ambantin
asked on
implementing remote desktop (Terminal Services web access) and domain on server 2008
hi,
I am the network administrator for a small private school. I am actually a teacher that has learned how to set up a network at my school. I'm running a terminal server 2008 environment. Started out with NT 4 if that says anything ;).
Because of our lack of funds our domain controller, terminal server, DNS server, DHCP server, etc. is all in one box. We are not too worried about security because the only thing that is on our server is basic programs needed for teaching computer and our personal documents. I've already heard about the many security issues with having everything in one box but that is not my concern.
Okay... now that we have that out of the way...
In my original domain set up I used a "business.local" name for my domain. However, now I want to implement remote web access (TS Web Access) for our server.
My question is, what do I need to do to make this happen? In other words, what order do I need to proceed?
I have already installed the services necessary via Microsoft Web platform installer 2.0 and I was just completing a server certificate request (SSL) when I realize I have to have a "real" domain name.
Our school has a domain "esja.org" that is registered with Webula.com and the domain is currently being hosted on a provided school system site. I have also setup google apps with our school and have forwarded the appropriate subdomains to google...
so... I was considering the subdomain name server.esja.org for our server and configuring that as a cname at Webula.com
any guidance or help would be appreciated
I am the network administrator for a small private school. I am actually a teacher that has learned how to set up a network at my school. I'm running a terminal server 2008 environment. Started out with NT 4 if that says anything ;).
Because of our lack of funds our domain controller, terminal server, DNS server, DHCP server, etc. is all in one box. We are not too worried about security because the only thing that is on our server is basic programs needed for teaching computer and our personal documents. I've already heard about the many security issues with having everything in one box but that is not my concern.
Okay... now that we have that out of the way...
In my original domain set up I used a "business.local" name for my domain. However, now I want to implement remote web access (TS Web Access) for our server.
My question is, what do I need to do to make this happen? In other words, what order do I need to proceed?
I have already installed the services necessary via Microsoft Web platform installer 2.0 and I was just completing a server certificate request (SSL) when I realize I have to have a "real" domain name.
Our school has a domain "esja.org" that is registered with Webula.com and the domain is currently being hosted on a provided school system site. I have also setup google apps with our school and have forwarded the appropriate subdomains to google...
so... I was considering the subdomain name server.esja.org for our server and configuring that as a cname at Webula.com
any guidance or help would be appreciated
The basic plan:
1. If using SSL buy a sertificate (server.esja.org)
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
3. Forward port 3389 from your internetrouter to the internal ip of your server
4. Configure terminal services and usersrights
1. If using SSL buy a sertificate (server.esja.org)
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
3. Forward port 3389 from your internetrouter to the internal ip of your server
4. Configure terminal services and usersrights
ASKER
1. If using SSL buy a sertificate (server.esja.org)
OK used a service to create a SSL and have installed it.
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
Our school has a dynamic IP address (previously just used for plain internet access). So, as a workaround I have set up an account with dyndns.com and have chosen one of their domains for forwarding (esja.gotdns.com) And I entered that into my domain DNS as a forwarding URL. Now when I type server.esja.org it takes me to my VoIP routers GUI screen (I have my VoIP router setup on the DMZ) so at least I'm getting to my router..
3. Forward port 3389 from your internetrouter to the internal ip of your server
I set up a forward on 3389 to my server... when I open RD on my client I am able to access my login screen by esja.gotdns,com:3389 However server.esja.org does not work... Not sure what to do with this part...
4. Configure terminal services and usersrights
already done
OK used a service to create a SSL and have installed it.
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
Our school has a dynamic IP address (previously just used for plain internet access). So, as a workaround I have set up an account with dyndns.com and have chosen one of their domains for forwarding (esja.gotdns.com) And I entered that into my domain DNS as a forwarding URL. Now when I type server.esja.org it takes me to my VoIP routers GUI screen (I have my VoIP router setup on the DMZ) so at least I'm getting to my router..
3. Forward port 3389 from your internetrouter to the internal ip of your server
I set up a forward on 3389 to my server... when I open RD on my client I am able to access my login screen by esja.gotdns,com:3389 However server.esja.org does not work... Not sure what to do with this part...
4. Configure terminal services and usersrights
already done
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
dyndns.com works great... forwarding the port to my server was the answer
If you and possibly 1-2 other people are using it just to administer the server then i wouldn't bother. Just install the self certified certificate onto the local PC's.
I would howerver setup the A record for the domain server.domain.name, remote.domain.name etc. This makes it a lot easier to use.
Here is a step by step from M$ on the setup procedure. See if you can get it running using this:
Step By step guide:
http://technet.microsoft.com/en-us/library/cc730673%28WS.10%29.aspx