Remote Access





Remote access may refer to the connection to a data-processing system from a remote location, for example through a virtual private network remote desktop software, terminal emulation, or the activation of features of a business telephone system from outside the business's premises.

Share tech news, updates, or what's on your mind.

Sign up to Post


Is RDS the only way to give 5 people access to an Azure Virtual Machine (Windows 2016)?
Exploring SharePoint 2016
LVL 12
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.


In an Azure RDS a number of extra virtual machines are automatically installed as shown in the image. I had only one VM installed prior to the RDS
installation. I am concerned about costs. Will each additional VM cost as much as my original VM?

I added Azure RDS to my account last night.
I need a simple guide on how to add a user

I have already set up users in my Active directory. Is there a simple way to just connect these users to my RDS?

I installed RDS last night to give multiple users access to my Azure Windows 2016 VM.
It took almost 2 hours and gave me no indication of costs. Is this normal. Why does Microsoft make setting this up so hard?
I'm trying to lock down my Windows Server 2012 R2 RDS server to a security group. Previously, only members of this security group have been able to log in to the server. However, something has changed and now all users can log on.

We locked this down in the past by adding the security group to System Properties -> Remote Tab as below:

I've double checked local users and groups to see if this has applied to the remote desktop users local group:

Finally, I checked secpol to ensure that there were no unexpected groups in Allow log on through Remote Desktop Services:

I also checked the collection properties to ensure this was locked down correctly:

Is there anywhere else I'm missing? The most confusing part is that this was all working correctly about a week a go - something must have changed to bypass this and allow all users to log on, but I'm not sure what it could be.

I'd really appreciate any help
We are testing and deploying a Windows 2016 DC with a separate Windows 2016 Exchange server 2016.

The Windows DC has the Windows Server Essentials role installed for our external people. The DC is working fine and we can remote connect to RWW no problem

The issue is with our Exchange Server. We have installed everything OK - we can send and receive email through exchange to internal and external contacts.
The problem we are having is accessing OWA from outside our network - which is a critical part of the deployment.

Internally we can access web-mail with the URL https://kits-exchange/owa however we cannot reach Exchange 2016 OWA from outside network.

Looking at the issue we can see that our DC's IIS is hosting the default website giving us access to RWW via port 443 however on our Exchange server this is hosting its own default website and Exchange-Backend website on its IIS - this is on port 444 and 81

Question is - How do we reach OWA / webmail from outside out domain network.

Additional Info:
We have a configured Domain Name that points to the fixed IP of the broadband connection
We have a valid SSL Certificate bound to our DC for HTTPS remote access
We have followed the principle the Exchange should be installed on a separate server
We are IT Proficient and understand IT!

Thank you
I have a Server 2012 R2 Guest Machine, A Domain Controller that is a guest as well. It is a production environment and has been running well since 2012. Recently we received a new public IP address and had to make some adjustments to the server:

New SSL cert applied after the change.
Made sure no IPv6 is running. with the new router/switch.

Everything is working. httsp:// works, all offices can connect. 5 off site locations can connect.

A vendor needs to update his software for the client, we login and to manage rdweb services though the server manager and we discover the A remote desktop services deployment does not exist in the server pool.

I have googled every error in the error logs, tried ever thing in for the words A remote desktop services deployment does not exist in the server pool.

I have a client running a remote desktop server as a non-dc system in their network.  I noticed that an odd user showed up as a local (non-domain) user on the server.  I was able to change the password and log in as that user.  I found the attached program running.  Obviously, it appears their system has been compromised and used to host this Storm program.  I stopped the program via Task manager and then deleted the downloads that I found.  I then changed the password and disabled the local user and insured that it was not part of the authorized RDS users.  I've changed the domain admin's password and am having the users all change their's as well.  What recommendations does the community have for me regarding next steps.  Any input would be greatly appreciated.
Windows 2012r2. Rdp server

When I have a sub CD-ROM device attached to a client. And then crest rdp session to the server I’d like the cd rom to be available.  
But it’s not working
Client has all the right tick boxes ticked

I’m sure there is just a gpo setting somewhere but can’t find what’s preventing it from working.

Any ideas or log locations   ?

Although I’m pretty sure I’ve covered the basics.
Hi guys

I'm trying to roll out an RDP shortcut via GPO to ALL users machines under a particular OU. I need the IP address of the server that they will be connecting to, to be set before hand so that they can just double click on the icon and be prompted by their username/password.

The server they are connecting to is Windows 2012 R2, but the actual AD domain controllers are Windows 2008 R2.

What is the best way to do this?

Thanks for helping
HTML5 and CSS3 Fundamentals
LVL 12
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

I am struggling to get RDS functioning on a SBS 2011 network with attached Windows 2016 sever.  Here's what happened.  Joined the W2016 server to the SBS domain, and installed 50 RDS license on the W2016 server and the RDS Licensing role, on recommendation that the primary DC should not also be the RDS Licensing server.  Things appeared to work for a while (possibly becuase within the 180day RDS licence grace period).   Then as a separtae issue, multiple overnight (8hr) power outgaes caused AD corruption and the need to make a fresh install of SBS2011 server, join the W2016 server to the "new" SBS domain.  

1) Now the RDS licenses are shown as present, but not active, it seems that I need to revoke them, tell Microsoft why, and then re-install them?
2) The overall objective is to have our remote office users access line of business applications that are installed on the W2016 sever via RDS.  I don't understand which roles should be with the SBS2011 DC and which roles with the W2016 server:   RD Gateway, RD Web Access, RD Session Host, RD Connection Broker.

I attach some screen shots of what we have.   Guidance would be appreciated!

GrahamScreenshot of W2016 ServerRDS Licensing PageRDS Diagnostics
Here's a weird one...

I have to install a Cisco 5506 ASA at a location that had a Cisco 5505 ASA.  The old 5505 will be moved to a branch site.  Both ASA's will be accepting remote access VPN connections and a site-to-site VPN between the ASA's.

Since I'm doing all this remotely, I had the new 5506 shipped to me.  I took a spare 5505 that I had and connected everything to a 3750 switch that I configured to act as the internet.  I got both ASA's configured so that I could establish remote access VPN sessions from "the outside" and access devices on the inside.  The site-to-site VPN came up fine as well.  

I boxed up the 5506 and shipped it to the main office where the existing 5505 was removed and the 5506 was installed in it's place.  Worked perfectly.

The 5505 was then given the new config that I created in the lab environment.  It was then installed in the branch site.  The 5505 came up fine, inside users have internet access, site-to-site VPN works fine and remote access VPN sessions can be established.  But... remote access VPN users can't access any inside devices.  And I can't establish an SSH session to the ASA.

I compared the running 5505 config with the one that works in the lab.  They are identical.  I then setup my spare 5505 on the lab environment with the exact same config.  I can establish a remote access VPN connection, access inside devices and get an SSH session to the ASA working.

The question is: why is it not working on the live site …
Does anyone know if Sonicwall makes a VPN client for Apple Mac computers?
Hi, I have set up server 2016 with IIS Application Request Routing, (about 3 weeks ago) to enable sharing one internet connection for port 443, between a Remote Web Access server and an exchange 2013 server. The connection was working perfectly until this morning. Remote access on 443 fails to both servers. The setup was with different FQDNs and the appropriate certificates.

I cannot find any instructions to troubleshoot this type of setup there are articles on load balancing Exchange servers but nothing for this, I'm not even able to find out where the configuration can be accessed to see if something has changed.
Ok folks, I'm stumped.

I have a Server 2016 RDS Environment with 6 session hosts and a separate server holding the Connection broker, Gateway, and Web Access roles.
Everything works great, for the 125 users we ask this environment to handle.  The only wrinkle is that we have a small subset of users that have two user accounts due to our business rules.  

The issue is that those users cannot connect with both user accounts simultaneously.  I must have them log into one account, and log off before they can log into the other account.  If the user attempts to double click the shortcut on their desktop (downloaded from RDWEB) it simply uses the credentials cached with the connection broker.  I cannot find a way to prompt for credentials.

Any help much appericated!

I am trying to connect to windows server 2008R2 (Active directory) using the remote desktop connection from same network (both server and computer fall within same network However, the server is a domain controller while the computer is not joining the domain (workgroup computer). I have administrator privileges and I can login to the server remotely from any computer within the active directory while I can not do that from any other computer fall within the workgroup

I use the coordinate

computer name:
username: administrator
password: ************
Still attempting to lock down any access to the Internet (via IE 11) on my Windows Server 2008 R2 which I use to host RemoteApps via RDP.  I have everything pretty well locked down now, but users can still browse, download files, and actually run programs on my server from the web using the "CTRL+U" key combination.  I've been able (thru GPO and Windows Registry entries) to lock down CTRL+O, CTRL+P, CTRL+T, CTRL+S, F1, "right-clicking" to "view source" (i.e. right-click is totally inoperable).  The only apparent "chink in my armor" is the CTRL+U key combination which displays the web page source and provides an option to "Save..." which opens the Windows Standard Save As Dialog box, which, in turn, allows the user to type in any program (e.g. CMD.EXE which opens up a command prompt).  Any help would definitely be appreciated....after resolving all the other key combinations, this last one is driving me crazy!
I found a piece of software called PortExpert by KC Software

"PortExpert gives you a detailed vision of your personnal computer cybersecurity. It automatically monitors all applications connected to the Internet and give you all the information you might need to identify potential threats to your system."

But it's aimed at home computer I think because it has to be installed on every computer with no central monitor, I looking for an enterprise version

Looking for a tool that can monitors all applications connected to the Internet.

Or in more simple terms I looking for intruders - We only have one public IP Address that used by a handful of people to connect to our RDS server.

I guess I am looking at a way to monitor the connection

Is this possible?

I need an affordable alternative to GoToMyPC
1 PC
SImple setup
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Hi There,

we are using several RDS session, they all work fine with office but one...
each time someone tries signing into office we get a script error ( attached)

as anyone seen this before or can help?

Thanks :DScript error
Setting up a few Remote Desktop Session hosts on Server 2016.  Are there any GPOs that I can use to stop users from saving files to the desktop and seeing the C drive if the server?

Everyone already has a shared drive where everything should be stored and I don't want to do redirected folders if I can avoid it.  Also, can this be done where it only affects users in RDS and not their work station?
Dear Experts,

We have some problems with RDS and default printer settings.
My first thought was the checkbox "Redirected Printers" in the RDP icon.
But even when i disabled this, users get a random printer assigned as their default.
Most of the time its a complete other printer. or the PDF writer.
I tried several group policy settings like.

Do not set default client printer to be default printer in a session

Still it jumps everytime.
Problem is. users need to redirect printers and some users dont need redirected printers.
And they all want their own default printer obviously.

Any suggestions? where to start?
I'm attempting to lock down any access to the Internet (via IE 11) on my Windows Server 2008 R2 which I use to host RemoteApps via RDP.  I have everything pretty well locked down now, but user's can still browse (or download files) from the web using the "Ctrl+O" key combination.  Does anyone know how I can turn off this key combination option to help me make my system more secure?
A most recent PCI scan of our ASA firewall has revealed multiple deficiencies. We use the firewall for remote access VPN connections using Anyconnect, with a minimum TLS level of 1.1.

The issues follow - I would like to know the most efficient way of addressing, using ASDM if possible;

- Weak Encryption Ciphers identified on VPN Device (Weak encryption ciphers, such as DES or 3DES, were identified as supported on this VPN device)
- Block cipher algorithms with block size of 64 bits (like DES and 3DES)
- Weak Diffie-Hellman groups identified on VPN Device (Use Diffie-Hellman Key Exchange Group 5 or higher where possible, or the highest available to the VPN endpoints)

It should be expected that all of our VPN endpoints are fairly current.

Would changing the DH group (from Group 2) to Group 5 and setting the TLS1.1 SSL cipher to MEDIUM (removes DES) accomplish this at little risk to VPN clients?

Current VPN connections (ASDM monitoring) indicate the use of AES256 but if you can suggest a command to provide better insight that would be appreciated.

Thanks in advance!
With Server 2016+Essentials Role, you can log in at and securely access files, etc. and connect to any PCS for which you are granted access. When you initiate an RDP session to a PC, you have to go through a series of dialogs before you connect.

I was hoping to be able to save a .RDP file for a user (to eliminate all the steps), but it looks like it is dynamically created? Not sure. I know I can change the RDP port on the client PC and port forward from the router, but was wondering if my guess is correct about the dynamic RDP connection, or I'm just missing how to save the RDP session for later use.


Remote Access





Remote access may refer to the connection to a data-processing system from a remote location, for example through a virtual private network remote desktop software, terminal emulation, or the activation of features of a business telephone system from outside the business's premises.