4:09 PMConfiguring Remote Desktop PART 2
Establishing a Remote Desktop Session
After installing the appropriate client software on the client computer, you can connect to the remote computer. The following discussion includes tips for using Remote Desktop components, keyboard shortcuts you can use during a Remote Desktop session, information about security enhancement by using encryption levels, and configuring of Remote Desktop by using group policies.
You can establish a session with the Windows XP Professional–based computer that has Remote Desktop enabled by using one of the following clients:
To create a new connection by using Remote Desktop Connection
In Remote Desktop Connection, you can preconfigure your Remote Desktop sessions:
Figure 8-4 illustrates the client logon interface and Table 8-2 lists the features for the interface.
Note Configurations on the client logon interface are local policy settings; they can be overridden by Group Policy settings.
Table 8-2 Features Available on the Remote Desktop Connection Logon Interface
Using Remote Desktop Web Connection
To use Remote Desktop Web Connection, you need to ensure that it is installed and running on the Web server. Your client computer must also have an active network connection and Internet Explorer version 4.0 or later installed.
To connect to a remote computer by using Remote Desktop Web Connection
Keyboard Shortcuts in a Remote Desktop Session
You can apply Windows key combinations to your Remote Desktop sessions, or you can use the following Remote Desktop keyboard shortcuts (shown in Table 8-3) to perform many of the same functions.
Table 8-3 Keyboard Shortcuts in a Remote Desktop Session
Security and Encryption in Remote Desktop
You can enhance the security of a Remote Desktop session by using any or all of these methods:
These five security-enhancing methods, discussed in the following sections, use Group Policy settings. For more information about using Group Policy with Remote Desktop, see "Using Group Policy with Remote Desktop” later in this chapter.
Setting Encryption Levels
Data encryption can protect your data by encrypting it on the communications link between the client and the Windows XP Professional–based computer. Encryption protects against the risk of unauthorized interception of transmitted data. By default, Remote Desktop sessions are encrypted at the highest level of security available (128-bit). However, some older versions of Terminal Services client software do not support this high level of encryption. If your network contains such "legacy” clients, you can set the encryption level of the connection to send and receive data at the highest encryption level supported by the client.
There are two levels of encryption available:
You can set the encryption level of the connection between the client and the remote computer by enabling the Set client connection encryption level Terminal Services Group Policy setting.
Enabling Password Authentication at Logon Time
To enhance security of a Remote Desktop session over the Internet, you might want to prevent automatic password passing. To do this, you can enable the Always prompt client for password Terminal Services Group Policy setting. When this setting is enabled, you must supply your password in the Windows Logon dialog box whenever you start a Remote Desktop session.
Disabling Clipboard Redirection
For enhanced security, you might choose to disable Remote Desktop clipboard redirection for clients that connect via the Remote Desktop Web Connection client. You can disable clipboard redirection by using the Do not allow clipboard redirection Terminal Services Group Policy.
Disabling Printer Redirection
For enhanced security, you might choose to disable the printer redirection feature for clients that connect via the Remote Desktop Web Connection client. You can disable printer redirection by using the Do not allow printer redirection Terminal Services Group Policy.
Disabling File Redirection
For enhanced security, you might choose to disable the file redirection feature for clients that connect via the Remote Desktop Web Connection client. You can disable file redirection using the Do not allow drive redirection Terminal Services Group Policy.
Using Group Policy with Remote Desktop
In Windows XP Professional, you can use Group Policy to configure Remote Desktop Connection settings, set user policy, and manage Remote Desktop sessions. You can enable Group Policy for users of a computer, for individual computers, or for groups of computers belonging to an organizational unit of a domain. To set policy for users of a particular computer, you must be an Administrator for that computer or have equivalent rights. To set policies for an organizational unit in a domain, you must be an Administrator for that domain or have equivalent rights.
Enabling Group Policy on an Individual Computer
To set Terminal Services policies settings for a particular computer or for users of that computer, open the Group Policy snap-in to edit the Local Group Policy Object (LGPO).
The Terminal Services group policies are not configured by default. You can configure each Group Policy to be either disabled or enabled.
To access Terminal Services Group Policy
Terminal Services Group Policies are organized individually and in folders. Table 8-4 lists some of the Terminal Services Group Policy folders, policies, and functions that affect Remote Desktop.
Table 8-4 Group Policy Settings That Affect Remote Desktop
Troubleshooting Remote Desktop
This section contains troubleshooting information for Windows XP Professional Remote Desktop.
Server Name Not Found Error Message
If the remote computer cannot be found, the following message appears:
"The specified remote computer could not be found. Verify that you have typed the correct computer name or IP address, and then try connecting again.”
The problem might be in the computer name or IP address that you are using to connect. To solve this problem, verify that you have the correct computer name for the remote computer and that you have typed it in correctly. The correct computer name can be obtained from your administrator. If you have the correct computer name and are still unable to connect, try to connect using the actual IP address of the computer. This information can be obtained from your administrator.
A Specified Program Will Not Open
If you are having problems opening a specified program on the host computer (on the Programs tab of the Remote Desktop Connection), you might be connecting to a computer running Windows XP Professional. Specified programs will open only when connecting to a terminal server, not when starting a Remote Desktop session. Remote Desktop provides access to the actual console session of the remote computer. You cannot specify programs that open in a Remote Desktop session.
Cannot Log On to the Remote Computer
If you do not have the correct permissions to access a remote computer running Windows XP Professional, the following message appears:
"The local policy of this system does not permit you to log on interactively.”
You must add yourself to the Remote Desktop Users group (or to a group with administrative rights) so that you can use Remote Desktop.
Session Ends with a Data-Encryption Error Message
If a data encryption error prevents your client computer from communicating properly with the remote computer, the following message appears:
"Because of error in data encryption, this session will end. Please try connecting to the remote computer again.”
Try again to connect to the remote computer.
These resources contain additional information and tools related to this chapter
|Total comments: 1|