Administer Microsoft 2008 Server remotely that is not part of the domain.

This is a test network.

Desired end state: Administer a 2008 server in a DMZ that is not part of the AD domain.

I am building a Microsoft Exchange 2007 Edge Transport server that is being place in a DMZ (DMZ is in a Smoothwall 2.0 orange zone) on a separate subnet 192.168.200.x. The domain is in 192.168.100.x. This server is being installed prior to the Exchange 2007 mailbox/public folder server.

Using remote desktop connection only seems to work if the server is in the same domain.

I feel this is a two part problem 1. Being able to administer the Edge server without being part of the domain. 2. Being able to get to the server and administer it  through the firewall on a separate subnet (a firewall problem).

Currently the Edge server is on the same subnet in the LAN (not DMZ).


(Happy birthday Marines)
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You first need to configure the firewall to allow access to the RDP from the LAN.
Second you need to make sure that the Remote administration is configured on the DMZ'd server.
Third, when the prior two have been confirmed to work, make sure the credentials you provide for the remote connection match the credentials on the system versus using existing domain credentials.
try using for username user@servernam plus password.  I.e. it is possible that the default domain included in the RDP references you AD domain.  Click on options on the RDP client connection to see what is being provided.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jarhead1899Author Commented:

Thanks. I will attempt part 2 and 3 of your solution prior to moving the server into the DMZ.
You should be able to RDP into a system regardless of if it's on your domain or not. If you cannot, it sounds like a routing issue, or like the server is not properly configured to allow remote access.
jarhead1899Author Commented:
Part 2 and 3 worked, I went with enabling the remote administration and remote desktop vice enabling the RDP via the terminal server role. Now I just need to work on the DMZ piece. Do you happen to know the ports that need to be open to enable Remote Desktop?  If not I will locate and post a follow up here. Thanks.
RDP uses TCP port 3389.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.