How Can I Allow Access From The Internet to Only Selected Users?

Posted February 7, 2008 · February 7, 2008

I would like to restrict most of my users to use Remote Desktop Client from

inside the network. Only Administrators would be allowed access from outside

the lan.

Can this be done with a policy? Id rather not have to rely on VPN as it

does not work from some hotels, internet cafe's etc.

RickyC

Posted February 7, 2008 · February 7, 2008

Re: How Can I Allow Access From The Internet to Only Selected Users?

On Feb 6, 11:14 pm, RickyC <Ric...@discussions.microsoft.com> wrote:

> I would like to restrict most of my users to use Remote Desktop Client from

> inside the network. Only Administrators would be allowed access from outside

> the lan.

>

> Can this be done with a policy? Id rather not have to rely on VPN as it

> does not work from some hotels, internet cafe's etc.

>

> RickyC

There are a couple of ways I know of to do but it's dependant on how

big the lan is. What exactly are they needing access to? a web based e-

mail would work well and maybe a restricted FTP. Also, setting a

folder redirection so"My Documents" will sync in GP has worked well

for some users on my network for years. But to answer your original

question, yes, you will need to forward the port on the firewall to

which computer you want. Go to the computer, control panel, system.

When the systems box opens,click the tab that says remote. make sure

"Enable Remote Desktop on this Computer" is checked. Then go to

"select remote users" and enter in th administrators group. On mine,

Groups was not automatically searched so you may have to also tell it

to search groups. This way you really wouldn't need apoliciy but you

could create another group if you want to refine permissions

Hopefully that is along the lines of what you were asking. Remember,

unless you are this with a server then your connections are genrally

limited to one at a time. If you are using a server, be careful.

Posted February 7, 2008 · February 7, 2008

Re: How Can I Allow Access From The Internet to Only Selected User

Re: How Can I Allow Access From The Internet to Only Selected User

I just want to allow specific users to RDP to the server from the internet.

All users can access Terminal Server from inside the network (local address)

"Phil" wrote:

> On Feb 6, 11:14 pm, RickyC <Ric...@discussions.microsoft.com> wrote:

> > I would like to restrict most of my users to use Remote Desktop Client from

> > inside the network. Only Administrators would be allowed access from outside

> > the lan.

> >

> > Can this be done with a policy? Id rather not have to rely on VPN as it

> > does not work from some hotels, internet cafe's etc.

> >

> > RickyC

>

> There are a couple of ways I know of to do but it's dependant on how

> big the lan is. What exactly are they needing access to? a web based e-

> mail would work well and maybe a restricted FTP. Also, setting a

> folder redirection so"My Documents" will sync in GP has worked well

> for some users on my network for years. But to answer your original

> question, yes, you will need to forward the port on the firewall to

> which computer you want. Go to the computer, control panel, system.

> When the systems box opens,click the tab that says remote. make sure

> "Enable Remote Desktop on this Computer" is checked. Then go to

> "select remote users" and enter in th administrators group. On mine,

> Groups was not automatically searched so you may have to also tell it

> to search groups. This way you really wouldn't need apoliciy but you

> could create another group if you want to refine permissions

>

> Hopefully that is along the lines of what you were asking. Remember,

> unless you are this with a server then your connections are genrally

> limited to one at a time. If you are using a server, be careful.

>

Posted February 7, 2008 · February 7, 2008

Re: How Can I Allow Access From The Internet to Only Selected User

Re: How Can I Allow Access From The Internet to Only Selected User

On Feb 7, 12:05 am, RickyC <Ric...@discussions.microsoft.com> wrote:

> I just want to allow specific users to RDP to the server from the internet..

> All users can access Terminal Server from inside the network (local address)

>

> "Phil" wrote:

> > On Feb 6, 11:14 pm, RickyC <Ric...@discussions.microsoft.com> wrote:

> > > I would like to restrict most of my users to use Remote Desktop Client from

> > > inside the network. Only Administrators would be allowed access from outside

> > > the lan.

>

> > > Can this be done with a policy? Id rather not have to rely on VPN as it

> > > does not work from some hotels, internet cafe's etc.

>

> > > RickyC

>

> > There are a couple of ways I know of to do but it's dependant on how

> > big the lan is. What exactly are they needing access to? a web based e-

> > mail would work well and maybe a restricted FTP. Also, setting a

> > folder redirection so"My Documents" will sync in GP has worked well

> > for some users on my network for years. But to answer your original

> > question, yes, you will need to forward the port on the firewall to

> > which computer you want. Go to the computer, control panel, system.

> > When the systems box opens,click the tab that says remote. make sure

> > "Enable Remote Desktop on this Computer" is checked. Then go to

> > "select remote users" and enter in th administrators group. On mine,

> > Groups was not automatically searched so you may have to also tell it

> > to search groups. This way you really wouldn't need apoliciy but you

> > could create another group if you want to refine permissions

>

> > Hopefully that is along the lines of what you were asking. Remember,

> > unless you are this with a server then your connections are genrally

> > limited to one at a time. If you are using a server, be careful.- Hide quoted text -

>

> - Show quoted text -

Then forward the RD port (forgot the number) to which server, then log

onusing the public IP andyou should be set.

Posted February 7, 2008 · February 7, 2008

Re: How Can I Allow Access From The Internet to Only Selected User

Re: How Can I Allow Access From The Internet to Only Selected User

Our Virtual Access Suite allows the administrator to publish applications to

users, groups, client ip address ranges, client computer naming conventions

and OUs, so you could accomplish your goal using these rules. We use this

all the time to publish certain applications to users when they're on the

local network, but not when they connect from a different subnet.

Without a third party utility like this you'd have to use VPN to restrict

access to the TS from the Internet.

--

Patrick C. Rouse

Microsoft MVP - Terminal Server

SE, West Coast USA & Canada

Quest Software, Provision Networks Division

Virtual Client Solutions

http://www.provisionnetworks.com

"RickyC" wrote:

> I just want to allow specific users to RDP to the server from the internet.

> All users can access Terminal Server from inside the network (local address)

>

> "Phil" wrote:

>

> > On Feb 6, 11:14 pm, RickyC <Ric...@discussions.microsoft.com> wrote:

> > > I would like to restrict most of my users to use Remote Desktop Client from

> > > inside the network. Only Administrators would be allowed access from outside

> > > the lan.

> > >