Re: Getting back SBS TS access
- From: AnchorDave <AnchorDave@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 8 May 2008 21:10:00 -0700
Totally agree, nightmare to manage and requires static ip's but for 1 or 2
users a valid and easy quick solution that requires no additional hardware or
software.
the functionality of the sbs desktop gateway is hard to duplicate at any
price really, i would love to see it available for non SBS server
environments.
a ssl vpn is the best solution, fortinet have a ssl remote desktop client
built in to their firewalls
"Lanwench [MVP - Exchange]" wrote:
AnchorDave <AnchorDave@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:.
I agree the SBS remote web workplace is a nice feature but this is
easy to duplicate in a non sbs environment.
on your firewall create a range of open ports , for example
10,000-10,100
for each internal machine that a user wants external access to create
a custom firewall rule that redirect the external port to the
internal RDP port( default of 3389)
eg. a user with internal ip address of 10.1.1.50 and the assigned
firewall port of 10,001 and an external domain name of domain.com
could connect to their workstation from any computer using.
mstsc /v:domain.com:10001
there are other ways of doing this also but this for me is the best
and most secure
Oy. I've had to deal with this before. It's a complete nightmare to manage,
doesn't scale well, and you have to have non-changing LAN IPs on the
workstations. Not worth it!
Better option would be something like an SSL VPN appliance....Sonicwall or
other.
"Lanwench [MVP - Exchange]" wrote:
Bill M. <BillM@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I made the choice due to the numbers of workstations to move from
SBS 2003 R2 to full dedicated servers with roles on many servers.
After weeks of fighting. Four calls to Microsoft at hundreds of
dollars and we are up and running on the new gear.. What a month.
Congratulations on your survival....
So now I have two items that I am lost to fix. ( Well with out a
further expensive call to Microsoft) So lets see if I can solve it
with the wisdom on line here. Both are related to Termnal Service.
a) On the server that has the Terminal Server running ..
Which is a member server, right?
If I log
onto the TS I of course need to be approved for access . If I go to
the Domain Active Directory there is no Remote Desktop Group to
assign for that user. But there is on the server that has the TS on
it. So I need to approve the user local and it works.. How do I
get this up to the Domain level of control rather then local...
Create an AD security group called "TS Users". Add it to the
server's local Remote Desktop Users group.
Add the domain users you wish to TS Users.
b) So on SBS there is the great web based interface that allows you
to connect to the Server or a Workstation attached to the LAN..
No one told me that I was going to loose this when I did the
Transition Pack but my users love to remind me about the lack of
remote access to the Workstation.. So not being a web developer
.. Any suggestions on getting back the ability to access the
workstation.
There's no Remote Web Workplace in non-SBS environments (and yes, I
agree that it'd be nice to have). Since you've got TS, the users
can't legitimately need RD access to their desktops any longer, can
they? You can just have them use the RD client to get to
server.domain.com - or install TSWeb.
Many thanks to those who respond
Bill
- References:
- Getting back SBS TS access
- From: Bill M.
- Re: Getting back SBS TS access
- From: Lanwench [MVP - Exchange]
- Re: Getting back SBS TS access
- From: AnchorDave
- Re: Getting back SBS TS access
- From: Lanwench [MVP - Exchange]
- Getting back SBS TS access
- Prev by Date: Re: tsadmin not showing all terminal servers
- Next by Date: Re: 2008 licenses on 2003 Server?
- Previous by thread: Re: Getting back SBS TS access
- Next by thread: printers in Terminal Server and in Citrix
- Index(es):
Relevant Pages
|
Loading
