• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 86
  • Last Modified:

Configuring RDP Server with windows 2012 R2

Dear Team,

I want to configure a RDP server so that i want my users from  remote sites (also internal)   to access shared Folders.
The user details will be created in my local AD server.
I also want to set permission for the shares based on the department .
Can you please help me in setting up as i haven't done the setup

Please help me as it is urgent.
0
Raneesh A
Asked:
Raneesh A
  • 5
  • 3
1 Solution
 
Tomas ValentaIT ManagerCommented:
So 2 tasks - 1) Remote access by RDP and 2) Configuring permissions for Shared folder:
Ad 2) - The main rule for this task is AGDLP (https://en.wikipedia.org/wiki/AGDLP)
decide what types of access you need (read, write, no access,..) and if "type of access"= Department. If this is true then create Domain groups for every department, add members to the groups, create local group on server, add Domain Groups to Local Groups, add Security settings of the folders or files with requested level of access based on your needs (add Local Groups). Break permission inheritance on top level Folder (on top level folder practically only System and Administrators group FULL Access recommended). On Share level permission remove Everyone and leave (or add) Domain users with full access.
0
 
Tomas ValentaIT ManagerCommented:
Ad 1)
Configure RDP by for example this steps - https://msfreaks.wordpress.com/2013/12/09/windows-2012-r2-remote-desktop-services-part-1/
Create published application - Explorer - to give users access to the Shared Folders. What is important is good configuration of Group policy to break down permission of users on RDP server because users are
connecting directly to your server and can potentially run some unwanted programs, scripts,....
The last step is configuration of your firewall to allow your users to access RDP server from outside.
The better should be to have VPN connection with permission only to this RDP server and only RDP ports but I don't know your real environment.
0
 
Raneesh AIT EngineerAuthor Commented:
Hi Tomas,
D i need to configure RD Connection Broker, RD web Access....
Since the only purpose   the user has to access the Shared FIles remotely with appropriate permission, can i enable the Terminal Licenses and add the license purchased and the users can remote simultaneously and access the Shares.
or do i need to configure all the settings mentioned in the url.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Tomas ValentaIT ManagerCommented:
And do you have VPN connection for these remote users ?
0
 
Raneesh AIT EngineerAuthor Commented:
I have public IP so that i can NAT to the server.
0
 
Tomas ValentaIT ManagerCommented:
OK. But then you expose your server directly to the Internet. How many users need this access ?
0
 
Raneesh AIT EngineerAuthor Commented:
I have 10 user based license. So maximum at a time is 10.
0
 
Tomas ValentaIT ManagerCommented:
Based on your answer I can give you some new idea. Why not use WebDAV for files server access.
It is included in MS server product, access is by http(s) protocol, Windows client can map it like
normal network share and also Windows Office products can Open and Save files to WebDAV
server. Here is detailed how-to configuration guide.
https://www.iis.net/learn/install/installing-publishing-technologies/installing-and-configuring-webdav-on-iis
No costs for licenses needed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now