• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 532
  • Last Modified:

How can I setup a offsite laptop to Remote Desktop Connection in to another computer on my domain??

Hi,

Have set up a new SBS Premuim 2008 server. I have a rep on the road and with our old server he was RDP into a SBS 2003 Premuim. Do I still get him to remote into the new server or is it best to get him to remote into another computer. I will be upgrading the old server box to a Terminal Services server but in the mean time I need the Rep functioning on the road now.

How would I go about setting up access in the mean time?

Thanks
0
Darkner007
Asked:
Darkner007
1 Solution
 
Dave_ANDCommented:
Have him use Remote Web workplace and connect to a PC on the domain.. This PC will be locked while he use it.. You should never have users login to Domain or Exchange servers.

0
 
Cliff GaliherCommented:
End users should never RDP into an infrastructure server (terminal servers are specifically designed for such use and thus do not fall into the "infrastructure" category.) In short, that laptop user should never have been given RDP access to the old SBS server either, this isn't a new best practice.
Set up an in-office machine and configure RWW for the user. That is the best least-cost and immediate solution without compromising security.
-Cliff
 
0
 
Darkner007Author Commented:
Hi guys,

How do I go about setting up access to the RWW? How would he access it thru the net?

Sorry about all the questions but just want to make sure that I get this server done right.

Thanks in advance for your help

Regards,
Paul
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Darkner007Author Commented:
Does anyone know at all??
0
 
sihtCommented:
If you have correctly configured your networking for SBS then you will need to log on to the SBS server, open the SBS console if it does not open automatically, click on the "Users and Groups" tab, double click the user in the list :

1. Click on "Computers", select the machine you wish the user to be able to access remotely, tick the "Can remotely access this machine" box.

2. Select "Remote Access" in the box that appears, tick the "User can access Remote Web Workplace" box. Make sure the computer you want them to be able to access apppears in the "Default computer link in RWW.

3. RWW enabled users can access the RWW site at "https://remote.yourexternaldomain.com" assuming you have a default installation.

This stuff is really well documented, here are some links to help you manage SBS:

http://social.technet.microsoft.com/wiki/contents/articles/small-business-server-2008-build-document.aspx

http://technet.microsoft.com/en-us/library/sbs-2008-remote-access-management(WS.10).aspx
0
 
Darkner007Author Commented:
But don't you need to configure your ISP to point back to the server? I can access the RWW internally but not externally.
0
 
esp-projectsCommented:
Hi,
Slightly off topic but Since you have SBS 2008 Premium, it comes with a copy of Windows Server 2008 standard which you are able to install on another machine (or virtual machine) for Terminal Services.  If the server is of good enough specification, you can install a virtual machine on it with Server 2008 standard and enable TS role on that.  See http://blogs.technet.com/b/sbs/archive/2008/09/26/can-i-use-terminal-services-in-sbs-2008.aspx for a bit more info.

Hope this helps.

Jason
0
 
Brandon2k1Commented:
to access RWW externally you will need to set up a DNS record for remote.domainname.co.uk pointing to you servers external ip address. Whoever you registered your domain with should be able to do this for you or give you access to do it. If you cant set a dns record up you can always access the site externally by using your external ip address as follows:  11.11.11.11/remote

Once you have done this make sure you have forwarded to correct ports through your firewall. I think it is port 4125 for RDP connections. but you will also need to allow incoming traffic on port 80 for http and 443 for https, to get access to the site as mentioned above.
0
 
sihtCommented:
You may be able to access RWW just using your IP address if you have a static IP address from your ISP but as Brandon2k1 suggested you are much better off having a DNS record set up which points remote.externaldomainname.com.au (because you're in Queensland!) to your external IP. You will still need a static IP address for this to work, most business grade broadband accounts come with a static IP.

If you have not yet registered an external domain name you really should, it is cheap, makes all this much easier and wil save you time and therefore money.

You will also need the correct ports forwarded from your firewall\router to the internal IP address of your SBS server. The correct port for RDP is 3389 but you do NOT need to forward it for SBS, everything is handled with SSL on port 443.

So you will need to forward 443 (SSL), 987 (Sharepoint), 25 (Exchange email) and 80 (web traffic, not stricly essential but it may make your life easier).
If you just want to get RWW going now then try forwarding port 443 from your router to your SBS server and then test RWW using your external IP which will be something like https://111.222.333.444/remote.



0
 
Darkner007Author Commented:
Hi guys,

Just got word yesterday that my ISP has done the remote.domainname.com.au. I have forwarded all the ports as mentioned on both the router firewall and the SBS firewall but am still not getting access the the RWW. Is there anything that I can try at all??

Regards,
Paul
0
 
sihtCommented:
Make sure you use https:// and not http:// when you try to connect.

Have you run the Internet Address Management wizard? You do this by clicking "Set up your Internet Address" under Getting Started Tasks on the home page of the SBS Console.

http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx

Are you using the self signed SSL certificate that comes with SBS or have you purchased a trusted certificate? I would strongly recommend you purchase a trusted certificate from www.godaddy.com or a similar certificate supplier. Trusted SSL certificates are so cheap now that they will pay for themselves in time savings many times over.

Do you get any kind of error when you attempt to connect to your RWW site?
0
 
Darkner007Author Commented:
Hi siht,

I am not too sure about the ssl certificates. Is that something that is needed as well??

Also i have been putting https:// but the browser keeps saying that it cant find the web page.

Thanks
Paul
0
 
sihtCommented:
RWW uses SSL (Secure Sockets Layer), SLL requires valid SSL certificates to work. If you haven't purchased a trusted SSL certificate then you are using the self signed certificate that comes with SBS 2008. See the link below for instructions on how to distribute it.

http://blogs.technet.com/b/sbs/archive/2008/09/30/how-do-i-distribute-the-sbs-2008-self-signed-ssl-certificate-to-my-users.aspx

If you think doing the steps described above will cost you more than about $15 in time then you should follow the steps below to purchase and install a godaddy certificate, once it's installed correctly you can usually forget about certificates untill you need to renew it:

http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html
http://help.godaddy.com/topic/742/article/4877

For any of this to work you will need to run the following "Getting Started Tasks" in the SBS Console in order:
1. Connect to the Internet.
2. Set up your Internet Address.
3. Add a trusted certificate (if you plan to purchase one).

Also can you at least ping your "remote.domainname.com.au" from outside your network?
0
 
Darkner007Author Commented:
Have noticed this when I was going thru the application log (Have attached a screenshot of the error)

It is about sharepoint services having an error.

I think I will buy a ssl certificate to make it easier.


Sharepoint-services-error.docx
0
 
Darkner007Author Commented:
In registering for the SSL should I put in the common name www.remote.domainname.com.au or should it be just www.domainname.com.au??
0
 
sihtCommented:
It's just remote.domainname.com.au without the "www". That's what should be in your external DNS also. That is also what you use to connect to RWW, https://remote.domainname.com.au/remote.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now