[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 557
  • Last Modified:

implementing remote desktop (Terminal Services web access) and domain on server 2008

hi,
I am the network administrator for a small private school. I am actually a teacher that has learned how to set up a network at my school. I'm running a terminal server 2008 environment. Started out with NT 4 if that says anything ;).

Because of our lack of funds our domain controller, terminal server, DNS server, DHCP server, etc. is all in one box. We are not too worried about security because the only thing that is on our server is basic programs needed for teaching computer and our personal documents. I've already heard about the many security issues with having everything in one box but that is not my concern.

Okay... now that we have that out of the way...

In my original domain set up I used a "business.local" name for my domain. However, now I want to implement remote web access (TS Web Access) for our server.  

My question is, what do I need to do to make this happen? In other words, what order do I need to proceed?

I have already installed the services necessary via Microsoft Web platform installer 2.0 and I was just completing a server certificate request (SSL) when I realize I have to have a "real" domain name.

Our school has a domain "esja.org" that is registered with Webula.com and the domain is currently being hosted on a provided school system site. I have also setup google apps with our school and have forwarded the appropriate subdomains to google...

so... I was considering the subdomain name server.esja.org for our server and configuring that as a cname at Webula.com

any guidance or help would be appreciated
0
ambantin
Asked:
ambantin
1 Solution
 
timhodkinCommented:
Depending on who is using the server you don't have to have the full SSL setup.
If you and possibly 1-2 other people are using it just to administer the server then i wouldn't bother. Just install the self certified certificate onto the local PC's.

I would howerver setup the A record for the domain server.domain.name, remote.domain.name etc. This makes it a lot easier to use.

Here is a step by step from M$ on the setup procedure. See if you can get it running using this:

Step By step guide:
http://technet.microsoft.com/en-us/library/cc730673%28WS.10%29.aspx

0
 
pvlierCommented:
The basic plan:
1. If using SSL buy a sertificate (server.esja.org)
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
3. Forward port 3389 from your internetrouter to the internal ip of your server
4. Configure terminal services and usersrights
0
 
ambantinAuthor Commented:
1. If using SSL buy a sertificate (server.esja.org)

OK used a service to create a SSL and have installed it.

2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection

Our school has a dynamic IP address (previously just used for plain internet access). So, as a workaround I have set up an account with dyndns.com and have chosen one of their domains for forwarding (esja.gotdns.com) And I entered that into my domain DNS as a forwarding URL. Now when I type server.esja.org it takes me to my VoIP routers GUI screen (I have my VoIP router setup on the DMZ) so at least I'm getting to my router..

3. Forward port 3389 from your internetrouter to the internal ip of your server

I set up a forward on 3389 to my server... when I open RD on my client I am able to access my login screen by esja.gotdns,com:3389     However server.esja.org does not work... Not sure what to do with this part...


4. Configure terminal services and usersrights

already done
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
pvlierCommented:
Hi Ambantin,
I didn't realize you didn't have a static IP. We've dont lot's of work for schools and they all had static ip's because they were connected to a special school-aimed internet-network.
Are you getting an error message when connecting to esja.gotdns.com? You should if using the SSL option. The problem now is that your certificate name doesn't match the server name (server.esja.org <> esja.gotdns.com).
Back to the 'server.esja.org does not work' problem... The redirect you setup only works for the HTTP(s) protocol. When using a browser you get redirected to esja.gotdns.com because the webserver where server.esja.org is located tells your browser to go to esja.gotdns.com instead. However it does not tell your RDP client sofware which tries to connect on port 3389 to the ip of server.esja.org (which is located your WEBSERVER and not your school) to redirect... this is because of the rdp protocol instead of the http(s) protocol.
What you need to do is remove the redirect, delete the server.esja.org record and create a new CNAME record for server.esja.org which points to esja.gotdns.com. the CNAME dns record the 'redirect' method for names.... Could be you get into trouble with the certificate name again because the rdp software want's to have the 'endpoint' name on the certificate which is esja.gotdns.com. But not sure about that... The cname should fix the 'server.ejsa.org not working' issue...
Please mind it could take minutes to a couple of hours for your ISP's dns to pickup the changes to the server.esja.org dns record and until then your computer doesn't know of the change. you'll have to wait...
0
 
ambantinAuthor Commented:
dyndns.com works great... forwarding the port to my server was the answer
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now