Microsoft Server 2008 R2 Remote Server Administration • Remote Desktop Services • Remote Desktop Connection • Remote Desktop Protocol • Remote Assistance • Remote Server Administration Tools Remote De[.]
Remote Server Administration • • • • • Remote Desktop Services Remote Desktop Connection Remote Desktop Protocol Remote Assistance Remote Server Administration Tools Remote Desktop for Administration • Default implementation of Remote Desktop Services (formerly known as Terminal Services in 2003 ((formerly formerly known as Terminal Services-Remote Administration Mode in Server 2000)) • Two administrators can be logged onto a server a the same time performing remote administration Remote Desktop for Administration • It’s also possible to configure a server as a Remote Desktop Session Host server so that it can run desktop applications for remote users – This is Terminal Services renamed! • Two primary tools used for RDA are: – Remote Desktop Connection – Remote Desktop Remote Desktop for Administration • Three options Don’t allow Connections to this computer: Obvious Allow connections from computers running any version of Remote Desktop (less secure): will allow RDC connections from clients older than 6.0 Supports users connecting via XP with older RDC Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure): RDC 6.0 or higher available on Vista and Windows 7, can be installed on XP running SP2 or later Remote Desktop for Administration Remote Desktop for Administration • When enabled, an exception is automagically created in the firewall on the local system – Still uses port 3389 • Can be launched via command line or Run line by using mstsc.exe Mstsc.exe /v:svreddc1 Connect to server named svreddc1 Mstsc.exe /f Connect in full screen mode Mstsc.exe /span Connect utilizing multiple monitors Remote Desktops • A tool used to connect to remote computers • Allows you to connect to multiple computers at the same time and switch between connections • Can run one instance of the program with multiple connections versus only one connection in RDC • Must add feature through Remote Server Administration Tools Remote Desktops Remote Assistance • • • • • Used to be primarily used for desktop systems Not enabled by default on 2008 R2 Useful for remote office support for servers Allows for remote control of system Generates invitation with password that can’t be changed Remote Assistance Windows Remote Management Services • Windows Remote Management Services (WinRM) will allow you to issue any command-line command from one computer against another It utilizes two commands – The WinRM tool is executed on the remote server and enables the server to listen and respond to WinRS requests – The WinRS tool is executed from the command line on a desktop or other server accessed by an administrator It allows the administrator to execute any command-line commands against the remote server Windows Remote Services • Enabling WinRM – It is not enabled by default – RD Gateway enables WinRM – Enabled by doing the following: C:\WinRM quickconfig – Prompts to allow following changes • Create WinRM listener on http://* to access WS-Man requests to any IP on this machine • Enable the WinRM firewall exception • Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users Windows Remote Services Verify settings by typing: C:\WinRM enumerate WinRM/config/listener Windows Remote Services • Connect to server by typing: C:\winrs –r:servername command C:\winrs –r:w2k8r201 cmd Remote Server Administration Tools • RSAT replaces adminpack • Available in 32bit and 64bit • Full access to administer network at your desktop • Must be added after installation through ProgramsAdd Windows Features • Can be used to administer 2003 domains, but cannot use Active Directory Administrative Center inherently Requires secure web services ... Remote Server Administration Tools Remote Desktops Remote Assistance • • • • • Used to be primarily used for desktop systems Not enabled by default on 2008 R2 Useful for remote office support for servers... WinRM/config/listener Windows Remote Services • Connect to server by typing: C:\winrs –r:servername command C:\winrs –r:w2k 8r20 1 cmd Remote Server Administration Tools • RSAT replaces adminpack •... is executed on the remote server and enables the server to listen and respond to WinRS requests – The WinRS tool is executed from the command line on a desktop or other server accessed by an administrator