+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Windows Thread, making a user for remote desktop on w2000 server in Technical; I need to grant remote access to our sims support guy and also need to deny him access to staff ...
  1. #1
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,943
    Thank Post
    230
    Thanked 48 Times in 44 Posts
    Blog Entries
    2
    Rep Power
    45

    making a user for remote desktop on w2000 server

    I need to grant remote access to our sims support guy and also need to deny him access to staff files also on that server. He recons only admins can remote desktop omto a w2000 server - anyone know different?

  2. #2
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,938
    Thank Post
    114
    Thanked 272 Times in 250 Posts
    Rep Power
    104

    Re: making a user for remote desktop on w2000 server

    Try giving him log on locally permission then try it.

  3. #3

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179

    Re: making a user for remote desktop on w2000 server

    Only admins can login unless you have a terminal services license server (or are using your 90-day trial that comes with Windows).

    I would say, give him limited access and make him use VNC.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: making a user for remote desktop on w2000 server

    If you use UltraVNC you can control VNC access with Windows ACLs rather than just a password. Makes it easier to give out access to indiviual computers/groups of people.

  5. #5
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,943
    Thank Post
    230
    Thanked 48 Times in 44 Posts
    Blog Entries
    2
    Rep Power
    45

    Re: making a user for remote desktop on w2000 server

    Thanks for that guys. Sheeshk - hectic morning!

    Yeah - he doesn't like vnc. Though i've got to do something because we're contravening data protection as it stands.

    Don't you get 5 terminal services licences free with a server??

  6. #6
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 44 Times in 34 Posts
    Rep Power
    28

    Re: making a user for remote desktop on w2000 server

    Couldnt a additional admin group be made with restrictions on it which then of course would be easy to prevent access to certain areas on the server?

    Any ideas on how that could be achived?

    After all mark - you might get john appear and i would be happier with both of them on the restricted admin group

    Regards
    N.

  7. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,213
    Thank Post
    2,766
    Thanked 935 Times in 875 Posts
    Rep Power
    343

    Re: making a user for remote desktop on w2000 server

    dameware have great utils

    www.dameware.com

    Hopefully that helps

    I think it is the mini remote you are after

  8. #8

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,213
    Thank Post
    2,766
    Thanked 935 Times in 875 Posts
    Rep Power
    343

    Re: making a user for remote desktop on w2000 server

    http://www.dameware.co.uk/ is the uk website obviously , not sure if there is much difference ??

  9. #9

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,881
    Thank Post
    1,316
    Thanked 1,738 Times in 1,087 Posts
    Blog Entries
    19
    Rep Power
    563

    Re: making a user for remote desktop on w2000 server

    Our SIMS support team (county) use GoToAssist, but only when I am there watching what they are doing. I have also previously hooked up the VGA output to a video recorder to watch what they were doing ... partly because I wanted to follow what insane thing they were having to do to get some bizarre problem fixed.

    I told them first and they were happy ....

  10. #10

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179

    Re: making a user for remote desktop on w2000 server

    You don't get any TS CALs with server - except for administrative access. You can however use the 'trial-licenses' which last for 90 days.

    What sort of person doesn't like VNC anyway? You are effectively looking at the computer's screen! Is this guy meant to be technical? Even our phone engineers can use VNC to tap into our voicemail server by dialing in through the Avaya comms system!

    I would have to say that you should tell the man to use VNC - don't give an alternative.

  11. #11
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 44 Times in 34 Posts
    Rep Power
    28

    Re: making a user for remote desktop on w2000 server

    Not sure mark's view here, but me personally, I wouldnt want him to use VNC (as I am and I dont want him to use the password i have - got enough passwords to remember without having seperate vnc passwords as well lo).

    Remote Desktop is fine and works well for him.

    Either way, he has to log on as a administrator and this is our problem in that he can see any file on the system - including the home directories of the admin staff - which in theory is a no no (security wise - not that i dont trust him, its just he shouldnt be able to).

    Should we make the home directories permissions differennt then in this case that we remove the administrators group from the root of the homedir share (or however ppl have it setup) and only have "Administrator" & "System" with Full Control, and set the indiviual username (with Full Control) on each users folder i.e.

    -+ HomeDirs ("Administrator", "SYSTEM", "Creator Owner" - Full Control)
    |
    +- Administrator (no additional changes)
    +- Nigel ("Nigel" - Full Control)
    +- AOther ("AOther" - Full Control)

    etc.

    Would this be a good work around? (excuse the crudeness of things - I'm a little tired lol)

    Regards
    N.

  12. #12
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,943
    Thank Post
    230
    Thanked 48 Times in 44 Posts
    Blog Entries
    2
    Rep Power
    45

    Re: making a user for remote desktop on w2000 server

    But if he was an admin he could take control back of those directories.

    It's not just security - it's legal - you could get your ass sued for not complying with data protection laws. I think it's very serious anyhow.

  13. #13
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 44 Times in 34 Posts
    Rep Power
    28

    Re: making a user for remote desktop on w2000 server

    Quote Originally Posted by mark
    But if he was an admin he could take control back of those directories.
    Damn right - forgot bout that lol

    I think it's very serious anyhow.
    Agreed

    N.

  14. #14

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,213
    Thank Post
    2,766
    Thanked 935 Times in 875 Posts
    Rep Power
    343

    Re: making a user for remote desktop on w2000 server

    So dameware isnt an option then , cos no one said anything about that yet ?? hhhmmmm

  15. #15

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    23

    Re: making a user for remote desktop on w2000 server

    Gecko: No.

    Question: We actually allow a remote connection from SIMS too when they are repairing yet another glitch in the system. Which is about every week. So far, it's been twice this week.

    Basically the school (I think) has always given the remote engineer admin rights. Now I hadn't thought of the connotations of that legally, but I will look into it.

    Perhaps VNC would be a better...

    Paul

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Remote Desktop or Remote Assistance......?
    By tosca925 in forum Windows
    Replies: 20
    Last Post: 31st January 2012, 08:26 PM
  2. Remote Desktop Access to a Windows 200 Server
    By Grommit in forum Windows
    Replies: 8
    Last Post: 28th July 2011, 11:32 PM
  3. Forward Remote Desktop to a different server...
    By mrforgetful in forum Windows
    Replies: 10
    Last Post: 21st September 2007, 08:24 AM
  4. remote desktop into win 2000 server
    By e_g_r in forum Windows
    Replies: 3
    Last Post: 12th March 2007, 12:59 PM
  5. isa server and remote desktop connection
    By russdev in forum Wireless Networks
    Replies: 1
    Last Post: 16th November 2005, 09:07 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •