?
Solved

Win2K TS

Posted on 2004-11-10
10
Medium Priority
?
165 Views
Last Modified: 2010-04-14
I want to set up a windows 2000 terminal server at home in order to remotely access several apps.

Since I have never setup a terminal server I am going to need some help.  I don't think the local setup will be to bad, but unsure of how to allow a remote user access.

Can someone point me the right direction.  Thanks
0
Comment
Question by:vivo123
  • 4
  • 3
  • 3
10 Comments
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 12551004
Assuming you have a Server, all you have to do is make sure the Terminal Services Component is installed by going to Add/remove programs and then the Windows Components button.  Make sure Terminal Services is checked and ok out.
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 12551026
You will be prompted as to what mode you want to install it in.  If you plan on allowing others, you'll have to use Application Sharing/Server mode.  However, this will require installing Terminal Services Licensing server and obtaining Licenses.  Since you have server at home, I'm guessing your a member of MSDN - a few licenses are included for this with MSDN so you should be ok.

If you just want it for yourself, you can set it up in Administrative mode - this will allows only admins to log in via terminal services.  All other terminal services capabilities are there - it's just a restriction on the class of user.  
0
 
LVL 14

Accepted Solution

by:
alimu earned 300 total points
ID: 12553041
Actually Administrative mode means that it's an install of terminal services to be used for administrative purposes.  It only has 2 CALs so you only get a maximum of 2 client connections through to the server at any one time.

A vanilla install will restrict to administrators, to allow other users you may need to grant them a couple of rights in local security policy, namely the "logon locally" right.  If you're not in a domain, you just configure this in local security policy:
Administrative Tools--> Local Security Policy
Security Settings-->Local Policies-->User Rights Assignment-->Double Click "Log on Locally" and add your users/groups.

If you're using win2k pre service pack 2 you'll also need to add the users to "Remote Desktop Users" group.  This group already has the right "Allow logon through terminal services".  This right is ignored after service pack 2.

Are your remote users going to be on your home network?  If not you will need port 3389 open on your firewall and you will need to forward requests to port 3389 through to your server via some sort of routing.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:vivo123
ID: 12554748
Thanks for the information.  Currently it is setup in Administrative Mode and I want to be able to connect from outside of the network.  What does the external client need to use to connect to the network?  I use Remote desktop from within the network.  Not sure about the external client. (Can I create a client termainl service disk to install on the client)

Is the client connection the same if the server was in application mode?

Thanks again for your input.
0
 
LVL 14

Expert Comment

by:alimu
ID: 12560334
remote desktop's fine.
connections the same.
If they're win2k clients the terminal services client is usually on the machines in a subdirectory of system32.
just do a search for mstsc.exe and you should be able to find it.

would advise giving it a go and then we'll work through problems if they crop up.
You'll have to know what your IP address is out on your ISP's network too.  
This is usually a dhcp address that gets changed every so often if you're using ADSL or Cable Internet, or a dhcp address that's assigned on connection with a modem.
This address is what the external clients will be connecting to (so if it's a static address it's obviously much easier to get to).
0
 
LVL 97

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 200 total points
ID: 12561502
alimu said:
> Actually Administrative mode means that it's an install of terminal services to be used for administrative purposes.

That's true, but my point is, using that mode does not in any technical way prevent you from doing the same things you can if it were in application mode.

You can use ANY RDP client to connect to the system from outside the network.  Among the clients you can use:
*Windows 2000's client (can be created from within Server and put on two floppies)
*Rdesktop - a linux and unix version that can run from just about any *nix I've seen (www.rdesktop.org)
*Windows CE clients if you purchase them
*Palm OS (you have to purchase - 2 week trial available).
*The XP Remote Desktop client (RDP) available from http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx
*Remote Desktop Web Connection - which you have to install on an IIS web server and can only be used with Internet Explorer (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/termserv/termserv/remote_desktop_web_connection.asp)
0
 
LVL 14

Expert Comment

by:alimu
ID: 12561902
leew, My comment was a clarification of your statement  "this will allows only admins to log in via terminal services.  All other terminal services capabilities are there - it's just a restriction on the class of user."
This is actually on the case where local security policy is left unconfigured.  The difference between the versions is in the number of CALs available by default and what the intended purpose of terminal services is.
0
 

Author Comment

by:vivo123
ID: 12569359
Worked great..  Thanks for the help and understanding
0
 

Author Comment

by:vivo123
ID: 12569547
Oh yeah.. What about security..  
0
 
LVL 14

Expert Comment

by:alimu
ID: 12580801
First of all make sure all your service packs, hotfixes and antivirus definition files are up to date (and kept that way).
Next, have a look at this for ideas on securing terminal services: http://www.windowsecurity.com/articles/Windows_Terminal_Services.html
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
As a matter of fact, Outlook OST files are of much importance in relation to Exchange mailbox. OST files are independent as they are simply copy of data of a user’s mailbox on Exchange Server. Though, if the server’s status is changed or it is dama…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question