Solved

App Server Access

Posted on 2011-09-16
7
245 Views
Last Modified: 2012-06-27
We have a SBS 2011 based network. We would like to give our outside app support team access to the app server via RWW. Right now only members of the Domain Admin group are able to see servers through RWW. Going through RWW, is there any way to limit that to only that one server and have them as a member of a more limited group.  Is there another method that could be used other than RDP through a VPN. The app server is Windows 2008 R2 based.

Thank you.
0
Comment
Question by:normajm400
  • 5
  • 2
7 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36551142
Normally to control you would go to the SBS console under users and groups | users | Remote access where you can grant the RWW access. Then in the same location under computers you can select to which computers they can have access. However for a user to have the servers in the list they have to be an network administrator and then all servers and computers are added and you cannot deny access.

The simple way would be to make them a network administrator which would give them RWA to servers, and then in active directory under the user's properties, on the Account tab, click the "Logon to" button. By default it is set to all computers. You can specify the computer/server to which you want to grant them access.
0
 

Author Comment

by:normajm400
ID: 36551894
"Logon to" is greyed out when selecting servers...
0
 

Author Comment

by:normajm400
ID: 36551992
Sorry, was looking in the wrong window.  I see what you mean now.  I will give that a try.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 

Author Comment

by:normajm400
ID: 36552068
Okay - if they are added to domain admins, they must have permission to log onto the DC in order to come in through RWW.  So, unfortunately that doesn't work as intended.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36552471
They should be able to authenticate to the domain without being able to log on to the DC. That is a different process. It's possible that is handled differently with RWW but it works well with VPN so I thought the same here.
0
 

Accepted Solution

by:
normajm400 earned 0 total points
ID: 36955823
It looks like for now the only option is VPN.  Thanks for the suggestions.
0
 

Author Closing Comment

by:normajm400
ID: 36978185
The other suggestions were not applicable.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question