Question
I need to configure a laptop for a new colleague. Typically, every workstation is joined to Active Directory domain but this user needs to work in office and also outside office. I was wondering how to setup his workstation, since he won’t able to reach the domain when working outside office? should I setup VPN or two separate user accounts (DOMAIN\username for office and LAPTOP-NAME\username for outside office)?
Solution
You don’t need to setup two separate user accounts because this would cause confusion with two different user profiles. You just need to join the laptop to the domain. The user will still be able to login Windows using the domain account while he/she is away from the office. It will use cached credentials then. Data should be synced back to the servers once he/she is back in the office.
You don’t need a VPN to be able to log in. You would only need the VPN to be able to connect to office servers if you have any.
Note: The user or laptop will not be able to load any new AD group policy objects until they are back in the office, unless you configure a VPN).
It is possible to allow smartphones but not Outlook on a laptop to connect. However, if Exchange is set up to allow smartphones to connect, it’s likely that it’s configured to allow Outlook to connect. If you’re sure that Exchange is configured to allow external connections for Outlook, then it should work on the new laptop. If you don’t know for sure, the easiest way to find out for sure it to test it.
If Webaccess is enabled on the Exchange Server, you don’t even need Outlook. You should then be able to access your Outlook data via a Web-Browser.