Professional Documents
Culture Documents
07-Remote Desktop Administration
07-Remote Desktop Administration
7
Date :
Procedure:
To add the Terminal Services Role to Windows Server 2008 R2, follow these steps:
Log on to your Windows Server 2008 computer as an administrator. Click Start, and then
click Server Manager.
Rightclick Roles, and then click Add Roles.
The Add Roles Wizard appears.
On the Before You Begin page, click Next.
On the Select Server Roles page, select Terminal Services. Then, click Next.
On the Terminal Services page, click Next.
On the Role Services page, select TS Gateway. When prompted, click Add Required Role
Services. Then, click Next.
On the Server Authentication Certificate page, select an SSL certificate, and then click
Next.
On the Authorization Policies page, click Now, and then click Next.
On the TS Gateway User Groups page, click Add to select the user groups that can
connect through the terminal server gateway. Typically, you should create an Active
Directory security group for Remote Desktop users connecting from the Internet, and add
all authorized users to that group. Then, click Next.
On the TS CAP page, enter a name for the Terminal Services Connection Authorization
Policy, and choose whether to allow authentication using passwords, smart cards or both.
Click Next.
On the TS RAP page, enter a name for the Terminal Services Resource Authorization
Policy. Then, choose whether to allow remote clients to connect to all computers on your
internal network or just computers in a specific domain group. For best results, create an
Active Directory security group, and add the computer accounts for all authorized Remote
Desktop servers to that group. Click Next.
Note: The CAP defines who can connect to the TS Gateway, while the RAP defines which
computers they can use the gateway to access. Both must be defined for a user to establish
a connection.
Complete any other wizard pages that appear for dependant roles by accepting the
default settings, and then click Install on the Confirmation page.
After the installation is complete, click Close, and then click Yes to restart the computer if
required.
After the computer restarts, log back on and click Close in the Resume Installation
Wizard.
Later, you can use the Server Manager console to modify the CAPs or RAPs by clicking the
roles\terminal services\ts gateway manager\computer_name\policies node.
If necessary, configure your firewall to allow incoming HTTPS connections to your TS
Gateway on TCP port 443. Additionally, the TS Gateway must be able to communicate to
Remote Desktop servers using TCP port 3389.
With the appropriate configuration tasks completed on the remote server system the next step is to
launch the Remote Desktop Client on the local system. The client can be run in either
administration mode which provides full integration with the console of the remote server, or virtual
session mode which provides some administrative privileges but does not provide console access or
allow applications to be installed.
Initial screen will appear requesting details of computer to which the client is to connect. This can
either be an IP address or a computer name. If previous connections have been established the User
name field will be populated with the user name used in the preceding session. If you need to log in
as a different user this option will be provided on the next screen which appears after the Connect
button is pressed:
In this screen enter the password for the selected user (note that remote desktop access is only
available for user accounts which are password protected). If a user other than the one displayed is
required, simply click on the Use another account link and enter the necessary details. Click on OK
to establish the connection. After a short delay the remote desktop will appear on the local computer
screen.
Result:
Configured windows terminal server .