App Server Access

We have a SBS 2011 based network. We would like to give our outside app support team access to the app server via RWW. Right now only members of the Domain Admin group are able to see servers through RWW. Going through RWW, is there any way to limit that to only that one server and have them as a member of a more limited group.  Is there another method that could be used other than RDP through a VPN. The app server is Windows 2008 R2 based.

Thank you.
normajm400Asked:
Who is Participating?
 
normajm400Connect With a Mentor Author Commented:
It looks like for now the only option is VPN.  Thanks for the suggestions.
0
 
Rob WilliamsCommented:
Normally to control you would go to the SBS console under users and groups | users | Remote access where you can grant the RWW access. Then in the same location under computers you can select to which computers they can have access. However for a user to have the servers in the list they have to be an network administrator and then all servers and computers are added and you cannot deny access.

The simple way would be to make them a network administrator which would give them RWA to servers, and then in active directory under the user's properties, on the Account tab, click the "Logon to" button. By default it is set to all computers. You can specify the computer/server to which you want to grant them access.
0
 
normajm400Author Commented:
"Logon to" is greyed out when selecting servers...
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
normajm400Author Commented:
Sorry, was looking in the wrong window.  I see what you mean now.  I will give that a try.
0
 
normajm400Author Commented:
Okay - if they are added to domain admins, they must have permission to log onto the DC in order to come in through RWW.  So, unfortunately that doesn't work as intended.
0
 
Rob WilliamsCommented:
They should be able to authenticate to the domain without being able to log on to the DC. That is a different process. It's possible that is handled differently with RWW but it works well with VPN so I thought the same here.
0
 
normajm400Author Commented:
The other suggestions were not applicable.
0
All Courses

From novice to tech pro — start learning today.