Microsoft server 2008 r2

Microsoft Server 2008 R2 Remote Server Administration • Remote Desktop Services • Remote Desktop Connection • Remote Desktop Protocol • Remote Assistance • Remote Server Administration Tools Remote De[.]

Remote Server Administration

• Remote Desktop Services

• Remote Desktop Connection

• Remote Desktop Protocol

• Remote Assistance

• Remote Server Administration Tools

Remote Desktop for Administration

• Default implementation of Remote Desktop

Services (formerly known as Terminal Services

in 2003 ((formerly formerly known as Terminal Services-Remote Administration Mode in

Server 2000))

• Two administrators can be logged onto a

server a the same time performing remote

administration

Remote Desktop for Administration

• It’s also possible to configure a server as a

Remote Desktop Session Host server so that it can run desktop applications for remote users

– This is Terminal Services renamed!

• Two primary tools used for RDA are:

– Remote Desktop Connection

– Remote Desktop

Remote Desktop for Administration

• Three options

1 Don’t allow Connections to this computer: Obvious

2 Allow connections from computers running any version of

Remote Desktop (less secure): will allow RDC connections from clients older than 6.0 Supports users connecting via

XP with older RDC.

3 Allow connections only from computers running Remote

Desktop with Network Level Authentication (more secure): RDC 6.0 or higher available on Vista and Windows 7, can be installed on XP running SP2 or later.

Remote Desktop for Administration

• When enabled, an exception is automagically created in the firewall on the local system

– Still uses port 3389

• Can be launched via command line or Run line

by using mstsc.exe

Mstsc.exe /v:svreddc1 Connect to server named svreddc1

Mstsc.exe /span Connect utilizing multiple monitors

Remote Desktops

• A tool used to connect to remote computers

• Allows you to connect to multiple computers

at the same time and switch between

connections

• Can run one instance of the program with

multiple connections versus only one

connection in RDC

• Must add feature through Remote Server

Administration Tools

Remote Desktops

Remote Assistance

• Used to be primarily used for desktop systems

• Not enabled by default on 2008 R2

• Useful for remote office support for servers

• Allows for remote control of system

• Generates invitation with password that can’t

be changed

Remote Assistance

Windows Remote Management

Services

• Windows Remote Management Services

(WinRM) will allow you to issue any

command-line command from one computer against another It utilizes two commands

– The WinRM tool is executed on the remote server and enables the server to listen and respond to WinRS

requests

– The WinRS tool is executed from the command line on a desktop or other server accessed by an administrator It allows the administrator to execute any command-line commands against the remote server

Windows Remote Services

• Enabling WinRM

– It is not enabled by default.

– RD Gateway enables WinRM

– Enabled by doing the following:

– Prompts to allow following changes

• Create WinRM listener on http://* to access WS-Man requests to any IP on this machine

• Enable the WinRM firewall exception

• Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

C:\WinRM quickconfig

Windows Remote Services

C:\WinRM enumerate WinRM/config/listener

Verify settings by typing:

Windows Remote Services

• Connect to server by typing:

C:\winrs –r:servername command

C:\winrs –r:w2k8r201 cmd

Remote Server Administration Tools

• RSAT replaces adminpack

• Available in 32bit and 64bit

• Full access to administer network at your

desktop

• Must be added after installation through

ProgramsAdd Windows Features

• Can be used to administer 2003 domains, but cannot use Active Directory Administrative

Center inherently Requires secure web

services