Monday, June 27th, 2005
Most people know about using logon scripts, but few know that you can actually put in place a logoff script which is executed when the user logs off the network. So what can you do with these scripts? Things like using them to delete temporary files various folders etc and clearing out things like that from the computer that the user has used.
The following MS KB articles apply to Windows 2000, but equally apply to Windows 2003 and Small Business Server 2003
How to assign scripts in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;322241
Overview of Logon, Logoff, Startup and Shutdown Scripts on Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;198642
Tags: Administration, SBS 2000, SBS 2000 SP1, SBS 2003 Premium, SBS 2003 R2 Premium, SBS 2003 R2 Standard, SBS 2003 SP1 Premium, SBS 2003 SP1 Standard, SBS 2003 Standard
Posted in FAQs | No Comments »
Monday, June 13th, 2005
One of the killer features of Small Business Server 2003 is the Remote Web Workplace – RWW for short. Within it you can access many internal resources using nothing more than a simple web browser. One of the key features that most people use is the “Connect to my computer” feature – often in fact many people call THIS single feature RWW which only serves to confuse issues at times. For the purposes of this FAQ – we’ll call it RDP/RWW
Many people have asked the question of is RDP/RWW more secure than a VPN with RDP. My response is a big YES.
RDP/RWW is more secure than a VPN/RDP combination for many reasons. I’ve tried to highlight a few below.
1. No VPN required – means there is no chance of data coming back up the VPN from the remote computer (a computer you don’t control) and then into your SBS network.
2. No configuration required on the remote computer – means that nothing of value is left behind – a VPN or SSH connection will leave something on the PC that others may use to gain access to your office LAN.
3. SBS2003 does a few additional things too before it opens up port 4125 (the default for RDP over RWW). You will need to have entered the RWW portal by entering your user credentials and password AND you’ll need to be a member of the Remote Web Workplace users group. Once you’ve passed these few tests then port 4125 opens
4. When connecting via RWW to a computer in your office, the SBS server does a check of two additional things before connecting you to your desktop PC in the office. It checks your source IP address before allowing you in via the RDP connection. If the source IP address for the RDP connection is not the same as the source IP address for the RWW/SSL connection you’ve used to authenticate thus far, then it drops the connection – more secure than a simple VPN connection.
So you can see that even simply using RDP over RWW interface is more secure than a VPN + RDP combination.
I’ve documented this even more in the chapter I wrote for the Advanced Windows Small Business Server 2003 Best Practices available fromwww.smbnation.com Check out Chapter 8 if you want more technical info.
Tags: Remote Web Workplace, SBS 2003 Premium, SBS 2003 R2 Premium, SBS 2003 R2 Standard, SBS 2003 SP1 Premium, SBS 2003 SP1 Standard, SBS 2003 Standard
Posted in FAQs | No Comments »