34,333
edits
Changes
no edit summary
The Remote properties dialog provides a number of options. The default setting is to disallow remote connections to the computer system. The second option allows remote desktop connections from any version of the Remote Desktop client. The third, and most secure option, will only allow connections from Remote Desktop clients with Network Level Authentication support. This typically will only allow access to systems providing secure network authentication such as Windows Vista and Windows Server 2008.
If the Windows Firewall is active, the act of enabling Remote Desktop administration also results in the creation of a firewall exception allowing Remote Desktop Protocol (RDP) traffic to pass through on TCP port 3389. This default port can be changed by changing this setting in the Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-tcp\PortNumber. The easist easiest way to locate this registry key value is to execute ''regedit'' from the ''Run'' window or a command prompt, select ''Edit - > Find'' and enter ''RDP-tcp''.
== Controlling Remote Desktop Access ==
The default configuration for Remote Desktop is to allow all members of the Administration group to connect remotely. Active Directory also contains a ''Remote Desktop Users'' group to which users may be added to provide Remote Desktop access privileges. To provide users with remote desktop access, open the ''Control Panel -> System and Maintenance -> System -> Remote settings'' and click on the ''Select Users'' button to invoke the ''Remote Desktop Users'' dialog illustrated in the following figure:
Note that users with administrative privileges do not not need to be added to this list, by default they already have Remote Desktop access. To add additional users click on the ''Add...'' button to display the ''Select Users'' dialog. Enter the name of the user in the text box entitled ''Enter object names to select'' and click on ''Check names'' to list names that match the name entered. Select the appropriate name from the list. The following example shows user ''Bill'' on server ''winserver-2'':
== Remote Desktop Group Policy ==
A vast array of configuration options for Terminal Services are is available through the Group Policy settings. To access these values start the Group Policy Object Editor (open the Start menu and enter ''gpedit.msc'' into the Search box). In the Group Object Policy Editor navigate to Computer Configuration\Administrative Templates\Windows Components\Terminal Services or User Configuration\Administrative Templates\Windows Components\Terminal Services to access the range of policy settings available.
Policy options include, amongst other options, items such as control over resource redirection (printers, audio etc), setting session time limits and security settings. A complete overview of all the settings is beyond the scope of this book but almost without exception the various settings are largely self-explanatory.
</pre>
Once launched , right click on the ''Remote desktops'' item in the tree in the left hand panel and select ''Add a new connection'' from the menu. Once selected the ''Add New Connection'' dialog will appear as follows:
In this dialog enter the IP address or computer name of the remote system together with the User name and the name to be assigned to this connection (this is essentially the name by which this connection will be listed and administered inside the Remote Desktops snap-in). For an administrative session (as opposed to a virtual session) set the ''Connect with /admin'' box. Click ''OK'' to add the session to the snap-in. Once added, the session will appear in the left hand panel under ''Remote Desktops''. Repeat these steps to add connections to any additional remote systems required.
To establish a remote desktop connection , right click on the name of the session from the left hand panel and select ''Connect'' from the menu. The remote session will appear in the window. To start another session simply right click on the session name and once again select ''Connect''. To switch between sessions simply click on the name of the session in the left hand panel and the corresponding desktop will be displayed. The following figure illustrates two sessions running in Remote Desktops: