Solved

Cannot connect remotely to SBS 2003 desktop through RWW

Posted on 2007-04-08
13
852 Views
Last Modified: 2016-08-29
Our SBS 2003 allows all users to remotely access Exchange email, and each person has access to their inidividual workstation desktop. As system administrator, however, I cannot gain access to the SBS desktop. It would be very useful for me to connect remotely to the server's desktop and its Event Viewer and Task Manager. I can log in remotely as administrator to RWW, and get "Connect to Server Desktops" which would seem to allow me to do that, but instead I get a box that says, "Connectivity to the remote computer could not be established . . . " Is there a way for me to make this remote conneciton? Thanks.

Leon
0
Comment
Question by:OleBear
  • 7
  • 5
13 Comments
 
LVL 10

Assisted Solution

by:stafi
stafi earned 45 total points
ID: 18873459
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 18874970
Leon,

Good to see you posted a separate question for this.

If others can get to their desktops, then I'd assume that port 4125 is open on the router.  So, the question would be why can't you get to the server desktop?  If you'd please post a COMPLETE ipconfig /all from the server that'll help us figure out what you need to do.

Jeff
TechSoEasy
0
 

Author Comment

by:OleBear
ID: 18921828
A COMPLETE ipconfig /all for the SBS server is shown below.
First, some comments -
This system uses a single NIC and has a Cisco PIX firewall at the front end. Yes, port 4125 is open, and all remote users are able to access their workstation desktops and Exchange email. As administrator I am able to log in and access the Administrator email account. As administrator, I can also access Workstation Desktops - at least to the point of needing a password. And I can access both email and desktop under my own login name. -- What I am unable to do as Administrator, is get to the SBS server login screen. I can see the name of the server, but cannot get beyond that point. I immediately get the message "Connectivity to the remote computer could not be established. Ensure that the remote computer is on and connected to the Windows Small Business Server network".

I hope this helps. -- Leon


Windows IP Configuration  
Host Name . . . . . . . . . . . . : org-server  
Primary Dns Suffix  . . . . . . . : ORG.local  
Node Type . . . . . . . . . . . . : Unknown  
IP Routing Enabled. . . . . . . . : Yes  
WINS Proxy Enabled. . . . . . . . : Yes  
DNS Suffix Search List. . . . . . : ORG.local

Ethernet adapter Server Local Area Connection:  
Connection-specific DNS Suffix  . :    
Description . . . . . . . . . . . : Intel(R) PRO/100+ Management Adapter  
Physical Address. . . . . . . . . : 00-02-B3-10-18-C1  
DHCP Enabled. . . . . . . . . . . : No  
IP Address. . . . . . . . . . . . : 192.168.1.2  
Subnet Mask . . . . . . . . . . . : 255.255.255.0  
Default Gateway . . . . . . . . . : 192.168.1.254  
DNS Servers . . . . . . . . . . . : 192.168.1.2  
Primary WINS Server . . . . . . . : 192.168.1.2  
NetBIOS over Tcpip. . . . . . . . : Disabled

0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 18925079
What Security Groups is the built-in administrator a member of?

That account should ONLY be a member of the following:
Administrators
Domain Admins
Domain Users
Enterprise Admins
Group Policy Creator Owners
Mobile Users
Schema Admins
And possibly Internet users [if ISA 2000/2004 is installed]
The account should NOT have membership in Power Users or Remote Operators groups.

Jeff
TechSoEasy
0
 

Author Comment

by:OleBear
ID: 18995070
After reviewing all the suggestions submitted here, and also after researching all the other sources I could find, here is my conclusion: -- It is not possible to connect to the desktop of the SBS that is providing the RWW services to the rest of the network. From the primary SBS it looks possible to use RWW to connect to other standard server's desktops, although I don't have other servers on the network so I am unable to verifiy that. Connecting to all other workstations using RWW is easy once it is set up properly. I also assume that connecting to the SBS using VPN or Terminal Server is possible, but that isn't the approach I wanted to use.

So I'm not sure how to allocate points to this inquiry. While the information was somewhat useful - that is, I had already tried or verified most of it, thus I really ended up retrying stuff that I had already done just to be sure I hadn't overlooked anything. And in the end, what I wanted to do looks impossible, but not because of assistance here, but because the SBS doesn't allow it. So I'm inclined to allocate 100 points to each of the last two suggestions. Does that seem fair?

Leon
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 18995324
No, it doesn't because you ABSOLUTELY CAN connect to the SBS desktop via RWW... as long as you are a member of the Domain Admins group.  You would then be getting the Administrator Web Page menu for RWW which has an option to "Connect to Server Desktops".

See http://sbsurl.com/rww for further details about this.

I connect to every single SBS desktop I manage using this method and it works fine... as long as your firewall will allow traffic through on port 4125.... and assuming that you have not somehow modified the default domain controller policy to disallow these connections.

So... if you want to resolve the issue, stick with us here and we'll get it resolved for you.

The next thing I would need to see from your server is the output from the following issued at a command prompt:

C:\>gpresult /z >gpresult.txt

Please run this while logged in as the built-in administrator.  It will create a text document at C:\gpresult.txt which you can upload to:  https://filedb.experts-exchange.com/incoming/ee-stuff/3288-hold.txthttps://filedb.experts-exchange.com/incoming/ee-stuff/3451-gpresult.txt

(logging in with your Experts-Exchange username and password).

Jeff
TechSoEasy

0
Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 18995329
Actually... I may have spotted the problem... I don't actually know if this would cause that behavior, but it might...
You have NETBIOS over TCP/IP disabled on your NIC.  It should be ENABLED in a Single NIC configuration.  After enabling it, you should rerun the CEICW.

If that doesn't help, then please post the above requested file.

Jeff
TechSoEasy
0
 

Author Comment

by:OleBear
ID: 18995485
Well, let me take a closer look at our setup and give these things a try next week sometime. Yes, I'd sure like a remote desktop connection to work. But you seem to be the only one that thinks it can work. And I'll really be pleased if it does. -- I have the "Windows Small Business Server 2003 -- Administrator's Companion" here, and there's nothing very satisfying regarding this kind of connection.
Thanks again for you assistance - and your persistance. -------- Leon

0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 18996175
That book is not written by someone who truly understands SBS.  Please see my list of recommended books if you want to have a good companion manual:  http://sbsurl.com/list

Jeff
TechSoEasy
0
 

Author Comment

by:OleBear
ID: 19110819
Jeff -  I submitted this gpresult.txt file as described below. Hopefully it got there OK. If not, please let me know.
Leon
====================================
The next thing I would need to see from your server is the output from the following issued at a command prompt:

C:\>gpresult /z >gpresult.txt

Please run this while logged in as the built-in administrator.  It will create a text document at C:\gpresult.txt which you can upload to:  https://filedb.experts-exchange.com/incoming/ee-stuff/3288-hold.txthttps://filedb.experts-exchange.com/incoming/ee-stuff/3451-gpresult.txt

(logging in with your Experts-Exchange username and password).

Jeff
TechSoEasy
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 19119759
Can you please verify if you can access the SBS's desktop through RDP from INSIDE your LAN?

You can just use this at a command prompt from a LAN workstation:

mstsc /v:wta-server /console

If that works... then please try to connect to your sever using the Remote Desktop Client from outside your LAN rather than through RWW.  That way we can narrow down what's going on.

Thanks.

Jeff
TechSoEasy
0
 

Author Comment

by:OleBear
ID: 19123843

Using the mstsc /v:wta-server /console command, I am unable to connect to the server from inside the LAN. -- I get this message:
Remote Desktop Disconnected
The client could not connect to the remote computer.
Remote connections might not be enabled or the computer might be too busy to accept new connections.

I did this after business hours when no one was on the network. All other aspects of the network were fully functional. From home I could access my Exchange email, and logged in as administrator I could see the server but not access the server desktop. -- In other words, the same as before. Rats!!
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 455 total points
ID: 19139948
For some reason you don't have Terminal Services activated on your SBS.  Please be sure that the following are done:

Open System Properties (Right Click My Computer > Properties) > Remote Tab.  Make sure that "Enable Remote Desktop on this Computer" is checked.

Run the Configure Email and Internet Connection Wizard (CEICW -- linked as "Connect to the Internet on the To-Do list in the Server Management Console).  Make sure that you select "Enable Fierwall" and then on the "Configure Services" screen, make sure that "Terminal Services" is selected.

A visual how-to for that is here:  http://sbsurl.com/ceicw

Jeff
TechSoEasy
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now