Wait this is just for a simple RDP to a single isolated server? I thought you wanted a remote desktop gateway on a DC To serve applications. What is the ratio of risk to the conservation of resources? How likely is intrusion likely to occur?
How easily can worst case scenarios malicious user "selects all, deletes" be mitigated by having duplicate standbys? For example, common practice would be to have three servers two DCs and one TS [or maybe even two TS] , that's four Windows installs vs. Add a comment.
Active Oldest Votes. Improve this answer. Chris S Chris S This assumes they have compromised a user account, correct? What if users can only run a small subset of authorized applications? Earls - how 'bout just a compromised user? Most hacks are inside jobs. Earls, there are no absolutes in security. Sounds like you're already decided on doing this, so the only thing you can do is make the situation as reasonably secure as your policies demand.
Separating the roles adds a very large security buffer, but doesn't guarantee anything anyway. I'll give it to you for being honest I guess it's just something I'm going to have to learn from experience. If users wreck their terminal server, they're not going to be using it whether it's a separate server or not.
Email Required, but never shown. The Overflow Blog. Podcast Making Agile work for data science. Stack Gives Back Featured on Meta. New post summary designs on greatest hits now, everywhere else eventually.
Related Hot Network Questions. Question feed. Note that Terminal Services installation requires a server restart; so close open programs and make sure that users are disconnected before finishing the installation. At this point, the server restarts automatically.
When you log back in to the machine, you're notified that this server now runs Terminal Services and that you need to activate a licensing server within days. After days, the terminal server will stop accepting unlicensed connections.
Activating a licensing server involves first installing the Terminal Services licensing component and then activating the server with Microsoft.
The server activation downloads a digital certificate from the Microsoft Clearinghouse that uniquely identifies this particular terminal server. To perform these steps, do the following:. Select the activation method—automatic over the Internet, by telephone, or over the Web—and click Next Figure E.
An automatic registration is the default and requires a server capable of initiating SSL connections to the Microsoft Clearinghouse. If your server can't access the Internet, you won't be able to use this method. You need to provide some information for the activation to proceed, including your name, company name, and country Figure F. If you like, you can provide more information, such as your address, e-mail address, etc.
After you do so, click Next. After you've supplied the required information, you'll see a summary screen indicating that your server is activated by Microsoft.
At this point, you have the option to add client licenses via a wizard. You can do this only if you've purchased Terminal Services client licensing packs from Microsoft. Each license pack includes some type of product key or agreement number that you must enter in order to install it. To install licenses after the initial installation, access the Terminal Services Licensing utility, right-click the licensing server, and select Install Licenses.
This will start the same wizard mentioned above. This question was closed by the author 0 Votes. Back to Networks Forum. Start or search. Start New Discussion. Create a new discussion If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem.
Track this discussion and email me when there are updates. Reset Post Submit Post. Related Discussions. Why so many blocked connections in McAfee security history? Related Forums.
0コメント