Solved

server 2008 and TSWEB access and making it secure

Posted on 2011-02-11
4
285 Views
Last Modified: 2012-05-11
Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases.  They simply go to 'http://server.domainname.com' and logon and work.  Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625.  I further found that anybody can directly remote into the server via external IP.  
Does remote desktop and TSWebaccess go hand in hand?  How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
0
Comment
Question by:amanzoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 34881596
>>Does remote desktop and TSWebaccess
Yes and no.  There is the gateway service that uses port 443 rather than 3389, but then this would connect to the Remote Desktop Services via 3389 on behalf of the client.

Sadly, unless all of your clients connect from specific IP addresses there is no way to block which IP's connect because your users could connect from random IP addresses.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 34885075
THanks Demazter:
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window?  Is it IIS or something else?)  secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35205126
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question