Re: RDP through ISA 2000 for a non-domain user on SBS2003
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Thu, 12 Jul 2007 09:10:09 GMT
Hello Gary,
Thank you for your kind update.
If you cannot join the laptop to yours SBS domain, you have to create a
local user account on the laptop with the same username and password as the
user account you created in SBS domain. Then logon the laptop with this
same local user account.
If this method fail, we only have to join the laptop to SBS domain.
Hope these steps will give you some help.
Thanks and have a nice day!
Best regards,
Terence Liu(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Gary D" <gary@xxxxxxxxxxxxxxxx>
| References: <D671F179-41EC-43D4-806C-C04A5FE8D6F3@xxxxxxxxxxxxx>
<6yQRTzswHHA.4536@xxxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: RDP through ISA 2000 for a non-domain user on SBS2003
| Date: Wed, 11 Jul 2007 10:09:48 +0100
| Lines: 166
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#AL1$r5wHHA.4572@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: mailgate.okfinance.ltd.uk 80.176.163.34
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:49661
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Thanks Terence, will try installing the firewall client, but cannot join
the
| laptop to the domain because it is part of another companys domain
already.
|
| Thanks agin for your reply
|
| Gary D
|
|
| "Terence Liu [MSFT]" <v-terliu@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:6yQRTzswHHA.4536@xxxxxxxxxxxxxxxxxxxxxxxxx
| > Hello Gary,
| >
| > Thank you for posting here.
| >
| > According to your description, I understand that one client does not
join
| > SBS domain cannot access external RDP. If I have misunderstood the
| > problem,
| > please don't hesitate to let me know.
| >
| > Based on my research, the web proxy and the ISA firewall client can
| > provide
| > user authentication to ISA server when the traffic need to go through
the
| > ISA. You can access the external web sites from the laptop, because you
| > set
| > web proxy on the laptop. You cannot access RDP from the laptop, because
| > the
| > web proxy only support http, https, ftp and socks. The RDP cannot go
| > through the web proxy. The RDP access will go through SecureNAT (ensure
| > the
| > default gateway of the laptop is pointing to ISA internal NIC), but the
| > SecureNAT cannot provide user authentication, so the access will fail.
| >
| > Therefore, the only way to resolve this issue is install the ISA
firewall
| > client on the laptop and logon the laptop with domain account you
created
| > for the laptop user (so I suggest you join the laptop to SBS domain).
Then
| > the RDP access with go through the firewall client, and the firewall
| > client
| > can provide user authentication to the ISA server.
| >
| > If we cannot resolve the issue after we perform the above steps, please
| > kindly help me collect some information for further investigation:
| >
| > 1. Run command "ipconfig /all > c:\ipconfig_sbs.txt" and "route print >
| > c:\route_sbs.txt" on SBS, send the files c:\ipconfig_sbs.txt and
| > c:\route_sbs.txt to me at v-terliu@xxxxxxxxxxxxx
| >
| > 2. Run command "ipconfig /all > c:\ipconfig_client.txt" and "route
print >
| > c:\route_client.txt" on laptop client, send the files
| > c:\ipconfig_client.txt and c:\route_client.txt to me at
| > v-terliu@xxxxxxxxxxxxx
| >
| > 3. Please help to gather the ISA Info:
| >
| > 1) Please download the isainfo.vbe from:
| > http://www.isatools.org/tools/isainfo.vbe.
| >
| > 2) Run the script isainfo.vbe on the SBS server.
| >
| > 3) Send the ISAinfo log files to me at v-terliu@xxxxxxxxxxxxxx
| >
| > 4. Please also help to gather the ISA logs:
| >
| > 1) Open ISA Management console, navigate to 'Monitoring
| > Configuration'\'Logs'. In the right panel, right-click 'Packet filters'
| > and
| > choose 'Properties'.
| >
| > 2) In the 'Fields' tab, select ALL log fields. Also enable all the log
| > fields for 'ISA Server Firewall service' and 'ISA Server web proxy
| > service'
| > log. Navigate to 'Monitoring'\'Services', restart the ISA related
| > services.
| >
| > 3) After reproducing the problem, gather the recent log files in
| > C:\Program
| > Files\Microsoft ISA Server\ISAlogs\ folder and send them to me for
further
| > research.
| >
| > Hope these steps will give you some help.
| >
| > Thanks and have a nice day!
| >
| > Best regards,
| >
| > Terence Liu(MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| >
| > --------------------
| > | From: "Gary D" <gary@xxxxxxxxxxxxxxxx>
| > | Subject: RDP through ISA 2000 for a non-domain user on SBS2003
| > | Date: Mon, 9 Jul 2007 16:50:13 +0100
| > | Lines: 15
| > | Message-ID: <D671F179-41EC-43D4-806C-C04A5FE8D6F3@xxxxxxxxxxxxx>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | format=flowed;
| > | charset="iso-8859-1";
| > | reply-type=original
| > | Content-Transfer-Encoding: 7bit
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Windows Mail 6.0.6000.16480
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16480
| > | X-MS-CommunityGroup-MessageCategory:
| > {E4FCE0A9-75B4-4168-BFF9-16C22D8747EC}
| > | X-MS-CommunityGroup-PostID: {D671F179-41EC-43D4-806C-C04A5FE8D6F3}
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | Path: TK2MSFTNGHUB02.phx.gbl
| > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:49175
| > | NNTP-Posting-Host: TK2MSFTNGHUB02.phx.gbl 127.0.0.1
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | I have a user who connects their XP laptop to my SBS network rarely. I
| > have
| > | implemented ISA whitelists etc all working OK. I have created a user
| > account
| > | ( for the roamer) and allowed full web access (they are prompted for
| > | username/password when using internet).
| > |
| > | All is OK, however they cannot RDP to external sites. All the other
| > domain
| > | PC's can RDP no problem.
| > |
| > | I have even tried adding and Allow All/All/All rule.
| > |
| > | Any ideas much appreciated
| > |
| > | TIA Gary D
| > |
| > |
| > |
| >
|
|
|
.
- References:
- RDP through ISA 2000 for a non-domain user on SBS2003
- From: Gary D
- RE: RDP through ISA 2000 for a non-domain user on SBS2003
- From: Terence Liu [MSFT]
- Re: RDP through ISA 2000 for a non-domain user on SBS2003
- From: Gary D
- RDP through ISA 2000 for a non-domain user on SBS2003
- Prev by Date: Re: Remote Web Workplace in sbs 2003
- Next by Date: Re: ID 537 in security eventlog
- Previous by thread: Re: RDP through ISA 2000 for a non-domain user on SBS2003
- Next by thread: SBS2003R2>Windows Mobile>Verizon>Motorla Q phone
- Index(es):
Relevant Pages
|
