Shared Data Access for Telecommuters

Thursday, September 23, 2010 | Edit Post

Providing a user-friendly, secure and reliable remote shared data access solution is an essential IT service that will effect the day-to-day productivity and satisfaction of your staff. Whether you have a need to support one remote account or 10 thousand, one such solution that facilitates a user-friendly experience while minimizing complexity for Systems Administrators is Microsoft’s Remote Desktop Connection. This method allows personnel to log-in to their own personalized desktop from any remote location just as if they were sitting at their own PC in the office. As a type of “thin-client”, the remote PC only relays the keyboard, mouse and screen display while the work of processing application software and managing shared file storage remain with the corporate server. All that is required by the telecommuter is a basic PC and a high-speed Internet connection.

Every Microsoft Windows operating system includes the RDC client software and every Windows PC (except the Windows “Home” version) is capable of hosting at least one Remote Desktop connection. This means that even if your company does not have a full Microsoft sever it is still possible to implement a basic RDC solution with no additional software costs.
The underpinnings to RDC are provided by Microsoft’s Terminal Services. Entry-level Microsoft server operating systems allow for a maximum of two simultaneous connections beyond which additional Terminal Services licenses are required.

BENEFITS
  1. Remote personnel are provided with the same, familiar desktop and applications that they see while working from within the office
  2. A single-point of administration for security, user privileges and application software reduces cost and complexity for Systems Administrators.
  3. The office PC can be accessed from anywhere that an Internet connection is available.

    CONFIGURATION
    The most difficult aspect involves configuring the corporate network appliance such as an Internet router or firewall. A rule must be created that will forward inbound requests received on the public Internet Protocol (IP) address to the appropriate internal, private IP address of the Terminal Server or dedicated workstation.
    EXAMPLE CONFIGURATION
    RDC utilizes IP port number 3389 by default. For example, if the private IP address of the Terminal Server or dedicate workstation you want to connect to is 192.168.1.10, and the public IP address of the office is 70.68.47.137, then the following firewall/router rule is required: TCP Inbound 70.68.47.137:3389 --> 192.168.1.10
    This type of rule is commonly assigned under the “Port Forwarding” or “Applications” section of Internet firewalls.

    TESTING Ensure Terminal Services is running and accessible from within the office by opening a Remote Desktop Connection on an available PC and enter the PRIVATE IP address of the Terminal Server in the “Computer” field and click “Connect”.
    To test remotely, the forwarding rule must be in place. Open Remote Desktop Connection on the remote client PC and enter the PUBLIC IP address of the office in the “Computer” field and click “Connect”.
    SECURITY AND USABILITY
    Sometimes port 3389 can be blocked by Internet Service Providers. An alternative is to use Terminal Services Web (see TSWeb note 4) or a Virtual Private Network (see VPN note 5 ). A VPN solution in conjunction with a firewall provides more robust security and protection against denial-of-service and other attacks.
    NOTES
  1. To determine the public IP of the office:
    1. from the office, visit http://whatismyip.org/
  2. To display the private IP of the Terminal Server/Workstation:
    1. Click Start-->Run
    2. Type cmd [ press enter]
    3. Type ipconfig [press enter].
  3. To enable Remote Desktop on a Windows workstation (unavailable on MS Windows “Home” versions):
    1. Right-click “My Computer”
    2. Click “Properties”
    3. Click “Remote” tab
    4. Place a check in the “Allow Remote Connections” box
    5. Click “OK”
  4. TSWeb is an Active-X plug in for Internet Explorer that acts as a gateway to Terminal Services. This allows RDC to be carried over HTTP on port 80 rather than port 3389 (which can sometimes be blocked by ISPs). With a TSWeb solution, all the client requires is Internet Explorer rather than the Remote Desktop Connection client.
  5. When connecting over a VPN, the private IP of the Terminal Server/Workstation should be used in the “Computer” field when starting Remote Desktop Connection.
  6. IP addresses on the office side should be statically assigned so that they never change.
  7. In order for remote users to see the same desktop as they do when they log in locally, each user account must have the Terminal Services user profile path set in Active Directory to the same UNC path as their local profile.  
  8. RDC client software is also available for non-Windows clients such as Linux/Mac

© WAYNE DOUCETTE SEPTEMBER 2010

Labels:
Bookmark and Share

0 comments:

Post a Comment

Dynamic Page QR Code

Popular Posts

  • Product Manager Cover Letter
    Product Manager Cover Letter:  This real cover letter worked successfully at getting an interview as a product manager. Use it as a templat...
  • Random URL Path Generator | PHP
    Creating randomized valid file paths is a common requirement for many applications such as the case of short url redirects. The Goo.gl url s...
  • Dynamic QR Code Generator | jQuery Google Charts
    If you're interested in placing QR tags dynamically on your site, here's how I did it in less than 5 minutes thanks to Google's ...
  • Cover Letter Examples | General
    Cover Letter Examples   that I have used successfully to get a job interview: Further to my last post on this topic, there's no substi...
  • Why are People so Stupid?
    Is there a scientific reason that can explain Why People are So stupid?  It's not surprising that so many people take advantage of being...
  • Sample for Cover Letters
    Sample for Cover Letters Writing an effective cover letter is essential to get yourself noticed. Use your cover letter as a sample of your...
  • Online HTML Entity Encoder/Decoder | JQuery
    Decoded HTML Encoded HTML Entities /** * Encode HTML tags as HTML Entities * using jQuery * * Code takes raw...
  • Git Automatic Ignore Exe, Blobs for Linux
    In my opinion, Git is a programmers program. It is fast, feature-rich yet intuitive, kind of like Google...there's a new treasure waitin...
  • Blogger RSS URL
    Blogger RSS URL s can be customized to syndicate content in a user friendly way. This is especially important if you operate a multi-issue b...
  • Google Single Sign-on OpenID | PHP
    The example below uses Google's OpenID API to request and validate the user's GMail address. The visitor is first directed to Google...

My LinkedIn PingTag


View My Stats
View Wayne Doucette's profile on LinkedIn