Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

implementing remote desktop (Terminal Services web access) and domain on server 2008

Posted on 2010-09-12
6
Medium Priority
?
552 Views
Last Modified: 2013-11-30
hi,
I am the network administrator for a small private school. I am actually a teacher that has learned how to set up a network at my school. I'm running a terminal server 2008 environment. Started out with NT 4 if that says anything ;).

Because of our lack of funds our domain controller, terminal server, DNS server, DHCP server, etc. is all in one box. We are not too worried about security because the only thing that is on our server is basic programs needed for teaching computer and our personal documents. I've already heard about the many security issues with having everything in one box but that is not my concern.

Okay... now that we have that out of the way...

In my original domain set up I used a "business.local" name for my domain. However, now I want to implement remote web access (TS Web Access) for our server.  

My question is, what do I need to do to make this happen? In other words, what order do I need to proceed?

I have already installed the services necessary via Microsoft Web platform installer 2.0 and I was just completing a server certificate request (SSL) when I realize I have to have a "real" domain name.

Our school has a domain "esja.org" that is registered with Webula.com and the domain is currently being hosted on a provided school system site. I have also setup google apps with our school and have forwarded the appropriate subdomains to google...

so... I was considering the subdomain name server.esja.org for our server and configuring that as a cname at Webula.com

any guidance or help would be appreciated
0
Comment
Question by:ambantin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Expert Comment

by:timhodkin
ID: 33656389
Depending on who is using the server you don't have to have the full SSL setup.
If you and possibly 1-2 other people are using it just to administer the server then i wouldn't bother. Just install the self certified certificate onto the local PC's.

I would howerver setup the A record for the domain server.domain.name, remote.domain.name etc. This makes it a lot easier to use.

Here is a step by step from M$ on the setup procedure. See if you can get it running using this:

Step By step guide:
http://technet.microsoft.com/en-us/library/cc730673%28WS.10%29.aspx

0
 
LVL 8

Expert Comment

by:pvlier
ID: 33656403
The basic plan:
1. If using SSL buy a sertificate (server.esja.org)
2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection
3. Forward port 3389 from your internetrouter to the internal ip of your server
4. Configure terminal services and usersrights
0
 

Author Comment

by:ambantin
ID: 33657002
1. If using SSL buy a sertificate (server.esja.org)

OK used a service to create a SSL and have installed it.

2. create an entry in the domain dns for server.esja.org and point it to the external IP of your internet connection

Our school has a dynamic IP address (previously just used for plain internet access). So, as a workaround I have set up an account with dyndns.com and have chosen one of their domains for forwarding (esja.gotdns.com) And I entered that into my domain DNS as a forwarding URL. Now when I type server.esja.org it takes me to my VoIP routers GUI screen (I have my VoIP router setup on the DMZ) so at least I'm getting to my router..

3. Forward port 3389 from your internetrouter to the internal ip of your server

I set up a forward on 3389 to my server... when I open RD on my client I am able to access my login screen by esja.gotdns,com:3389     However server.esja.org does not work... Not sure what to do with this part...


4. Configure terminal services and usersrights

already done
0
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

 
LVL 8

Accepted Solution

by:
pvlier earned 2000 total points
ID: 33665609
Hi Ambantin,
I didn't realize you didn't have a static IP. We've dont lot's of work for schools and they all had static ip's because they were connected to a special school-aimed internet-network.
Are you getting an error message when connecting to esja.gotdns.com? You should if using the SSL option. The problem now is that your certificate name doesn't match the server name (server.esja.org <> esja.gotdns.com).
Back to the 'server.esja.org does not work' problem... The redirect you setup only works for the HTTP(s) protocol. When using a browser you get redirected to esja.gotdns.com because the webserver where server.esja.org is located tells your browser to go to esja.gotdns.com instead. However it does not tell your RDP client sofware which tries to connect on port 3389 to the ip of server.esja.org (which is located your WEBSERVER and not your school) to redirect... this is because of the rdp protocol instead of the http(s) protocol.
What you need to do is remove the redirect, delete the server.esja.org record and create a new CNAME record for server.esja.org which points to esja.gotdns.com. the CNAME dns record the 'redirect' method for names.... Could be you get into trouble with the certificate name again because the rdp software want's to have the 'endpoint' name on the certificate which is esja.gotdns.com. But not sure about that... The cname should fix the 'server.ejsa.org not working' issue...
Please mind it could take minutes to a couple of hours for your ISP's dns to pickup the changes to the server.esja.org dns record and until then your computer doesn't know of the change. you'll have to wait...
0
 

Author Closing Comment

by:ambantin
ID: 33914638
dyndns.com works great... forwarding the port to my server was the answer
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question