Merger
- 
 @StefUk said: @scottalanmiller 
 let's not start this .. this is not a character assassination on what could have been done better and why company use certain technologies nor other.. you can create an other post on best practices .. ( i m sure we have a few) I was asked why. 
- 
 @StefUk said: i don t understand .. what you mean. 
 VPN's are there to connect offices to the main office where the main apps are hosted via rdp. again it is what it is .. at list they use the same way of connecting offices RDP I understand that "it is what it is", but... why? I'm confused... is the goal here to "maintain the technical debt" in which case there is literally nothing to be done, just leave it all as it is. Or is the goal to "do the best thing going forward?" If the latter, then we must understand the reasoning and logic for the existing system to understand what makes sense to meet their needs in the future. If we ever say "let's not go into this" then the entire point of trying to recommend anything for them is pointless, the decisions are made and this is a farce. We have to examine their past and their needs in order to find out what is a good solution for them. So the question remains: what is the function of the VPN? Why does it exist? Does it have a purpose or is it just technical debt kept around because no one is evaluating needs until now? 
- 
 @StefUk said: VPN's are there to connect offices to the main office where the main apps are hosted via rdp. Would you add a VPN to look at a web site or get email? Why for RDP? I know that lots of companies do this, but I don't know why companies do this. More importantly, we don't know why these two do it. What if you find that the VPN is in the way and causing problems? Wouldn't it be good to remove it now rather than after money is spend due to a false assumption? 
- 
 @aaronstuder said: @scottalanmiller said: You can have unlimited AD on a single LAN. Not that you should, but you can  What is your reason for not? not that I disagree, I just wouldn't be in a huge hurry to get rid of company B's setup. 
- 
 @Dashrender said: What is your reason for not? not that I disagree, I just wouldn't be in a huge hurry to get rid of company B's setup. The purpose of AD is authentication consolidation. If you have multiple AD, clearly some of that purpose is lost. 
- 
 @scottalanmiller said: @StefUk said: i don t understand .. what you mean. 
 VPN's are there to connect offices to the main office where the main apps are hosted via rdp. again it is what it is .. at list they use the same way of connecting offices RDP I understand that "it is what it is", but... why? I'm confused... is the goal here to "maintain the technical debt" in which case there is literally nothing to be done, just leave it all as it is. Or is the goal to "do the best thing going forward?" If the latter, then we must understand the reasoning and logic for the existing system to understand what makes sense to meet their needs in the future. If we ever say "let's not go into this" then the entire point of trying to recommend anything for them is pointless, the decisions are made and this is a farce. We have to examine their past and their needs in order to find out what is a good solution for them. So the question remains: what is the function of the VPN? Why does it exist? Does it have a purpose or is it just technical debt kept around because no one is evaluating needs until now? the site to site VPN is there as a way to connect the branch office to the main office .. how do you suggest they connect to the main office to access the core applications ? cloud - hosted application is not an option . 
- 
 @StefUk said: the site to site VPN is there as a way to connect the branch office to the main office .. how do you suggest they connect to the main office to access the core applications ? cloud - hosted application is not an option . I never suggested another means or cloud in any way (other than email.) What I asked is, or what I meant to ask is... why are the offices connected? VPN is a great way to connect offices, but what we have not heard about is why they are connected. We've seen that they use RDP which you use, in most cases, because you don't want to connect the offices. So you have one piece, RDP, that would exist "because you don't have a VPN" and another, VPN, that exists for the opposite purpose. I'm not suggesting that this is bad, I'm just stating that we have no idea based on the description what the VPN is used for as the only thing we see it used for is its alternative, not its pairing. Like saying that they have to have a truck but they drive a car everywhere. Then when I ask why they have a truck you say "well how else do they drive to the other office?" Well, I was assuming that that is what the car was for. Make sense? 
- 
 We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? 
- 
 I'll restate Scott's comment my own way. Do you have PCs at those branch offices that run applications locally but access resources that are at the main branch? If yes - why? You've already told us that you have RDP - why are you using both? RDP itself can be/is secure and doesn't require VPN for connectivity to the main location. This is the LANless design Scott it talking about. You don't need a secure local network to use RDP, because RDP itself provides it's own security, so why waste the time, energy and money on VPN if you don't need it. 
- 
 There is a lot of info that is needed here and from the description, there just isn't enough information to make a good determination as to need. 
- 
 @Dashrender said: I'll restate Scott's comment my own way. Do you have PCs at those branch offices that run applications locally but access resources that are at the main branch? If yes - why? You've already told us that you have RDP - why are you using both? RDP itself can be/is secure and doesn't require VPN for connectivity to the main location. This is the LANless design Scott it talking about. You don't need a secure local network to use RDP, because RDP itself provides it's own security, so why waste the time, energy and money on VPN if you don't need it. Exactly. There might be great reasons why both exist, but if there are that means that there is a lot of the IT picture that we are missing here. If we have all of the info, then we have what appears to be redundant technologies. If we don't have all the info, we need it to make recommendations. 
- 
 @scottalanmiller said: We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client. 
 is that what you are asking ? everything is hosted at the main office
- 
 @StefUk said: @scottalanmiller said: We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client. 
 is that what you are asking ? everything is hosted at the main officeThink what they are both trying to say is you don't need the VPN link to use RDP to the HO location. Open up the ports on the Firewall and allow access through the internet connection. The VPN link is not required for what you are using i.e. RDP 
- 
 @hobbit666 said: @StefUk said: @scottalanmiller said: We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client. 
 is that what you are asking ? everything is hosted at the main officeThink what they are both trying to say is you don't need the VPN link to use RDP to the HO location. Open up the ports on the Firewall and allow access through the internet connection. The VPN link is not required for what you are using i.e. RDP Though, this only applies if the assumption is that there is no local access from the branch offices, only RPD access, which hasn't been confirmed. 
- 
 @hobbit666 said: @StefUk said: @scottalanmiller said: We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client. 
 is that what you are asking ? everything is hosted at the main officeThink what they are both trying to say is you don't need the VPN link to use RDP to the HO location. Open up the ports on the Firewall and allow access through the internet connection. The VPN link is not required for what you are using i.e. RDP ok maybe we don t need it but I don t have time to create more work for me .. it works and I don t need to change it . it doesn't cost anything and I don t have a problem with this .. ? 
 i would like to know what i can do with the AD - exchange - LAN etc ..maybe i should post something more specific 
- 
 I think we are going off track ... we are discussing why they use VPN when the VPN was never been mentioned as an issue here. Both solution works fine, we are not looking at saving money or justify expenditure I was just reaching out to understand how we can incorporate the apps of the two companies in to one without causing too much downtime. Company A and company B are merging on to company C with company B moving to company A . How can I get the two systems to work from company A premise in a short time as possible ? How can you merge comany A AD on to company B AD ? Company A has an exchange company B has an exchange, when compnay B moves in to company A is there a way to make exchange from company B to talk to exchange in to company A and vice versa without migrating mailboxes to a new exchange . is that more to the point ?  
- 
 @StefUk said: are not looking at saving money or justify expenditure I was just reaching out to understand how we can incorporate the apps Are you merging the datacenters? What are the applications, specifically? Sometimes different apps have different requirements, so a blanket response will be of little help. 
- 
 You mentioned creating a trust between the two domains - that's a great start. This will allow you to grant permissions to everyone who needs it in either domain. As for Exchange - why does anything need to change for today? Leave it alone. When it's time to stand up company C, make a whole new Exchange server, on a whole new domain (love the ability to get rid of legacy stuff this way). 
- 
 @Dashrender said: @StefUk said: are not looking at saving money or justify expenditure I was just reaching out to understand how we can incorporate the apps Are you merging the datacenters? What are the applications, specifically? Sometimes different apps have different requirements, so a blanket response will be of little help. both companies have a fully working infrastructure in house. In two months time company B will move in to company A. company B computers will be plugged in to company A data center ( infrastructure). at that stage, if the new merged company infrastructure ( company C ) is not ready how can i mitigate the move. The core application are 
 specific legal - accounting package and document management. ( different for company a and b at the moment - the plan is to move company b to company A app)
 Email - exchange ( one server for each company )
 file and print server
 AD
 Remote desktop
 SQL dictation package
 a legal form packageand some other generic apps like antivirus - internet filtering etc 
- 
 @StefUk said: @scottalanmiller said: We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office? line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client. 
 is that what you are asking ? everything is hosted at the main officeWell that helps to explain why RDP is used, but it doesn't cover what the VPN is used for. If everything is hosted in the main office and RDP is used for the apps, what does the VPN do? Has the line speed been looked into? That's terribly slow. 



