Prevent Administrator from Remote Logon to Workgroup Server
Mark Berry September 13, 2010
When I set up a server for management via Remote Desktop, I prefer to change the RDP listening port to a non-default value (MSKB 306759) and to use a custom admin account for the logon. These simple obfuscations may not defeat a determined hacker, but they do reduce attacks from automated bots.
Of course, it’s not enough to just create an alternative admin account; you have to prevent the default Administrator account from logging on via Remote Desktop. Some go so far as to disable the Administrator account. I just block its remote access.
More...Windows Remote Desktop Printing
Mark Berry January 25, 2010
Often home users connecting to a remote computer would like to print to their local printer. It is possible, at least sometimes, depending on the printer. The basic idea is that the host computer needs a driver for the guest computer’s printer, then it needs to be able to map that driver to the printer when the terminal services session is established.
When the remote user’s printer is an HP-Postscript enabled LaserJet HP2605dn, I have had some success installing the HP Universal Print Driver – Postscript and using the printer mapping described in MSKB 239088 and near the end of this article: Windows Terminal Services Printing. And yes, this applies not only to servers running Terminal Services (aka Remote Desktop Services), but also to individual desktop computers that allow remote users to connect via Remote Desktop.
More...Computing Interrupted: The Windows 7 Remote Desktop Experience
Mark Berry January 6, 2010
The Remote Desktop experience in Window 7 computer has changed significantly since the Windows XP days. Here's a brief overview.
More...Remote Desktop /console Switch Removed by XP SP3 Upgrade
Mark Berry July 12, 2008
I recently upgraded my XP desktop to Service Pack 3, which includes an update to Remote Desktop Client 6.1.
Today I locked a Windows Server 2003 console session at a client site, then tried later to access the console session by typing “mstsc.exe /console” from the command line. Instead of connecting to the console, I found myself dropped into a new session on the server. When I started Terminal Services Manager on the remote machine, I saw two sessions, including the console session. When I tried to remote control the console session, I got the message, “”Can't remote control session (ID 0).”
I finally found this Terminal Services Team Blog post with the explanation:
Changes to Remote Administration in Windows Server 2008
There are reasons why /console is no longer needed in Windows Server 2008. Apparently that justifies removing this functionalitiy from RDC 6.1, even when connecting to Windows Server 2003. Worse, the connection succeeds but “silently ignores” the /console switch.
Fortunately, there is a workaround: use the new /admin switch instead.
Both the application-specific Help file and the Windows XP Help and
Support Center still list the missing /console switch and do not mention the
/admin switch. Note to Microsoft: if you're going to “silently” remove functionality, at least update the documentation!
About
Welcome to MCB Systems!
MCB Systems is a San Diego-based provider of software and information technology services.
Our software services include customization and programming to make software work for you.
Our proactive I.T. services help businesses control costs by providing a fixed monthly bill for routine I.T. services.
We take a consulting approach that listens first and provides solutions tailored to your business.
This Tech Blog is geared towards programmers and I.T. professionals, but end users may be interested to glimpse what goes on "behind the scenes" in developing software and keeping their computing environments stable and secure. Also visit the main User Blog.
Blog author
Mark Berry owns MCB Systems.
Contact MCB Systems today to discuss your technology needs!
Subscribe to the MCB Tech Blog
