App Server Access

Posted on 2011-09-16
Last Modified: 2012-06-27
We have a SBS 2011 based network. We would like to give our outside app support team access to the app server via RWW. Right now only members of the Domain Admin group are able to see servers through RWW. Going through RWW, is there any way to limit that to only that one server and have them as a member of a more limited group.  Is there another method that could be used other than RDP through a VPN. The app server is Windows 2008 R2 based.

Thank you.
Question by:normajm400
  • 5
  • 2
LVL 77

Expert Comment

by:Rob Williams
ID: 36551142
Normally to control you would go to the SBS console under users and groups | users | Remote access where you can grant the RWW access. Then in the same location under computers you can select to which computers they can have access. However for a user to have the servers in the list they have to be an network administrator and then all servers and computers are added and you cannot deny access.

The simple way would be to make them a network administrator which would give them RWA to servers, and then in active directory under the user's properties, on the Account tab, click the "Logon to" button. By default it is set to all computers. You can specify the computer/server to which you want to grant them access.

Author Comment

ID: 36551894
"Logon to" is greyed out when selecting servers...

Author Comment

ID: 36551992
Sorry, was looking in the wrong window.  I see what you mean now.  I will give that a try.
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.


Author Comment

ID: 36552068
Okay - if they are added to domain admins, they must have permission to log onto the DC in order to come in through RWW.  So, unfortunately that doesn't work as intended.
LVL 77

Expert Comment

by:Rob Williams
ID: 36552471
They should be able to authenticate to the domain without being able to log on to the DC. That is a different process. It's possible that is handled differently with RWW but it works well with VPN so I thought the same here.

Accepted Solution

normajm400 earned 0 total points
ID: 36955823
It looks like for now the only option is VPN.  Thanks for the suggestions.

Author Closing Comment

ID: 36978185
The other suggestions were not applicable.

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now