I have been charged with distributing about a dozen laptops to technicians at our company that will spend almost all of their time in the field not connected to our network. They may come in for quarterly meetings and may or may not connect their laptops to the network.
My question is what are the benefits or disadvantages of joining these laptops to our domain and under these circumstances (given what I describe above) what would you do?
This sounds more like a preference things to me, I say this because
1) Does your company have a terminal server?
2) Do they have VPN access from outside?
3) Do you have RPC over http setup on your mail server?
4) Do they need constant access to their user data and more importantly company data while outside the office?
Answering these questions will answer your question for you
I would not, I would give them VPN access and set up a Terminal Server for them to use.
I would setup their Microsoft Outlook to use the RPC over http connection.
Then I would make sure there username and password on their laptop is the same as the one on the server, that way while they are in office they can access their email and shares without logging into the domain, and setup a login script batch file they can run from their desktop to map drives whether logged in via VPN or local.
HTH
If you're responsible for the operation of the laptops, I'd join them to the domain because it makes managing them much easier. That would of course present several "occasionally connected" dilemmas to solve.
If you do not join them, the technicians would have to be responsible for maintaining the laptops themselves in my opinion. They could still access shared resources with some remote solution like Remote Desktop, Citrix et al but having the laptop working would not be your responsibility - it would be treated like any random contractor's computer basically.
Pretty simple criteria for this:
If you answer yes to any of the above questions, or are likely to in the near future, then you should at least consider the downsides to adding them to the domain!
There are other considerations, such as single-sign-on to intranets or other network resources too, but if they're out in the field and not networked, they're pretty much covered.
What I'd do is add them to the Domain but set up some form of Network Access Control too, so that you minimise the risk of damage being caused by a laptop that (1) may not have had AV or security updates applied, and (2) may have been used by a technician's 14 year old son (for what 14 year old boys do on the internet) during the time it was off your network.
It depends on what internal resources the technicians use when they're in the field. For our remote staff, we've found that the advantages of having them as part of the domain out-weigh the occasional hassles of dealing with domain access over slow connections.
We have a bunch of small remote offices (some are just home offices) with staff who come in only a few times a year. About 20 staff in total. But they use email (Exchange), access internal web sites, and use files on network shares, so they're set up as part of the domain and access everything over a VPN connection.
One big advantage of having them as part of the domain is that when they do come into a main office, they usually need to access a lot of stuff in a hurry - print stuff on the bigger, better printers in the main offices, copy a bunch of files back and forth, try out new applications, get a tune-up on their laptop. All of this is much much easier when they're a member of the domain.