Overclock.net › Forums › Specialty Builds › Servers › Trying to understand remote desktop
New Posts  All Forums:Forum Nav:

Trying to understand remote desktop

post #1 of 4
Thread Starter 
Here is my dilemma. I just bought windows server 2008 r2 with 5 remote CAL licenses. I have 5 employees in the office that I have hooked into the domain piece of cake with folder redirection and all of that on their workstations. What is the best way to get them to access the same resources when they are out of the office? Right now I have them directly logging into the server under their own profile but with admin rights stripped away with a pretty hefty GPO. I read last night that most people believe this is dangerous, and I can now understand why. So that begs the question, is this what the Hyper-V stuff is for? To install VM machines and use those as private desktops? Whats my solution here? thanks a ton
Forced Induction
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600K Gigabyte Z68X-UD3H-B3 GIGABYTE 970 GTX 16GB DDR3 1600 Corsair Vengeance 9-9-9-24 
Hard DriveOptical DriveOSMonitor
Samsung 840 Plextor Windows 8.1 Asus PB287q 4K 
KeyboardPowerCaseMouse
Corsair Mech Corsair 850 Antec 300 MS3 
Mouse PadAudio
Big one Xonar DX 
  hide details  
Reply
Forced Induction
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600K Gigabyte Z68X-UD3H-B3 GIGABYTE 970 GTX 16GB DDR3 1600 Corsair Vengeance 9-9-9-24 
Hard DriveOptical DriveOSMonitor
Samsung 840 Plextor Windows 8.1 Asus PB287q 4K 
KeyboardPowerCaseMouse
Corsair Mech Corsair 850 Antec 300 MS3 
Mouse PadAudio
Big one Xonar DX 
  hide details  
Reply
post #2 of 4
Quote:
Originally Posted by dbxuau View Post
Here is my dilemma. I just bought windows server 2008 r2 with 5 remote CAL licenses. I have 5 employees in the office that I have hooked into the domain piece of cake with folder redirection and all of that on their workstations. What is the best way to get them to access the same resources when they are out of the office? Right now I have them directly logging into the server under their own profile but with admin rights stripped away with a pretty hefty GPO. I read last night that most people believe this is dangerous, and I can now understand why. So that begs the question, is this what the Hyper-V stuff is for? To install VM machines and use those as private desktops? Whats my solution here? thanks a ton
Unless you installed Remote Desktop Services (RDS) on your server, you are violating the Microosft TOS. By default, if you enable Remote Desktop on 2008 R2, you are enabling it in the "Remote Desktop for Administration" mode. This means that you can only connect two Administrator users remotely to perform "administrative tasks" against the server. You cannot have users executing productivity applications.

If your user workstations are running Windows 7 client machines, the easiest way may be to implement a Remote Desktop Gateway and have them remote into their own workstations through the Remote Desktop Gateway.

Alternatively, the old methodology would be to configure a VPN and have your users connect to their desktops over the VPN.

A third alternative is to NAT different external ports to the IP address of each workstation. This is only possible if you have a small number of target hosts that you want to connect to. For example, you could NAT external port 33891 to internal port 3389, and point to IP address of 192.168.100.181. Of course, if you did it this way, you would have to assign static IP addresses to each workstation, or at least DHCP reservations.

Hyper-V is a virtualization solution. If your host is hefty enough, you can install enough virtual Windows clients for each of your users to connect to. You can configure a mandatory virtual machine for them to use in Active Directory under each user's profile. Hyper-V has no relation to Remote Desktop.
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
post #3 of 4
Thread Starter 
Thank you for responding. Yes I have RDS installed, as I stated I bought 5 licenses for it in my OP. What would you do in my position? I only have 1 physical server with a quad core xeon and 16gb of ram.
Forced Induction
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600K Gigabyte Z68X-UD3H-B3 GIGABYTE 970 GTX 16GB DDR3 1600 Corsair Vengeance 9-9-9-24 
Hard DriveOptical DriveOSMonitor
Samsung 840 Plextor Windows 8.1 Asus PB287q 4K 
KeyboardPowerCaseMouse
Corsair Mech Corsair 850 Antec 300 MS3 
Mouse PadAudio
Big one Xonar DX 
  hide details  
Reply
Forced Induction
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600K Gigabyte Z68X-UD3H-B3 GIGABYTE 970 GTX 16GB DDR3 1600 Corsair Vengeance 9-9-9-24 
Hard DriveOptical DriveOSMonitor
Samsung 840 Plextor Windows 8.1 Asus PB287q 4K 
KeyboardPowerCaseMouse
Corsair Mech Corsair 850 Antec 300 MS3 
Mouse PadAudio
Big one Xonar DX 
  hide details  
Reply
post #4 of 4
Quote:
Originally Posted by dbxuau View Post
Thank you for responding. Yes I have RDS installed, as I stated I bought 5 licenses for it in my OP. What would you do in my position? I only have 1 physical server with a quad core xeon and 16gb of ram.
If your target users already each have their own workstation, I would have simply have just gone the VPN+RDP route... Either a hardware-based VPN setup to your router, or even a simple PPTP or IPSEC or SSL VPN to a server, with a RDP icon on each user's home system or whatever they use to connect.

The only exception is if your users have a tendency of connecting from public places such as libraries or kiosks or some such.

I would personally have provisioned or obtained a server capable of running VMWare ESXi and virtualized your Terminal Server along with everything else. Quad core + 16GB of RAM is plenty enough resources to do that. Just need an appropriate disk storage subsystem.

If you got Windows 2008 R2 Standard, you can install the Hyper-V role as well and run one (1) more instance of 2008 R2 Standard as a virtual machine.

Quad-core & 16GB is overkill for a 5-user terminal server...
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Servers
Overclock.net › Forums › Specialty Builds › Servers › Trying to understand remote desktop