients to wrestle with and troubleshoot.