Alexander’s Blog

August 19, 2010

How to Centralize Remote Access Policies Using RADIUS

by @ 1:51 pm. Filed under Remote Connectivity, Tips & Tricks, Windows 2003

Remote access policies are local to the Windows Server 2003 where they are created. Therefore, you cannot synchronize remote access policies between servers. In addition, because remote access policies cannot be integrated with Active Directory, they can’t really be replicated as part of Active Directory replication.

If you have more than one remote access server, rather than administer the remote access policies of all the remote access servers separately, you can configure a single server with the Internet Authentication Service (IAS) as a Remote Authentication Dial-In User Service (RADIUS) server and configure the remote access servers as RADIUS clients. The IAS server provides centralized remote access authentication, authorization, accounting, and auditing. This provides a powerful way to centralize remote access policies, especially in large distributed environments.

When you configure the properties of the server running Routing and Remote Access, select RADIUS authentication as the authentication provider. Once the remote access servers are configured to use RADIUS authentication, the remote access policies stored on the remote access servers are no longer used. Instead, the remote access policies stored on the IAS server are used. Therefore, if one of the remote access servers contains the current set of remote access policies that are applied to all of the remote access servers, you can copy the remote access policies to the IAS server. Click here for the step-by-step procedure for copying the remote access policies to another server.

July 17, 2010

Remote Desktop Keyboard Shortcuts

by @ 6:24 am. Filed under Remote Connectivity, Tips & Tricks

I work with Remote Desktop a lot. When I am writing an article or a blog post, I often need to take screen shots. The shortcuts that I use on my desktop, such as ALT+PRINT SCREEN to capture the active window, do not work inside a Remote Desktop session. I have to use CTRL+ALT+Minus sign (-) key combination. Here are some common keyboard shortcuts that you can use while working in a Remote Desktop session.

  1. CTRL+ALT+END (Opens the Logon screen dialog box)
  2. ALT+PAGE UP (Switch between programs from left to right)
  3. ALT+PAGE DOWN (Switch between programs from right to left)
  4. ALT+INSERT (Cycle through the programs in most recently used order)
  5. ALT+HOME (Display the Start menu)
  6. CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)
  7. ALT+DELETE (Display the Windows menu)
  8. CTRL+ALT+Minus sign (-) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)
  9. CTRL+ALT+Plus sign (+) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)

June 3, 2010

How to Find All Services Running Under SVCHOST.EXE

by @ 7:42 am. Filed under Remote Connectivity, Tips & Tricks

While troubleshooting a network issue, I had to locate the services running under SVCHOST.EXE on a remote machine running Windows Server 2003. You can use the TASKLIST utility to see all the services that are running. You can use this command both for a local computer or a remote computer. Here’s the syntax for the command.

tasklist /s \\servername /svc /fi “imagename eq svchost.exe”

For example, if your remote server name is SERVER8, use the command:

tasklist /s \\server8 /svc /fi “imagename eq svchost.exe”

The output will look something like this:

June 18, 2009

How to Enable Remote Desktop on Windows Server 2008 Server Core

by @ 11:44 am. Filed under Articles, Remote Connectivity, Scripting, Tips & Tricks, Windows 2008, Windows Vista

Windows Server 2008 (WS08) Server Core can be used in lots of useful scenarios. However, because WS08 does not have a GUI, you need to use the command prompt to accomplish the administrative tasks. You may find it convenient to manage the Server Core from another computer.

By default Remote Desktop is not enabled on the Server Core. There are two steps you need to take to get Remote Desktop working: Enable Remote Desktop & open default RDP port, which is TCP port 3889.

STEP 1 – Enable Remote Desktop

You can look at your settings by using the following command:

cscript c:\windows\system32\scregedit.wsf /AR /v

The scregedit.wsf script will either return a 1 or a 0. If you see a 1 then the Terminal Services (i.e. Remote Desktop) is disabled, a 0 means it is enabled.

To enable Terminal Services use the following command:

c:\windows\system32\scregedit.wsf /AR 0

To disable Terminal Services use the following command:

c:\windows\system32\scregedit.wsf /AR 1

NOTE: The /AR switch is used for Vista and WS08 computers. For Windows XP computers replace /AR with /CS.

STEP 2 – Open RDP Port

To open Remote Desktop, you need to make sure that your firewall is not blocking the default Terminal Services/RDP port 3389. On a WS08 Server Core, run the following command to open TCP port 3389.

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

You should expect the following response when you execute the above command.

C:\Windows\system32>netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

Updated 2 rule(s).
Ok.

You might want to check out Microsoft KB article 947709 for additional information on opening ports at the firewall or how to enable ICMP requests.


Copyright ©2009 Zubair Alexander. All rights reserved.

July 2, 2008

Terminal Services Gateway vs. Terminal Services RemoteApp: What’s the diff?

by @ 10:48 am. Filed under Applications, Remote Connectivity, Security/Firewalls, Windows 2008

Windows Server 2008 offers both Terminal Services Gateway (TS Gateway) and Terminal Services RemoteApp (TS RemoteApp) features. Although they both offer Remote Desktop Protocol (RDP) over HTTPS, the main difference between them is that TS Gateway allows you to publish the entire desktop while TS RemoteApp publishes only the application.

For example, if you have a need to allow one of the vendors access to an application on your network so the vendor can support it you might want to consider TS RemoteApp in Windows Server 2008 as a solution. You can simply publish the application on a Windows Server 2008 in the DMZ, or behind an ISA firewall, without having to worry about setting up Virtual Private Networks (VPNs) for the vendor. As an administrator, you can use the TS Gateway to have full, secure access to the entire desktop.

Contact E-mail | Terms of Use | Privacy Policy

Copyright ©2002-2013 Zubair Alexander. All rights reserved.

Internal Links

Search Blog

Categories

Archives

August 2014
M T W T F S S
« Jul    
 123
45678910
11121314151617
18192021222324
25262728293031

RSS Feeds

TechGalaxy Visitors

28 queries. 0.504 seconds