Remote administration using terminal services in Windows Server.
Requirements:
- permission from the client to implement this service
- high speed Internet connection
- Windows 2000/2003 Server (or Windows NT 4.0 Terminal Services edition)
- router capable of port forwarding
1. Enable terminal services in remote admin mode.
- Click start, settings, control panels, add/remove programs.
- Click Add/Remove Windows Components, install Terminal Services.
2. In Active Directory Users and Groups, disable permission to log in
via terminal services for all users except those authorized to do so.
Right click on the user, choose Terminal Services Profile tab, uncheck
Allow log on to terminal server.
3. Make sure the server has a static IP address on the private network.
4. If the passwords on accounts with permission to log in remotely are
weak, change them now. Especially if those accounts are privileged.
5. If client does not have a static IP address, set up a dynamic dns
hostname with http://www.dyndns.org/.
6. Set up router to allow outside access to the server Ideally, the
client will have VPN for remote access. This is rarely the case, so we
usually have to make do with port forwarding. Forward requests from the
public Internet on TCP port 3389 to the server's private IP address.
7. While logged into the router, make sure it is configured to keep the
PPPoE connection alive all the time.
8. Test before leaving. I usually do this by connecting to a remote host
via terminal services, then try to connect back into the server.
9. Document the URL or IP address as a knowledge item on the org record
in changepoint.
Remote administration using Remote Desktop in Windows XP.
This is very similar to the above. The specifics are a little different.
Requirements:
- permission from the client to implement this service
- high speed Internet connection
- Windows XP Professional
- router capable of port forwarding
1. Enable remote desktop.
Right-click my computer, click Remote tab, check box next to "Allow
users to connect remotely to this computer". Choose which users are
permitted to log in remotely.
2. Make sure the server has a static IP address on the private network.
3. If client does not have a static IP address, set up a dynamic dns
hostname with http://www.dyndns.org/.
4. If the passwords on accounts with permission to log in remotely are
weak, change them now. Especially if those accounts are privileged.
5. Set up router to allow outside access to the PC. Ideally, the client
will have VPN for remote access. This is rarely the case, so we usually
have to make do with port forwarding. Forward requests from the public
Internet on TCP port 3389 to the server's private IP address.
6. While logged into the router, make sure it is configured to keep the
PPPoE connection alive all the time.
7. Test before leaving. I usually do this by connecting to a remote host
via terminal services, then try to connect back into the server.
8. Document the URL or IP address as a knowledge item on the org record
in changepoint.
To connect to a host from a remote location.
Windows XP already has the remote desktop connection client installed.
You can find it under Start, Programs, Accessories, Communications,
Remote Desktop Connection. I find it's faster to hit "Windows + R" to
open a run window and run mstsc.
In earlier versions of Windows it is necessary to install the Remote
Desktop Connection Client. It can be installed from the Windows XP
http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx