Remote Access for Staff

[Grommit]

Hi

Bit clueless here...

Just opened port 3389 for RC...

Have my ISA server with 2 Nic's in and one is outside facing...

When I use a remote control client on an XP PC and log on... I am logging onto the ISA server...?

I thought that the RC would be like logging onto a workstation with the Logon bat script mapping the folders and such.... not just a raw 2003 Server!

What can I do do lock this all down and have the staff corralled in a happy place

[GrumbleDook]

By RC ... do you mean Remote Desktop Protocol?

When you hook up a connection to your school it has to be to a server of some sort.

In windows cases this is usually a dedicated terminal server. You would use ISA to forward RDP requests to the nominated box, or use VPN to get onto your network and then connect to the nominated box. When you set up remote control on a server it is done for members of the administrators group ... not for general users.

[Ric_]

You can also set up publishing rules for connection to RDP on the workstations.... you would need a hell of a lot of publishing rules mind!

[Grommit]

So I should install terminal server onto a "Server" and then get the ISA box to forward all Remote Control Access to this box... The box can then be set up with office and the rest of the applications... ?

So the user would in-effect bypass the ISA server?

[mrforgetful]

You can set ISA Server up so that it will check the remote PC for certain things that you specify, i.e. Antivirus, and if it doesnt' comply connection is rejected or has reduced functionality.

[kylewilliamson]

You can use RDP in Terminal Server mode (or at least you could on 2000 Server) - which would do what you want.

Personally would recommend a VPN as an interweb facing RDP server is not a good idea.

[ZeroHour]

You can set ISA Server up so that it will check the remote PC for certain things that you specify, i.e. Antivirus, and if it doesnt' comply connection is rejected or has reduced functionality.

Yeh you can but it aint easy is it?

[mrforgetful]

I don't know I just remember it been mentioned on my course! lol

Looking at it it all seems pretty straight forward to enable and set up VPNs on ISA so that people have all the same restrictions they would on the network.

I'm not too sure how to specify what should be a quarantined client and what's not though. But then I don't have it set up at all anyway so how would I...ahem.

[ZeroHour]

Yeh its supposed to be v specialised with magic packets on certain ports etc, or at least thats what I heard

[Grommit]

By RC ... do you mean Remote Desktop Protocol?

When you hook up a connection to your school it has to be to a server of some sort.

In windows cases this is usually a dedicated terminal server. You would use ISA to forward RDP requests to the nominated box, or use VPN to get onto your network and then connect to the nominated box. When you set up remote control on a server it is done for members of the administrators group ... not for general users.

Anyl inks to Setup TS and Remote for Dummies sites ?:-)

[Ric_]

@Grommit: Check out the stuff from my presentation at the last North conference at http://edugeekconference.net/index.p...d=33&Itemid=59