Solved

DC and RDP

Posted on 2012-12-22
5
314 Views
Last Modified: 2012-12-23
I have to install RDS services on a WIndows 2008R2 DC

(I know it is not a recommended thing to do for security reasons but I have to do it anyway...)

What specific things do I have to do in order to make this solution work?

Thank you
0
Comment
Question by:gadsad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 38716237
OK - It would be remiss of me not to point out that this is not recommended as you are blowing a big whole in your security by effectively allowing users to log-on locally to the DC.

If you really must do this (under protest and having pointed out the folly of the practice) ,then see http://technet.microsoft.com/en-us/library/cc742817(v=ws.10).aspx
0
 
LVL 9

Expert Comment

by:jsdray
ID: 38716278
Just don't forget to verify RDP is enabled in the firewall....
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 38716292
- make sure port 3389 points to the server ip in your firewall
- on the server / Start / right click Computer / Remote Settings / Remote / Remote Desktop check "Allow connections from computers running any versions of Remote Desktop (less secure) / Select Users, add user.
- Start / Administrator Tools / ADUC / expand Sever.local / Builtin / Remote Desktop Users make sure user is added here.

If you wish to make this more secure you can change the IP address from 3389 to 3390 or another port however if you wish to do this open another thread and I'll run you through it.
0
 
LVL 12

Expert Comment

by:DLeaver
ID: 38717426
As stated above if you are accessing this externally then its good practice to change the port from the default.

You can do this either by redirecting from a different source port to the destination port of 3389 (eg external port 3391 to 3389 on your firewall.

Or you can change the listening port on your server outlined here

http://support.microsoft.com/kb/306759

If you choose option 2 make sure you open the custom port on your windows firewall as well

You would also need to append the port number to the IP before connecting
0
 

Author Closing Comment

by:gadsad
ID: 38717444
thank you
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question