0

We are closing one of our offices and I have to move a handful of workstations to our user's homes. Since AD is no longer reachable, I assume I have to dis-join them from the domain first? What will that do to the machine user profile?

Or can I leave it still connected as long as it will never present a problem, not sure.

The AD is Win 2003, DFL is 2003, FFL is 2003. Users are mainly Win7.

xedgex
  • 91
  • 1
  • 1
  • 5
  • Why do you plan to retire AD for this? Seriously - smell a lot more like I am clueless about how to run a Network, please explain me what VPN is".There is no reason to not ahve those machiens in the Domain. Use a VPN "ox" (mikrotik, cheap) or deploy DirectAcces. – TomTom Dec 03 '12 at 13:43

2 Answers2

2

I you have cached credentials turned on they can continue to use them. If you set up a VPN, you can even have them participate on the corporate network.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
0

If you disjoin them from the domain first (which you don't have to, as mentioned by MDMarra), the user profile will not be affected - it doesn't get deleted. Of course, it will be inaccessible to normal users, and the old domain user won't be able to log onto it, so you'd normally copy all the documents and settings out to a local user's profile first.

And while it's possible to let these machines used cached credentials indefinitely, it's not a good idea. Much better to setup a simple VPN and have the users VPN in, which you can do fairly easily on a Windows server with an external IP address. See this Microsoft support KB for how to do so, because, again, this is really the much, much better approach than having them orphaned from the corporate network, whether they're domain-joined or not.

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209