sherrylind
asked on
Windows 2000 server-varying levels of remote access
I have a question regarding the best (and least expensive) way to have varying levels of remote access to a Windows 2000 server. We have a Windows 2000 Server and three Win XP Pro computers networked together for our church. We have a dynamic IP but are using NO-IP.com for a static IP address. We only have a few people who actually work at the church and they use the XP computers. The other people need to work remotely from their home. The server is locked in a "computer closet" and only I have access to that.
The majority of people who work from home need to use our church management software. So I have set up the Terminal Server in the "remote administration" mode and gave them each a TS user ID. Then on the "ENVIRONMENT" tab of their profile I have directed them to that software. When they logon they are directed immediatly to that software, and when they leave the software their TS session has ended. I like this method because even though they are logged onto the server, they do not have access to the desktop or any of the server function/controls. This seems to work well for them with the limitation, of course, that no more than two people at a time can be working at once.
However, as our use of the network is growing, I now have some people who need to logon remotely and work on various documents using MS-Word, MS-Excel, etc. On our network we have folders with varying level of security. For example: the "public folder" is a folder that does not contain any private information, the "Pastor" folder contains confidentional info that only the pastor and his administrator can access, the "Office Staff" folder contains info that should only be shared with people working in the office, etc. I control this security at the moment with their user ID's when the log onto one of the XP desktops located physically in the church.
I have attempted to use VNC to give them access to some of the XP computers. VNC is a free remote desktop program similar to PCAnywhere - see www.realvnc.com. But this does not work well for us because someone is frequently using one of those XP computers. Also, it is not a very secure way to access confidential documents if someone was to be standing near these computers.
I would like for the users to have virtual desktop logons/sessions to the Win 2000 server so they can log on without using the local desktop. But the church cannot afford Citrix at this time, so I'm hoping there is a cheaper work around for this situation.
Is there a good, inexpensive way to give people a remote access to all the files/programs they need without actually logging onto the desktop of the server?
Any advice/suggestions would be appreciated.
Thanks!
The majority of people who work from home need to use our church management software. So I have set up the Terminal Server in the "remote administration" mode and gave them each a TS user ID. Then on the "ENVIRONMENT" tab of their profile I have directed them to that software. When they logon they are directed immediatly to that software, and when they leave the software their TS session has ended. I like this method because even though they are logged onto the server, they do not have access to the desktop or any of the server function/controls. This seems to work well for them with the limitation, of course, that no more than two people at a time can be working at once.
However, as our use of the network is growing, I now have some people who need to logon remotely and work on various documents using MS-Word, MS-Excel, etc. On our network we have folders with varying level of security. For example: the "public folder" is a folder that does not contain any private information, the "Pastor" folder contains confidentional info that only the pastor and his administrator can access, the "Office Staff" folder contains info that should only be shared with people working in the office, etc. I control this security at the moment with their user ID's when the log onto one of the XP desktops located physically in the church.
I have attempted to use VNC to give them access to some of the XP computers. VNC is a free remote desktop program similar to PCAnywhere - see www.realvnc.com. But this does not work well for us because someone is frequently using one of those XP computers. Also, it is not a very secure way to access confidential documents if someone was to be standing near these computers.
I would like for the users to have virtual desktop logons/sessions to the Win 2000 server so they can log on without using the local desktop. But the church cannot afford Citrix at this time, so I'm hoping there is a cheaper work around for this situation.
Is there a good, inexpensive way to give people a remote access to all the files/programs they need without actually logging onto the desktop of the server?
Any advice/suggestions would be appreciated.
Thanks!
ASKER
They are XP Pro. But remote desktop is pretty much the same as PcAnywhere and/or VNC. (I chose VNC because it is multi-platform and I had users with older Macs wanting to connect.) As I said before, remote desktop is not a good option because we have someone using those computers locally.
I would like for the users to have virtual desktop logons/sessions to the Win 2000 server so they can log on without using the local desktop. If there is an inexpensive alternative to Metaframe that someone has used successfully that would be fabulous. Or perhaps some sort of secure file/program sharing over the website where I can control access at different levels. Or maybe some other option using terminal servicecs or something. I'm not sure what the solution is, I'm just hoping to find an alternative.
But thanks for the suggestion!
I would like for the users to have virtual desktop logons/sessions to the Win 2000 server so they can log on without using the local desktop. If there is an inexpensive alternative to Metaframe that someone has used successfully that would be fabulous. Or perhaps some sort of secure file/program sharing over the website where I can control access at different levels. Or maybe some other option using terminal servicecs or something. I'm not sure what the solution is, I'm just hoping to find an alternative.
But thanks for the suggestion!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Concurrent users might ease the need for virtual session availability, but the thought of having users try to dial in one port at a time until they find an open machine isn't too appealing... We're looking to allow remote users to log onto the network using virtual sessions, and it seems that the best way of doing this would be to find a program to allow the users to log onto a single terminal server. Are there any affordable programs that work like Windows Terminal Services but can allow more than 2 users at the same time on a single machine?
another thing you could do is use a linux machine in your network.
I envision the linux box with vnc server installed. with openoffice as the office program. for microsoft word documents and excel spreadsheets, this will work well. the linux box will be run a windows client. (its integrated into the operating system.
vnc works differently on a *nix machine because you get your own desktop session for each user.
the users will dial in or vpn into the network. they will vnc into the linux machine and be able to access the files on the windows server.
the only investment you will need is another computer, and it doesn't need to be anything all that powerful.
also, all the software is free...
if you are interested in this solution, I can help you set it up... I don't know if you have any experience in linux or not, but this solution will also work well with a minimum of money investment, but the learning curve might be steep.
Tanelorn
I envision the linux box with vnc server installed. with openoffice as the office program. for microsoft word documents and excel spreadsheets, this will work well. the linux box will be run a windows client. (its integrated into the operating system.
vnc works differently on a *nix machine because you get your own desktop session for each user.
the users will dial in or vpn into the network. they will vnc into the linux machine and be able to access the files on the windows server.
the only investment you will need is another computer, and it doesn't need to be anything all that powerful.
also, all the software is free...
if you are interested in this solution, I can help you set it up... I don't know if you have any experience in linux or not, but this solution will also work well with a minimum of money investment, but the learning curve might be steep.
Tanelorn
XP pro has remote desktop as part of the operating system.
in the system control panel there is a tab called remote. there you will be able to configure who can
remote desktop into the machine. (free)
the benefit of this is that if someone is remote desktop'ed in, the console is locked. (secure)
I'm not sure if XP home has this capability though.. :(
hope this helps...