ComputerSecurityStudent (CSS) [Login] [Join Now]


|WINDOWS >> Windows 2008 Server >> Current Page |Views: 14185

(Windows 2008 Server: Lesson 10)

{ Configuring Remote Desktop Users }

Section 0. Background Information
  • Overview 
    • This lab with show you how to configure Windows 2008 Server to allow Remote Desktop users to connect remotely.
    • This lab will show you how to add users to the Remote Desktop Users Group.
    • This lab will show you how to configure the "Allow log on through Terminal Services" GPO.

     

Section 1. Login to your W2K8 server.
  1. Start your Windows 2008 Server
    • Instructions
      1. Click on W2K8 Server
        • Make sure you are using a bridged connection before clicking on play.
      2. Click on Play virtual machine

     

  2. CRTL + ALT + DELETE
    • Instructions
      1. Virtual Machine
      2. Send Ctrl+Alt+Del

     

  3. Login as Administrator
    • Click on the Administrator icon.

     

  4. Login
    • Command: Provide the password for the Administrator account.

     

Section 2. Allow Remote Desktop Connection
  1. Open Control Panel
    • Instructions:
      1. Start --> Control Panel

     

  2. Open System
    • Instructions:
      1. Double click System

     

  3. Open Remote settings
    • Instructions:
      1. Click on Remote settings

     

  4. Configure System Properties
    • Instructions:
      1. Select Allow connections from computers running any version of Remote Desktop.

 

Section 3. Configure the "Allow log on through Terminal Services" Policy
  1. Launch Group Policy Editor
    • Instructions:
      1. In the search box, type "gpedit.msc"
      2. Click on gpedit

     

  2. Navigate to the "Allow log on through Terminal Services" Policies
    • Instructions:
      1. Computer Configuration --> Windows Settings --> Security Settings --> Local Policies --> User Rights Assignment
      2. Double Click on policy "Allow log on through Terminal Services"

     

  3. Add Users to the "Allow log on through Terminal Services" Policies
    • Instructions:
      1. Click on the Add User or Group... button.

     

  4. Add Users to Group
    • Instructions:
      1. In the Text Box type "Boss" and Click the Check Names Button.
      2. In the Text Box type "Team" and Click the Check Names Button.
      3. In the Text Box type "Worker" and Click the Check Names Button.
      4. Click OK

     

  5. Apply and Save
    • Instructions:
      1. Click Apply
      2. Click OK

 

Section 4. Add Users to Remote Desktop Users Group
  1. Go To Active Directory Users and Computers
    • Instructions:
      1. Start --> Administrative Tools --> Active Directory Users and Computers.

     

  2. Select the Remote Desktop Users Group
    • Instructions:
      1. Active Directory Users and Computers --> security.student --> Builtin
      2. Double Click on Remote Desktop Users

     

  3. Select the Members Tab.
    • Instructions:
      1. Select the Members Tab.
      2. Select the Add.. Button.

     

  4. Add Users to Group
    • Instructions:
      1. In the Text Box type "Boss" and Click the Check Names Button.
      2. In the Text Box type "Team" and Click the Check Names Button.
      3. In the Text Box type "Worker" and Click the Check Names Button.
      4. Click OK

     

  5. Apply and Save
    • Instructions:
      1. Click Apply
      2. Click OK

 

 

Section 5. Terminal Services Configuration
  1. Open the Terminal Services Configuration
    • Instructions:
      1. Start --> Administrative Tools --> Terminal Services --> Terminal Services Configuration

     

  2. Open Restrict each user to a single session
    • Instructions:
      1. Right click on Restrict each user to a single session
      2. Select Properties

     

  3. Verify the Properties
    • Instructions:
      1. Make sure all three check boxes are checked, especially "Restrict each user to a single session.
      2. Click the OK Button

 

Section 6. Update GPO's
  1. Open a Command Prompt
    • Instructions:
      1. Start --> Command Prompt

     

  2. Update Group Policies
    • Instructions:
      1. gpupdate /force
      2. ipconfig
    • Note:
      • Note my W2K8's IP Address is 192.168.1.106.  In your case it will probably be different.
      • Note your IP Address for the following section.

 

Section 7. Test Remote Desktop Connection
 
  1. Booting up WindowsVulerable01 (Victim Machine)
    • Instructions:
      1. Start up VMware Player
      2. Select WindowsVulerable01
        • Make sure you are using a bridged connection before clicking on play.
      3. Play Virtual Machine
    • Note:
      • For those of you not part of my class, WindowsVulerable01 is a Windows XP machine running SP2.

     

  2. WindowsVulerable01 Authentication
    • Instructions:
      1. Login as administrator

     

  3. Start Remote Desktop Connection
    • Instructions:
      1. Start --> Accessories --> Communications --> Remote Desktop Connection.

     

  4. Remote Desktop Connection Options
    • Instructions:
      1. Click on the Options Button

     

  5. Remote Desktop Connection Configuration
    • Instructions:
      1. Computer: 192.168.1.106
        • This is your W2K8 IP Address.
      2. User name: manager
      3. Supply the Active Directory Manager Password
      4. Domain: SECURITY

     

  6. Bring up a command prompt
    • Instructions:
      1. Start --> Command Prompt

     

  7. Proof of Lab
    • Instructions:
      1. gpresult /V | findstr INTERACTIVE
      2. date
      3. echo "Your Name"
    • Proof of Lab Instructions:
      1. Do a PrtScr
      2. Paste into a word document
      3. Answer the following questions:
        1. What is the name of the group that is a required membership for a remote user to login?
        2. What is the name of the Terminal Services policy that is required for all remote users to login?
        3. What is the name of the check box that would be needed to be unchecked to allow a user to login with multiple sessions?
      4. Upload to Moodle

 
Section 8. Proof of Lab
  1. Proof of Lab
    • Instructions:
      1. Do Section 7, Step 7.
    • Proof of Lab Instructions:
      1. Do a PrtScr
      2. Paste into a word document
      3. Answer the following questions:
        1. What is the name of the group that is a required membership for a remote user to login?
        2. What is the name of the Terminal Services policy that is required for all remote users to login?
        3. What is the name of the check box that would be needed to be unchecked to allow a user to login with multiple sessions?
      4. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth