Remote Desktop - 2k on client - GPO premits no software install!

i am using a computer that is running windows 2k, i cannot install any software on the computer becasue of strict GPO.  I would like to connect to my remote desktop connecion at home, does anyone know of any java aplet or other that i can use to connect to TServer without installing any software on the compu8ter?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If you can run activex on your compu8ter, and can get this installed on Tserver, Bob's your uncle:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
If you web-enable the Term server, then you can just use your browser to connect to it..
By using the link immediately above :)
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Not to be rude, but why do you want to remote-control your PC at home from your policy-restricted work PC?  

Has it occurred to you that it may be against company policy for you to do what you are trying to do?

If there is a legitimate business purpose to do what you are trying to do, then you should enlist the help of your company's IT department.  Strict policy restrictions are usually there for a reason, and to attempt to bypass them, even for innocent purposes, could possibly be grounds for immediate termination, depending on how your company's security policies are written.

Like I said, it may be entirely innocent, and may even be for legitimate business purposes, but if you have strict GPO's in place, I would check twice, and then check again, before attempting to bypass your company's security policies.

If your company's IT staff people want to come to us with suggestions on how to enable your desired connection within the company's guidelines, then cool.  Otherwise, I don't think we should give any more info, IMHO.
you could load tightvnc on your computer at home:

you could then either use the tightvnc viewer from work (not sure if it has to be installed or not)
or you could configure tightvnc so you could connect to it through your web browser.
i.e. open "http://youripaddress" in internet explorer to connect to your computer at home.
by the way, tightvnc sets up its web interface on port 5800, so you would have to open:
in internet explorer to connect to tightvnc on your computer at home through internet explorer at work.
there's always gotomypc
There are always ways, often multiple ways.

Like I said, if this is a work PC, and there is not a legitimate business reason to do this RC of the home PC, any further activity without the assist of the IT personnel should be done with EXTREME caution, keeping in mind that in many companies it would be an immediate-termination offense.

You have been warned ;)
Wow, ShineOn sounds like he works for your company (as a matter of fact he sounds like he might be the network enginee).

I agree with those who suggested VNC.  But I should also note that if the HOME PC is running XP and Remote Desktop Sharing is already enabled, if your workstation (at work) is also running XP go to...

Enter the IP of the home machine and it should connect no problem.
Well, think about it, TheBrutha.  If you were in a situation where GPO was set up to prohibit the users from installing anything on their workstations, doesn't that imply a company that has strict security policies that would include disciplinary action for employees attempting to breach that security policy?

Like I indicated, if there is a legitimate business reason for this person to remote-access his home PC from work, then the IT department IN SUCH A CONTROLLED-ENVIRONMENT COMPANY should be involved to make sure none of what is done violates the security policy guidelines.

If I were said employee in said company, I would not even think about trying to bypass coporate security measures.  Why do you think it would be OK?  What if the questioner is a corporate spy and wants to contact his home PC to load confidential documents to sell to a competitor?  One of the basic tenets of network security is that most offenses happen from the inside - corporate spies, disgruntled employees, and such.

I don't think we should say anything else to this guy.  My spidey-sense is tingling...
jslingerlandAuthor Commented:
oh one more thing, ShineOn please dont tell my mom, i dont want to get in trouble
jslingerlandAuthor Commented:
maybe its not your spidey sence, mabey its your caustic sence of self satisfation.
Earth to ShineOn, come in're starting to sound like a paranoid addict.  Obviously the individual asking the question WANTS to bypass the guidelines in place, although I think you're right for reminding him those guidelines are in place for a reason, he still requested help on what is obviously something he wants to do, REGARDLESS of the GPO currently in place.  

PS.  At what point did I say it was OK to bypass corporate security?  That's between him and his company, he simply asked how we could remotely access his PC from work even though there is a GPO in place.   I simply said you sound like the Network Engineer for his company (i.e. joke).  It's ok to laugh sometimes, get your head out your W2K administrators companion book.
The GPO prohibiting the intallation of software should be accompanied by a formal, written security policy that includes an "acceptable use" policy that users are actively made aware of.

I'm not sure an ActiveX RDP connection is any more of a threat than any other web page, certainly less than personal email accounts, IM, etc.

I trust he's now aware of the ethical implications in violating his firms guidlines and will govern his actions in accordance with them.

jslingerlandAuthor Commented:
I would also like to apologise for being an ass to ShineOn - I know he did have my best interest in mind.  I am in management here, and the ip department answers to me, although i do my best to apease my it departments wishes

your all awsome

Um, I guess, thanks for the apology.

One thing I must say, though, is that as a management person, you should know what your security policies are, and should realize that for them to work, even management shoudn't bypass them.  Not to say that you would abuse anything, but I personally worked with an IT director that was working "on the side" for a competitor, passing customer lists, so being in charge doesn't mean you can't possibly do anything bad by "bending" the rules.

OK, the rest of you can get pissy at me again for being anal-retentive about security now.

Brutha, your attitude about helping someone get around the rules because they asked how, regardless of the circumstances, is almost as bad as telling a script-kiddie how to crack a program's licensing security.  You're every security manager's nightmare.  Absolving yourselft from personal responsibility by saying you just gave what was asked for, and it that's what they want to do, that's up to them, they know the risks they run, is as bad as a crack dealer saying, "hell, I don't MAKE them smoke it - they came to ME."
jslingerlandAuthor Commented:
Charade you are shine on.  With all due respect.  I gave you a chance, told you i see things from your perspective.    so what if i want to loging to my pc at home and burn a cd, or modify security policies on my domain controler while im at work.  For real  Im not tring to "passing customer lists" bring Adelphia  into further turmoil.  And no, im not acculy doing work most the time when im remote connecting.  But im not an idiot, i dont ask alot of questians on EE, and most of the time i find the answer myself way before anyone on here gives me advice. But i dont know everything, and i respect the advice of most the people on EE, so i ask to see if peope know better ways.  So maby you should step off your moral high ground for a minute and stop trying to play daddy. iI can totaly see one time trying to bring up the fact that you dont want to violate policy, but to keep coming and coming with it, serously.

The only reason for it being mentioned more than once, in more than one way, is simply because everyone else simply shrugged it off each time.  Even trying to add a touch of humor fell flat.

If you want to see me as a parental figure that's OK.  I did bring up 2 kids quite successfully, and am proud of the results.

It is not moral high ground.  I am not being preachy.  It is a message that should not be ignored, and this is the third time you are "being an ass" as you put it, although you did apologize once.

I don't give a whit what you want to do with your time or your company's time; that is not my concern.  I don't care if you ignore anything else I say on EE out of spite; that is your prerogative.  The point I was trying to make was not to you, but to the other participants of this question - that this kind of "help" can be more harmful than helpful.  The place to go for this information for someone in your position is your own IT department.

I am trying to keep this professional, so please end this now.
or  move it to religion and philosophy...

This is a professional TA.  If I remember correctly, the EE rules discourage helping people break security.  It is unprofessional to recommend ways around security - EE is not a hacker site.

If that is an incorrect assessment, cool.  I retract all my statements regarding security.

If not, I will continue my "religious and philosophical" adherence to the professional concept of network security, in this, the appropriate TA for it.

If you think I'm being unreasonable, complain to the moderators.
As stated in an earlier post...


chicagoan resolved the issue, and that's all that really matters at this point.  That's why he's one of the top 15!  =)
I don't think your effort to make people aware of security is unreasonable, but every enterprise is different and the degree of lattitude given to end users is different. Being professional is not about locking down an enterprise to the greatest extent possible, it's about applying the policies that management has put forth.

From a philosophical point of view - I think there is a difference in circumventing a GPO to install software and web-enabling you home TServer so that you can use it from work with the infrastructure in place PROVIDING THAT DOES NOT VIOLATE THE SECURITY POLICY.

TheBrutha -

If you look, I am also in the top 15, and if you are not of the hacker/cracker mentality, resolving this Q is not all that matters.

chicagoan -

I think we are much closer to agreement on this than we are in disagreement.  However, I don't think it's up to us to guess whether or not we are enabling someone to circumvent their security policy.  Unless the asker is part of the IT department and is looking for ways to allow this type of access to a user within the security policy's guidelines, I don't feel that it is our place to put that info out there.  Sure, we don't know if the asker is lying, but to give info freely to an obvious end-user looking to do an end-around ...

I know, there are many ways a determined user can find out how to break the rules, and most if that knowledge is available elsewhere - they don't NEED to come to EE for that info.  That doesn't mean we should provide them that info just because they could find it elsewhere.  We don't know how liberal their company's security policy is, so that shouldn't matter.

If a company has strict GPO in place that restricts installation of programs, they are much more likely to have strict security guidelines to match.  Being professional is not about locking down the desktop, it is about whether our dissemination of knowledge is ethical.  NOT moral, but ethical - there's a difference.  If I had said moral, then your comment about religion & philosophy might apply.  Ethics is part of professional behavior.
>If a company has strict GPO in place that restricts installation of programs, they are much more likely to have strict >security guidelines to match.
I'm not sure I can agree with that premise. Having worked for firms ranging from bank holding companies to large universities and private firms doing sensitive work for govt agencies, the lack of a well founded and disseminated policy is more the case than one might hope outside of .gov institutions. In my experience, locking down the local machine is more often a response by IT to the costs of repairing them and the exposure of unlicensed, unsupportable or conflicting applications than an attempt to enforce a corporate information security policy.

You can't seperate ethics and morality! Ethics are based on moral principles.*

That aside, the ethical consideration here is that the "use the property of a client or employer only in ways properly authorized, and with the client's or employer's knowledge and consent."

If the question had been posed differently:
How can I access my PC at home from a cyber-cafe without installing any software? or
How can I get to our office PC from a client's public machine?
would that change the ethical framework?

In all of these cases the root principal is that the activity must be ok with the employer. The question here was NOT how to hack the emplyer's system but how to set up a machine to be accessed without the installation of client software. While the GPO issue framed the context, and a caveat that the activity be "properly authorized, and with the client's or employer's knowledge and consent" I submit this question is not about a hack, and I don't think that's splitting hairs.

From a "portal of infection" standpoint, how different an activity is this than getting your mail from Yahoo or Hotmail, or accessing you ISP web space to get some files you were working on at home, or sticking a usb keyfob in your machine?
If someone asked "I work at home a lot and occasionally need to access my files" I don't think any reasonable security professional would cut them off, but would answer "assuming that's ok with your boss, you could....."


I would also direct anyone wondering about network security here:

to learn about best practices.
This one, titled "The Internal Threat to Security, Or, Users Can Really Mess Things Up" might be most apropos to this Question.
Shine On, you just don't quit do you?  Yes I know you're in the top 15, but you didn't resolve the inquiry, that's why praise was given to chicagoan, everyone have a pleasant day.
No, I don't quit.  I didn't try to resolve the Q.  I tried to stop it from being resolved.  

Not to speak for chicagoan, but if you're looking for praise for giving a "right" answer, then you should go talk to your kindergarten teacher.  This isn't about praise.  It's about helping people.

Have a wonderful day.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.