newbie: best way to implement home working with WinSBS2003 server

Discussion in 'Windows Networking' started by Bart Plessers \(artabel\), Feb 14, 2005.

  1. Hello,
    In our office we have a Windows SBS 2003 server running
    How can I make our employees working at home and connect to our server?

    Now I work like this
    - make a RDP connection to our server -> I work on the server
    - make a VPN to our server and attach a network drive with NET USE ...

    Both methods are not very straightforward: RDP is only of use for
    administrators and working on server, the network drive needs a VPN dialin
    in advance
    I saw that the FTP-server isn't installed anymore. Probably a security
    decision.

    Is there another method? What about Webfolders/WebDAV?
    Is there a way to connect transparantly to our server by use of standard
    connections?
    I only need file sharing on the server for this moment (Exchange is already
    accessable by use of OWA), so my preferable way is directly browing to our
    SBS2003 server over the internet without the need of any extra software.

    any help is appreciated

    regards,
    bart





    --


    =======================================
    ARTABEL
    Bart Plessers
    Schreursvest 67
    3001 Leuven
    BELGIUM
    tel +32 (16) 23.40.85
    tel +32 (16) 28.40.03 (rechtstreeks)
    fax +32 (16) 23.41.06
    email:
    web: http://www.artabel.com/
    =======================================
     
    Bart Plessers \(artabel\), Feb 14, 2005
    #1
    1. Advertisements

  2. If the client machines on the office network are running Windows XP, you
    could have remote clients use RDP to connect directly to their office
    machines instead of the server. To do this, you need to change and map the
    RDP listening port for each machine. Once the port is changed, it is very
    easy for a client to make the connection. See:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;306759

    http://support.microsoft.com/default.aspx?scid=kb;en-us;304304

    Doug Sherman
    MCSE Win2k/NT4.0, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Feb 14, 2005
    #2
    1. Advertisements

  3. Bart Plessers \(artabel\)

    Joe Guest

    Leave a workstation on the network powered for each user, and connect
    via RWW. The screen of the workstation will be repeated on their home
    machine, and their keyboard and mouse movements copied over. It's
    basically Terminal Server for one user per workstation. Users can do
    whatever they can when seated at the workstation.
     
    Joe, Feb 14, 2005
    #3
  4. Noooooo Doug, we SBS-ers have RWW which does the rdp-ing to the xp clients.
    Like magic ;-)

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 14, 2005
    #4
  5. Oops - I should have caught that. Makes the solution much easier for Bart.
    BUT, it's not fair - everyone should have to edit the registry.

    Doug Sherman
    MCSE Win2k/NT4.0, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Feb 14, 2005
    #5
  6. Do I sense a bit of jealousy? ;-)

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 14, 2005
    #6
  7. I thought I heard the same thing...
    Ahhhh one of the hazards of cross posting ;-) We have to share our secrets!
     
    Cris Hanna [SBS-MVP], Feb 14, 2005
    #7
  8. You SBS guys are spoiled - you get all those perfectly compatable servers
    built into your product; you get all kinds of cool wizards; you get stuff
    like RWW; and you get it all at a discount price. When I was your age I had
    to hike through 9 foot snowdrifts just to get to my server .......... so
    that I could edit the registry.

    Doug Sherman
    MCSE Win2k/NT4.0, MCSA, MCP+I, MVP

     
    Doug Sherman [MVP], Feb 14, 2005
    #8
  9. :D

    At the other hand: we even have to know more than just plain silly OS
    server..... And sometimes we do have to edit the registry, but we rather
    click a reg file that someone has made for us ;-)

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's

     
    Marina Roos [SBS-MVP], Feb 14, 2005
    #9
  10. thanx joe.
    But what if I forgot to power on my work-PC?

    Is there a way to (safely) connect to my server files trough internet? (I
    don't need to simulate my office environment, I only need the office files)

    What is this RWW thing? Remote Web Workplace... is it the same as Remote
    Desktop Connection?

    regards,
    bart



    --

    ==========================================
    Hyper A.R.T.
    bart plessers
    Paul Van Ostaijenlaan 4
    3001 Heverlee
    BELGIUM
    tel: +32 (16) 23.40.85
    fax: +32 (16) 23.41.06
    ==========================================
     
    bart plessers, Feb 14, 2005
    #10
  11. atlhough I can feel a little sarcastic note, I would be pleased if you could
    elaborate the RWW thing a little bit more :)
    Is it the same as Remote Desktop Connection?

    regards,
    bart


    --

    ==========================================
    Hyper A.R.T.
    bart plessers
    Paul Van Ostaijenlaan 4
    3001 Heverlee
    BELGIUM
    tel: +32 (16) 23.40.85
    fax: +32 (16) 23.41.06
    ==========================================
     
    bart plessers, Feb 14, 2005
    #11
  12. Hi Bart,

    Remote Web Workplace. If you enter https://ip/remote from anywhere in the
    world, it will connect you to your server. From there you can read your
    email, connect to the server desktop (only for admins) and connect to
    desktops.
    You will have to run CEICW to enable this option and you will have to
    forward port 443 and 4125 from the router to your external nic IP.

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 15, 2005
    #12
  13. Bart
    If you have a static external IP for your SBS server, you can alway VPN into
    the network
     
    Cris Hanna [SBS-MVP], Feb 15, 2005
    #13
  14. Hi Cris.

    This is what I do right now.
    But it implicates
    - VPN connect
    - NET USE ...
    (work with files)
    - NET USE ... /delete
    - VPN hangup


    So my question was how to avoid this handling.
    What about connecting to our server from older home PC's? From Apple/Linux
    etc...

    I was just wondering if there is a workflow without need of VPN, RDP etc...
    Just (secure) file sharing over the internet.

    On our previous server I installed the FTP-server, but I assume that this
    was dropped on default SBS2003 server installation because of security
    issues...


    Any other tips?
    regards,
    bart





    --


    =======================================
    ARTABEL
    Bart Plessers
    Schreursvest 67
    3001 Leuven
    BELGIUM
    tel +32 (16) 23.40.85
    tel +32 (16) 28.40.03 (rechtstreeks)
    fax +32 (16) 23.41.06
    email:
    web: http://www.artabel.com/
    =======================================

     
    Bart Plessers \(artabel\), Feb 15, 2005
    #14
  15. Hello Marina,
    https://ip/remote does not seem to work. I suppose it is the same URL or an
    alias for https://ip/tsweb were I can connect to the desktops as you
    described.

    thanx

    bart


    --


    =======================================
    ARTABEL
    Bart Plessers
    Schreursvest 67
    3001 Leuven
    BELGIUM
    tel +32 (16) 23.40.85
    tel +32 (16) 28.40.03 (rechtstreeks)
    fax +32 (16) 23.41.06
    email:
    web: http://www.artabel.com/
    =======================================
     
    Bart Plessers \(artabel\), Feb 15, 2005
    #15
  16. Hi Bart,

    Did you run CEICW, enabled the firewall, and put in your public IP in the
    webcertificate? Did you forward port 443 and 4125 from your router to your
    external nic IP?

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 15, 2005
    #16
  17. Hello Marina,

    After running CEICW everything works.
    However, I had to enable the firewall as you said.

    Without firewall enabled, I still get following message when trying to
    connect from home to my server (see below)
    If I check manually the security on the remote directory, only local IP (in
    my case 10.0.0.4) and loopback adapter (127.0.0.1) are allowed.
    I don't want the integrated firewall, so is it safe to change these IP
    restrictions manually?


    bart


    You are not authorized to view this page
    The Web server you are attempting to reach has a list of IP addresses that
    are not allowed to access the Web site, and the IP address of your browsing
    computer is on this list.
    --------------------------------------------------------------------------------

    Please try the following:

    a.. Contact the Web site administrator if you believe you should be able
    to view this directory or page.
    HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.
    Internet Information Services (IIS)

    --------------------------------------------------------------------------------

    Technical Information (for support personnel)

    a.. Go to Microsoft Product Support Services and perform a title search
    for the words HTTP and 403.
    b.. Open IIS Help, which is accessible in IIS Manager (inetmgr), and
    search for topics titled About Security, Limiting Access by IP Address, IP
    Address Access Restrictions, and About Custom Error Messages.

    --

    ==========================================
    Hyper A.R.T.
    bart plessers
    Paul Van Ostaijenlaan 4
    3001 Heverlee
    BELGIUM
    tel: +32 (16) 23.40.85
    fax: +32 (16) 23.41.06
    ==========================================
     
    bart plessers, Feb 15, 2005
    #17
  18. Hi Bart,

    Why don't you want the integrated firewall? Which firewall do you mean? Do
    you have Standard or Premium? One or 2 nics?

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 16, 2005
    #18
  19. SBS -> 2NIC's
    Firewall -> hardware router with firewall, routing to external SBS NIC
    Standard or Premium -> ???? Are there different versions of SBS2003?

    bart



    --


    =======================================
    ARTABEL
    Bart Plessers
    Schreursvest 67
    3001 Leuven
    BELGIUM
    tel +32 (16) 23.40.85
    tel +32 (16) 28.40.03 (rechtstreeks)
    fax +32 (16) 23.41.06
    email:
    web: http://www.artabel.com/
    =======================================
     
    Bart Plessers \(artabel\), Feb 16, 2005
    #19
  20. Hi Bart,

    Yes, the Premium version has ISA 2000 and SQL 2000.

    --
    Regards,

    Marina
    Microsoft SBS-MVP
    One of the Magical M&M's
     
    Marina Roos [SBS-MVP], Feb 16, 2005
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.