Solved

How can I setup a offsite laptop to Remote Desktop Connection in to another computer on my domain??

Posted on 2010-09-08
16
480 Views
Last Modified: 2013-11-21
Hi,

Have set up a new SBS Premuim 2008 server. I have a rep on the road and with our old server he was RDP into a SBS 2003 Premuim. Do I still get him to remote into the new server or is it best to get him to remote into another computer. I will be upgrading the old server box to a Terminal Services server but in the mean time I need the Rep functioning on the road now.

How would I go about setting up access in the mean time?

Thanks
0
Comment
Question by:Darkner007
16 Comments
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33632137
Have him use Remote Web workplace and connect to a PC on the domain.. This PC will be locked while he use it.. You should never have users login to Domain or Exchange servers.

0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 33632148
End users should never RDP into an infrastructure server (terminal servers are specifically designed for such use and thus do not fall into the "infrastructure" category.) In short, that laptop user should never have been given RDP access to the old SBS server either, this isn't a new best practice.
Set up an in-office machine and configure RWW for the user. That is the best least-cost and immediate solution without compromising security.
-Cliff
 
0
 

Author Comment

by:Darkner007
ID: 33632420
Hi guys,

How do I go about setting up access to the RWW? How would he access it thru the net?

Sorry about all the questions but just want to make sure that I get this server done right.

Thanks in advance for your help

Regards,
Paul
0
 

Author Comment

by:Darkner007
ID: 33632811
Does anyone know at all??
0
 
LVL 6

Expert Comment

by:siht
ID: 33633445
If you have correctly configured your networking for SBS then you will need to log on to the SBS server, open the SBS console if it does not open automatically, click on the "Users and Groups" tab, double click the user in the list :

1. Click on "Computers", select the machine you wish the user to be able to access remotely, tick the "Can remotely access this machine" box.

2. Select "Remote Access" in the box that appears, tick the "User can access Remote Web Workplace" box. Make sure the computer you want them to be able to access apppears in the "Default computer link in RWW.

3. RWW enabled users can access the RWW site at "https://remote.yourexternaldomain.com" assuming you have a default installation.

This stuff is really well documented, here are some links to help you manage SBS:

http://social.technet.microsoft.com/wiki/contents/articles/small-business-server-2008-build-document.aspx

http://technet.microsoft.com/en-us/library/sbs-2008-remote-access-management(WS.10).aspx
0
 

Author Comment

by:Darkner007
ID: 33633539
But don't you need to configure your ISP to point back to the server? I can access the RWW internally but not externally.
0
 
LVL 3

Expert Comment

by:esp-projects
ID: 33634903
Hi,
Slightly off topic but Since you have SBS 2008 Premium, it comes with a copy of Windows Server 2008 standard which you are able to install on another machine (or virtual machine) for Terminal Services.  If the server is of good enough specification, you can install a virtual machine on it with Server 2008 standard and enable TS role on that.  See http://blogs.technet.com/b/sbs/archive/2008/09/26/can-i-use-terminal-services-in-sbs-2008.aspx for a bit more info.

Hope this helps.

Jason
0
 
LVL 1

Expert Comment

by:Brandon2k1
ID: 33638007
to access RWW externally you will need to set up a DNS record for remote.domainname.co.uk pointing to you servers external ip address. Whoever you registered your domain with should be able to do this for you or give you access to do it. If you cant set a dns record up you can always access the site externally by using your external ip address as follows:  11.11.11.11/remote

Once you have done this make sure you have forwarded to correct ports through your firewall. I think it is port 4125 for RDP connections. but you will also need to allow incoming traffic on port 80 for http and 443 for https, to get access to the site as mentioned above.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 6

Expert Comment

by:siht
ID: 33643204
You may be able to access RWW just using your IP address if you have a static IP address from your ISP but as Brandon2k1 suggested you are much better off having a DNS record set up which points remote.externaldomainname.com.au (because you're in Queensland!) to your external IP. You will still need a static IP address for this to work, most business grade broadband accounts come with a static IP.

If you have not yet registered an external domain name you really should, it is cheap, makes all this much easier and wil save you time and therefore money.

You will also need the correct ports forwarded from your firewall\router to the internal IP address of your SBS server. The correct port for RDP is 3389 but you do NOT need to forward it for SBS, everything is handled with SSL on port 443.

So you will need to forward 443 (SSL), 987 (Sharepoint), 25 (Exchange email) and 80 (web traffic, not stricly essential but it may make your life easier).
If you just want to get RWW going now then try forwarding port 443 from your router to your SBS server and then test RWW using your external IP which will be something like https://111.222.333.444/remote.



0
 

Author Comment

by:Darkner007
ID: 33677915
Hi guys,

Just got word yesterday that my ISP has done the remote.domainname.com.au. I have forwarded all the ports as mentioned on both the router firewall and the SBS firewall but am still not getting access the the RWW. Is there anything that I can try at all??

Regards,
Paul
0
 
LVL 6

Accepted Solution

by:
siht earned 500 total points
ID: 33678461
Make sure you use https:// and not http:// when you try to connect.

Have you run the Internet Address Management wizard? You do this by clicking "Set up your Internet Address" under Getting Started Tasks on the home page of the SBS Console.

http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx

Are you using the self signed SSL certificate that comes with SBS or have you purchased a trusted certificate? I would strongly recommend you purchase a trusted certificate from www.godaddy.com or a similar certificate supplier. Trusted SSL certificates are so cheap now that they will pay for themselves in time savings many times over.

Do you get any kind of error when you attempt to connect to your RWW site?
0
 

Author Comment

by:Darkner007
ID: 33679430
Hi siht,

I am not too sure about the ssl certificates. Is that something that is needed as well??

Also i have been putting https:// but the browser keeps saying that it cant find the web page.

Thanks
Paul
0
 
LVL 6

Expert Comment

by:siht
ID: 33679610
RWW uses SSL (Secure Sockets Layer), SLL requires valid SSL certificates to work. If you haven't purchased a trusted SSL certificate then you are using the self signed certificate that comes with SBS 2008. See the link below for instructions on how to distribute it.

http://blogs.technet.com/b/sbs/archive/2008/09/30/how-do-i-distribute-the-sbs-2008-self-signed-ssl-certificate-to-my-users.aspx

If you think doing the steps described above will cost you more than about $15 in time then you should follow the steps below to purchase and install a godaddy certificate, once it's installed correctly you can usually forget about certificates untill you need to renew it:

http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html
http://help.godaddy.com/topic/742/article/4877

For any of this to work you will need to run the following "Getting Started Tasks" in the SBS Console in order:
1. Connect to the Internet.
2. Set up your Internet Address.
3. Add a trusted certificate (if you plan to purchase one).

Also can you at least ping your "remote.domainname.com.au" from outside your network?
0
 

Author Comment

by:Darkner007
ID: 33680284
Have noticed this when I was going thru the application log (Have attached a screenshot of the error)

It is about sharepoint services having an error.

I think I will buy a ssl certificate to make it easier.


Sharepoint-services-error.docx
0
 

Author Comment

by:Darkner007
ID: 33680503
In registering for the SSL should I put in the common name www.remote.domainname.com.au or should it be just www.domainname.com.au??
0
 
LVL 6

Expert Comment

by:siht
ID: 33683870
It's just remote.domainname.com.au without the "www". That's what should be in your external DNS also. That is also what you use to connect to RWW, https://remote.domainname.com.au/remote.
0

Featured Post

How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

Join & Write a Comment

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Know what services you can and cannot, should and should not combine on your server.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now