RemoteApp - access to remote desktop?

Similar Messages

• Web Access for Remote Desktop on Windows Server 2012

  Hello,
  i've a Windows Server 2012 without a domain. So i installed the remote desktop session host, the remote desktop license server and the remote desktop gateway as a server role only. All is working fine. Without a domain, no management tools for remote
  desktop are available. So i configure the remote desktop via the registry. I define (via registry) some remoteapps, too. All values are copied from a running Windows Server 2008 R2. So the remoteapps are runing.
  Now i want to use the new Microsoft Remote Desktop client for Android. To use a remoteapp i must define a remote resource. To define a remote resource i need a url to the web access for remote desktop. So i installed the web access. But if i login to the
  web access, i don't see any remoteapp. What's wrong? I've set the ShowInTSWA to 1. What must i do to access an existing remoteapp via web access?
  Martin

  Hi Martin,
  Server 2012 RD Web Access is designed to retrieve published RemoteApps and Desktops from a Server 2012 RD Connection Broker and/or a Server 2008 R2 RD Session Host server.  From your description it doesn't appear that you are using either of the above.
  I know it is a more complicated set up, but you should consider having a domain, creating a RDS deployment, etc., so that you can use the full featureset as it was intended.  You can do it all on a single server if needed.  For Server 2012
  there is a hotfix that needs to be applied to permit RD Connection Broker to work on the same server instance as active directory.
  -TP

• Can I build Azure RemoteApp template without Remote Desktop License ?

  Can I build Azure RemoteApp template without Remote Desktop License ?
  I want to build and update the Azure RemoteApp template by using same Hyper-V guest image continue.
  Message:
    "Remote Desktop licensing mode is not configured"
  Environment 1: my on-premises Hyper-V guest.
  Environment 2: my Azure Virtual Machine by "Windows Server Remote Desktop Session Host" image.
  Regards,
  Yoshihiro Kawabata

  Hi Yoshihiro,
  If you are referring to RDS CAL, the answer is yes, you can build a template
  without having an RDS CAL.  For on-premises you would still need rights to install Windows Server as a guest, but to build the template you do not need an RDS CAL because this use is for administrative purposes. 
  In the case of building the image on an Azure Virtual Machine you do not need Windows Server license since that is included in the pricing for the Virtual Machine.  As mentioned above you do not need an RDS CAL since you are only building a template
  image which is administrative use.
  As always please review the appropriate documents that apply to your situation such as the Online Service Terms (OST), Product Use Rights (PUR), license agreement(s), etc. for precise details.
  Thanks.
  -TP

• Accessing a Remote Desktop

  I would like to access a remote desktop. Apple gives information on setting up your own remote desktop to be able to access the Mac but I need to use my Mac to access another remote desktop. Is this possible and if so, how?

  If you want to share the screen of another Mac, see:
  http://www.dummies.com/how-to/content/how-to-turn-on-screen-sharing-in-mac-os-x- lion.html
  If you want to access a Windows system, download Microsoft's Remote Desktop Connection Client for Mac.
  Regards.

• RD Web access SSO - remote desktop doesn't work

  Hi,
  This is my first post in here, and I hope you gays can help me out.
  I am currently experiencing some issues with RD Web SSO not working as I would like it to work.  I have found countless articles and guides describing how to get it to work, but no guide have yet helped me.
  The problem is that when I log in on the web access and open a published application everything works fine I wait 5 sec and the application pups up, but when I try to open "Remote Desktop" then I get a new log in box where I must enter my log in credentials
  again (after entering my credentials everything work great.)
  The problems I am currently facing is produced in a demo environment configured as follows:
  1x DC server (DC01) also the lic server
  2x RDS server (RDS01/02)
  1x RDS Connection broker (RDCM01)   I have created a farm named "farm01.mydomain.com"
  1x RDS Web access server (RDWA01)
  1x RDS Gateway (RDSGW01)
  (All the Servers are installed with Windows server 2008 (R2) SP1, and have the latest update.)
  I am publishing my demo environment on the internet, i have created a domain name for my gateway and my web access and they are both accessible from the web (rdwa.mydomain.com and rdsgw.mydomaim,com). I also have secured everything with an SSL wildcard certificate
  ( my external and intern domain names are the same so I am using one SSl certificate) that is trusted on the web.
  when I  log in on the web access server trough (IE9 or IE8 ) from another network(wan) and I open a published application (calculator), it pop ups in just a few seconds. But when I try to open my Remote desktop I get a login box where I must enter my
  username and password one more time.. after that remote desktop opens and everything works great.
  My laptop is a Windows 7 professional with RDP 7 and IE 9, and is not member of a domain (just a workstation), I have tested it from multiple workstations and networks(Also win 7 and RDP7) but even there I have the same problem.
  Thinks that I have tried tell now:
  I have created a kerberos account as mentioned on
  MSDN
  I have checked my group permissions as mentioned
  here
  And many more blogs and forums
  I have tried multiple settings on RDCM, RDWA, RDSGW and RDS server
  Right now I am out of ideas, and I hope you gays can help me out..
  thanks in advance,
  Pouyan

  Thnx for you advise,
  Did you go into your RemoteApp Deployment settings and change the server name to the farm name "farm01.mydomain.com?"
  Yes
  Also in the Session Broker's RemoteApp and Desktop Connection Properties window change the Connection ID to the farm name as well.
  actually I couldn't find out what to put on the connection ID so I had left it just default, but after changing it to the farm name it still doesn't work
  Did you sign you apps with the cert used on your RDS servers?
  yes, I am using a wildcard ssl certificate to sign all the servers/apps with.
  there is
  something that
  strikes me, when I log on the web access and click on a published application (that is hosted from the same RDS servers) then I get a information box. when I click on the "details" button I see on the bottom "use the following credentials to connect" and my
  domain and username are published there. But when I click on the "Remote desktop" icon and do the same I can't see this information!!
  Also I don't think that its an SSL problem, because after log in again it works perfect without any warning.

• Domain Users access to Remote Desktop Apps fails

  Can somebody bring a light to this issue?
  Our domain users are getting NO apps from the collection, when  they should get at least the Full MS Office 2013 Pro apps suite that was published to the collection without any user restrictions...
  Are they supposed to be member of the RDP Group or what else we missed during the settings?
  Also, when trying to access from IE using the link https:// [FQDN] /rdweb/feed/webfeed.aspx (FQDN omitted for security reasons) they get a prompt to download the file "WebFeedlogin.aspx" as son as they successfully authenticate with their
  credentials...
  FYI: All users member of Domain Admin group are working just fine...
  Thank you in advance for your time and effort to solve this! ;)

  Hi Marcio,
  Thank you for posting in Windows Server Forum.
  After going through your comment, I would say that to access RemoteApp by user they must be member of Remote Desktop User local group also. Apart you can go through below article for configuration related setting.
  - Introducing RemoteApp User Assignment
  - Step by Step Windows 2012 R2 Remote Desktop Services – Part 4
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Howto access with Remote Desktop a Xserve with firewall service on

  Hello,
  When I activate the firewall service of a Xserve running the OSX Server (10.4.11), I cannot anymore connect to the Xserver with Apple Remote Desktop.  I opened different ports which seemed to be related with ARD but without success.
  What should I do to allow the ARD access when firewall is running ?
  Jean

  Have a look at this: http://support.apple.com/kb/TS1629
  Make sure you're opening all of the required ARD ports.

• Accessing Citrix/Remote Desktop

  Remote access to my work involves connecting to a Citrix server and then accessing my work PC via Remote Desktop. The first time I did this at home using my personal laptop I had no issues.  The Citrix web client installed and I got to my work machine just fine. It has not worked again since then.   I still get to the Citrix box fine, but time out when signing into my work PC.     I have tried the following: 1. Turned off anti-virus software2. Tried a different laptop from home3. Using a network cable to connect directly to the ATT modem instead of wireless4. Took my personal laptop to work and tried to remote in using the state's wireless network.  This worked just fine. Any thoughts on things to try?   Are there settings for ATT internet that could affect this? Jeff

   
  Hello  
  With some corporate networks and applications, there might need to be a VPN access set up, that's how it works with me. I have to use a VPN server software first, then I'm able to access all my corporate systems. That might be an issue with your service, and the reason why it works fine when connecting to a work network. I'd check with your company's IT helpdesk first, you can also contact our team via a private message by clicking here and our team will be happy to help with whatever we can on our end.
  Thank you,
  Dmitriy

• Problems accessing 1 remote desktop when connected with VPN

  Hi everyone,
  I have an ASA 5505 and have a problem where when I connect through VPN I can RDP into a server using its internal address but I cannot RDP to another server using its internal address.
  The one I can connect to has an IP of 192.168.2.10 and the one I cannot connect to has an IP of 192.168.2.11 on port 3390.
  Both rules are configured exactly the same except for the IP addresses and I cannot see why I cannot connect to this one server.
  I am also able to connect to my camera system with an IP 192.168.2.25 on port 37777 and able to ping any other device on the internal network.
  I've also tried pinging it and telneting to port 3390 with no success.
  Here is the config.
  ASA Version 8.4(4)1
  interface Ethernet0/0
  switchport access vlan 3
  interface Ethernet0/1
  interface Ethernet0/2
  switchport access vlan 2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan2
  nameif inside
  security-level 100
  ip address 192.168.2.2 255.255.255.0
  interface Vlan3
  nameif outside
  security-level 0
  ip address 10.1.1.1 255.255.255.0
  ftp mode passive
  clock timezone EST -5
  clock summer-time EDT recurring
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network CTSG-LAN-OUT
  range 10.1.1.10 10.1.1.49
  object network CTSG-LAN-IN
  subnet 192.168.2.0 255.255.255.0
  object service RDP3389
  service tcp destination eq 3389
  description To DC
  object network SERVER-IN
  host 192.168.2.10
  object network SERVER-OUT
  host 10.1.1.50
  object network CAMERA-IN-TCP
  host 192.168.2.25
  object network CAMERA-OUT
  host 10.1.1.51
  object service CAMERA-TCP
  service tcp destination eq 37777
  object network SERVER-Virt-IN
  host 192.168.2.11
  object network SERVER-Virt-OUT
  host 10.1.1.52
  object service RDP3390
  service tcp destination eq 3390
  description To VS for Master
  object network CAMERA-IN-UDP
  host 192.168.2.25
  object service CAMERA-UDP
  service udp destination eq 37778
  object network CTSG-LAN-OUT-VPN
  subnet 10.1.1.128 255.255.255.128
  object network SERVER-Virt-IN-VPN
  host 192.168.2.11
  object network SERVER-IN-VPN
  host 192.168.2.10
  object network CAMERA-IN-VPN
  host 192.168.2.25
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  access-list AnyConnect_Client_Local_Print extended deny ip any any
  access-list AnyConnect_Client_Local_Print extended permit tcp any any eq lpd
  access-list AnyConnect_Client_Local_Print remark IPP: Internet Printing Protocol
  access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 631
  access-list AnyConnect_Client_Local_Print remark Windows' printing port
  access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 9100
  access-list AnyConnect_Client_Local_Print remark mDNS: multicast DNS protocol
  access-list AnyConnect_Client_Local_Print extended permit udp any host 224.0.0.251 eq 5353
  access-list AnyConnect_Client_Local_Print remark LLMNR: Link Local Multicast Name Resolution protocol
  access-list AnyConnect_Client_Local_Print extended permit udp any host 224.0.0.252 eq 5355
  access-list AnyConnect_Client_Local_Print remark TCP/NetBIOS protocol
  access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 137
  access-list AnyConnect_Client_Local_Print extended permit udp any any eq netbios-ns
  access-list inside1_access_in remark Implicit rule: Permit all traffic to less secure networks
  access-list inside1_access_in extended permit ip any any
  access-list outside_access_in extended permit object RDP3389 any host 192.168.2.10
  access-list outside_access_in extended permit object RDP3390 any host 192.168.2.11
  access-list outside_access_in extended permit object CAMERA-TCP any host 192.168.2.25
  access-list outside_access_in extended permit object CAMERA-UDP any host 192.168.2.25
  pager lines 24
  logging enable
  logging buffer-size 10240
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  ip local pool RAVPN 10.1.1.129-10.1.1.254 mask 255.255.255.128
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source static SERVER-IN-VPN SERVER-IN-VPN destination static CTSG-LAN-OUT-VPN CTSG-LAN-OUT-VPN
  nat (inside,outside) source static CAMERA-IN-VPN CAMERA-IN-VPN destination static CTSG-LAN-OUT-VPN CTSG-LAN-OUT-VPN
  nat (inside,outside) source static SERVER-Virt-IN-VPN SERVER-Virt-IN-VPN destination static CTSG-LAN-OUT-VPN CTSG-LAN-OUT-VPN
  object network CTSG-LAN-IN
  nat (inside,outside) dynamic interface
  object network SERVER-IN
  nat (inside,outside) static SERVER-OUT service tcp 3389 3389
  object network CAMERA-IN-TCP
  nat (inside,outside) static CAMERA-OUT service tcp 37777 37777
  object network SERVER-Virt-IN
  nat (inside,outside) static SERVER-Virt-OUT service tcp 3390 3390
  access-group inside1_access_in in interface inside
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 10.1.1.2 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP
  -DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ca trustpoint ASDM_TrustPoint0
  enrollment terminal
  subject-name CN=SACTSGRO
  crl configure
  crypto ikev1 enable outside
  crypto ikev1 policy 10
  authentication crack
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 20
  authentication rsa-sig
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 30
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 40
  authentication crack
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 50
  authentication rsa-sig
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 60
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 70
  authentication crack
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 80
  authentication rsa-sig
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 90
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 100
  authentication crack
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 110
  authentication rsa-sig
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 120
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 130
  authentication crack
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 140
  authentication rsa-sig
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 150
  authentication pre-share
  encryption des
  hash sha
  group 2
  lifetime 86400
  telnet 192.168.2.0 255.255.255.0 inside
  telnet timeout 15
  ssh 192.168.2.0 255.255.255.0 inside
  ssh timeout 5
  ssh version 2
  ssh key-exchange group dh-group1-sha1
  console timeout 15
  dhcpd auto_config inside
  threat-detection basic-threat
  threat-detection statistics port
  threat-detection statistics protocol
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  username admin password xxxxx encrypted privilege 15
  username admin attributes
  vpn-group-policy DfltGrpPolicy
  tunnel-group CTSGRA type remote-access
  tunnel-group CTSGRA general-attributes
  address-pool RAVPN
  tunnel-group CTSGRA ipsec-attributes
  ikev1 pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map global_policy
  class inspection_default
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  Cryptochecksum:0140431e7642742a856e91246356e6a2
  : end
  Thanks for your help

  Ok,
  So you basically have configured the router so that you can connect directly to the ASA using the Cisco VPN Client. And also the objective was to in the end only allow traffic to the LAN through the VPN Client connection ONLY.
  It would seem to me to achieve that, you would only need the following NAT configurations
  VPN Client NAT0 / NAT Exempt / Identity NAT
  object network LAN
  subnet 192.168.2.0 255.255.255.0
  object network VPN-POOL
  subnet 10.1.1.128 255.255.255.128
  nat (inside,outside) source static LAN LAN destination static VPN-POOL VPN-POOL
  The purpose of the above NAT configuration is simply to tell the ASA that dont do any kind of NAT when there is traffic between the LAN network of 192.168.2.0/24 and the VPN Pool of 10.1.1.128/25. This way if you have any additional hosts on the LAN that need to be connected to, you wont have to make any form of changes to the NAT configurations for the VPN client users. You just allow the connections in the ACL (explained later below)
  Default PAT
  object-group network DEFAULT-PAT-SOURCE
  network-object 192.168.2.0 255.255.255.0
  nat (inside,outside) after-auto source dynamic DEFAULT-PAT-SOURCE interface
  This configurations purpose is just to replace the earlier Dynamic PAT rule on the ASA. I guess your router will be doing the translation from the ASA "outside" interface IP address to the routers public IP address and this configuration should therefore allow normal Internet usage from the LAN.
  I would suggest removing all the other NAT configuration before adding these.
  Controlling VPN clients access to internal resources
  Also I assume that your current VPN client is configured as Full Tunnel. In other words it will tunnel all traffic to the the VPN connection while its active?
  To control the traffic coming from the VPN Client users I would suggest that you do the following
  Configure "no sysopt connection permit-vpn" This will change the ASA operation so that connections coming through a VPN connections ARE NOT allowed by default to bypass the "outside" interface ACL. Therefore after this change you can allow the connections you need in the "outside" interface ACL.
  Configure any rules you need regarding the VPN client connections to the "outside" interface ACL. Though I guess they already exist since you are connecting there without the VPN also
  I cant guarantee this with 100% certainty but it would seem to me that the above things should get you to the point where you can access the internal resources ONLY after when you have connected to the ASA through the VPN client connection. Naturally take precautions like configuration backups if you are going to do major configuration changes. Also if you are remotely managing the ASA then you also have the option to configure a timer on the ASA after which it will automatically reload. This could help in situations where a missconfiguration breaks you management connection and you have no other way to connect remotely. Then the ASA would simply reboot after the timer ran out and also reboot with the original configuration (provided you hadnt saved anything in between)
  Why are you using a different port for the other devices RDP connection? I can understand it if its used through the Internet but if the RDP connection would be used through the VPN Client only then I dont think there is no need to manipulate the default port of 3389 on the server or on the ASA.
  Also naturally if there is something on the actual server side preventing these connections then these configuration changes might not help at all.
  Let me know if I have understood something wrong
  - Jouni

• Using remote desktop web access (RDWEB) with remoteapps and a traditional remote desktop

  I configured windows 2012 r2 remote desktop services and remote desktop web access (rdweb) and was able to click the icon on the rdweb page to log on to a remote desktop session. When I published a remoteapp program, the remote desktop icon went away. How
  do I get it back? Do I need to publish remote desktop as a remoteapp so users can both use remote apps and log on to a traditional remote desktop session?
  thanks in advance for the help

  Hi,
  You can just publish RDC as RemoteApp and then can connect to the desired remote desktop connection. You can check the below snap.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• When accessing a windows program thru remote desktop will it have functionality

  When accessing a remote desktop on a mac to use a windows program is this functional and will it slow the mac down or create other vulnerabilities or will it run smoothly?

  It will be as smooth as your connection is fast, and it won't affect the Mac adversely

• How to find the local system name in remote desktop through oracle

  Hi all,
  i am useing oralce 9i,D2K (Forms 6i) ,Presently i had a small problem when ever i am useing the application through the remote desktop i can not able to find the local system name .If i am accessing from the local system name then i can get the system name but when the user accessing the application through remote desktop i want to find from which local system he is accessing the remote desktop through the application is there any way to find it .If please let me know .
  Thanks in advance
  Srini

  Hi,
  Not sure of what you want.
  Have a look at v$session view. Machine column is maybe what you're looking for.
  If you want to retrieve the local host executing remote desktop, it's actually not possible natievely, since it's still remote host that is connecting to the database.
  Hope it helps.

• Remote desktop not working "remotely"

  I have a Windows 7 Ultimate computer I'm trying to access through Remote Desktop.
  I'm able to access that computer from another computer when both are in the same LAN, but I fail to access it through the internet.
  I already tried disabling windows firewall in the target computer to narrow it down, and it still fails. So the problem mustn't be in the firewall. Only I don't know where else to look.
  Since I can access within the same LAN, I assume the Remote Desktop settings are fine.
  This is what I did to attempt to access the pc over the internet:
  - In my router's admin console, I set up port forwarding and port mapping to work with my target computer's local IP address and port 3389 (remote desktop's port):
  - Then I used an IP lookup service to find my external IP address.
  - I tried that IP:port combination on remote desktop, with the user name from the target pc I want to use (I also tried without entering the user name, but it also fails):
  I always get an error message saying that remote desktop is not enabled, or the remote computer is turned off or not available on the network. The first two are false, since I can access the computer on a LAN and it is definitely not turned off.
  The firewall on my router is disabled, so I really don't know where I'm going wrong.
  Can anyone help, please?
  Thanks!!

  Hi Patr1c1a,
  Did you check the radion button "Allow connections from computers running any version of Remote Desktop" on the recieving computer ?
  System properties / Remote
  Kind regards,
  Gianni

• Time machine is invisible but working via remote desktop - magic

  Hello,
  Time Machine is backing up properly an external firewire-disk of the server and the internal drive. If I run time machine on the server and restore the external volume - or internal volumes - time machine works but stays invisible. The finder window moves and resizes, the screen seems to be frozen - but it´s time machine invisibly running and I cannot see the stars and the space nor the buttons. But I can click them - I can abort time machine and get back to the finder. I also could try to find the place to click to scroll through time and change the windows´ content. I think I could also restore a file successfully but I did not try. But I cannot see time machine. It worked before I updated to 10.5.3 I think. It´s not the screen resolution in Apple Remote Desktop. And I cannot test the Macmini with a screen because it has no screen - it only is accessable via Remote desktop. It seems to me that the remote desktop client on the server does not send screen data of time machine.
  What can I do?
  Thank you.

  Hello,
  I made some more tests. I plugged a Screen adaptor for the TV at the mac mini to have a screen attached. The resolution in remote desktop was PAL and very small but time machine was working and it showed up well.
  The result is that time machine needs a monitor to run properly or is it Remote Desktop that needs a monitor? The macmini is brand new and leopard server is 10.5.4.
  Are there some ideas to solve this issue.
  Thank you.
  Best regards

• Accidentally removed the ability to use remote desktop

  Hi,
  Thanks to anyone that can assist.
  Using SBS2011 Standard:
  Whilst remotely connected and investigating ways to allow an ordinary domain user to have login access to the server, I inadvertently removed the ability of the primary domain admin user to gain access with remote desktop. By primary domain admin
  user, I mean the default user created for administrative purposes at SBS set up/install time.
  I was able to regain remote desktop access by adding this user to the Remote Desktop Users group. However this is really a workaround rather than proper corrective action. I know that this is not necessary in a basic default setup of SBS2011 as there are
  other almost identical servers I look after where I have not needed to do this and yet still have remote desktop connection capability with "out of the box" settings.
  Also, I would really like to find out what mistake I made so that I can avoid doing this again.
  Tricky

  Hello Larry,
  Your suggestion of comparing ADUC across servers was one that I had already thought of and done but I did not notice any differences. Nonetheless, your post suggested to me that I ought to recheck my steps, so I revisited it and was mortified to find that
  somehow the admin user was no longer a member of Administrators. I am baffled as to how I managed to achieve this because to the best of my memory, Administrators group membership was not one of the things I looked at in connection with my intent (read on
  for my logic in this respect).
  I suspect that this might be the problem! I will attempt to rectify and return to this thread in due course.
  WRT granting a user logon rights at the server, I hear what you are saying and even said the same to myself. But let's just for the moment look at the real world rather than the ideal world. Many SBS installations are in the types of businesses that are,
  let's face it, small (after all that is what the first S in SBS stands for). Such business cannot afford qualified IT personel and as such need to designate certain trusted members of staff to carry out some of the things that, if they had any, IT personel
  would normally do. For example, swapping external USB hdd's and monitoring backup success/failure.
  Rather than allow them to logon to the server as an administrator, safer I would have thought to allow them to logon as a user. Unless you can tell me of a way that this can be done from a user logon at their client PC? My knowledge is not encyclopaedic
  so I am open to suggestions of a better way if such a way exists.
  Tricky