Windows Server Administration/Remote Access

This lesson covers remote access using Windows Remote Assistance, Remote Desktop Services, and virtual private networks. Activities include using Windows Remote Assistance, Remote Desktop, and Remote Server Administration Tools.

Objectives and Skills
Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:
 * Understand remote access: remote assistance; remote administration tools; Remote Desktop Services; licensing; RD Gateway; VPN; application virtualization; multiple ports

Readings

 * 1)  Quick Assist
 * 2)  Remote desktop software
 * 3)  Remote administration
 * 4)  Remote Desktop Services
 * 5)  Application virtualization
 * 6)  Virtual private network

Multimedia

 * 1) YouTube: How to use Windows 10 Quick Assist to Remotely Troubleshoot PC problems
 * 2) YouTube: Enable Remote Desktop Protocol (RDP) on Windows Server 2019
 * 3) YouTube: How to Use Remote Desktop Connection Windows 10
 * 4) YouTube: How to install Remote Server Administration Tools (RSAT) on Windows 10
 * 5) YouTube: How to install Remote Server Administrator Tools in Windows 10
 * 6) YouTube: Install and Configure Remote Desktop Services RDS on Windows Server 2019
 * 7) What is a VPN?]

Activities

 * 1) Review Installing a Windows Role/Feature with Server Manager.  Add Remote Assistance
 * 2) Review How to Enable Remote Assistance Using Group Policy.  Configure Remote assistance and initiate remote assistance to another user.
 * 3) Review How To Enable Remote Desktop In Windows Server 2019. Enable Remote Desktop.  Use Windows Firewall to verify that Remote Desktop is enabled.  Use another computer to access the server remotely using Remote Desktop.
 * 4) Review Install or Uninstall Roles, Role Services, or Features.  Add a role or feature with the gui and one with PowerShell
 * 5) Review Manage a Server Core server.  Remotely administer a Server Core server and install a role by Server Manager, RSAT on Windows 10 or PowerShell.
 * 6) Review Remote Desktop Services.  Click on the "Supported configurations for Remote Desktop Services in Windows Server 2016 and discuss some of the best practices and architectures.
 * 7) Review Microsoft Remote Desktop Clients.  Install Remote Desktop Client on your Android or iOS tablet or smartphone and use the app to connect to the Remote Desktop server.
 * 8) Review License your RDS deployment with client access licenses (CALs).  Use your preferred software license vendor to determine the cost per license for RDP CALs.
 * 9) Review Microsoft Application Virtualization.
 * 10) Review Deploy Always On VPN.  Configure and test a an Always on VPN server.
 * 11) Review How to Install VPN using RRAS.  Configure your server with RRAS for VPN connections. See if you can connect to it.

Lesson Summary

 * Windows Quick Assist allows a user to temporarily view or control a remote Windows computer over a network or the Internet to resolve issues without directly touching the unit.


 * Windows Remote Assistance is based on the Remote Desktop Protocol.


 * Windows Quick Assist is installed by default on Windows clients, but must be added manually on Windows Server 2019 servers using the Add Features Wizard in Server Manager.


 * Remote assistance sessions may be initiated using the Windows Quick Assist application or by using the msra.exe command line interface.


 * Remote desktop refers to a software or operating system feature that allows a personal computer's desktop environment to be run remotely on one system while being displayed on a separate client device.


 * Common remote desktop approaches include open source VNC and Microsoft's RDP. Of the two, RDP offers better performance.


 * Remote Desktop connections are disabled by default, but may be enabled using System Properties.


 * Remote administration refers to any method of controlling a computer from a remote location.


 * Windows business clients and server editions may be remotely administered using the Microsoft Management Console, the Windows Registry Editor, and various command-line utilities, in addition to Remote Desktop connections.


 * Remote Server Administration Tools for Windows 10 enables IT administrators to manage roles and features that are installed on remote computers that are running Windows Server 2019.


 * Remote Desktop Services allows a user to access applications and data on a remote computer over a network, using the Remote Desktop Protocol (RDP).


 * Remote Desktop clients may be full-fledged computers, thin clients, tablets or smartphones.


 * In the client versions of Windows, Remote Desktop supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.


 * With Remote Desktop Services, only the user interface of an application is presented to the client, while application execution takes place on the server. This is in contrast to application streaming systems like Microsoft Application Virtualization, in which the applications are streamed to the client and executed on the client machine.


 * The Remote Desktop service listens on TCP port 3389, and supports low, medium or high encryption.


 * Remote Desktop Licensing enables a server to manage Remote Desktop Services client access licenses (RDS CALs) that are required for each device or user to connect to a Remote Desktop Session Host server. RDS CALs are managed using the Remote Desktop Licensing Manager application.


 * The Remote Desktop Gateway component, also known as RD Gateway, tunnels Remote Desktop Protocol sessions through an HTTPS connection, thus encapsulating the session with Transport Layer Security (TLS).


 * A virtual private network (VPN) extends a private network across a public network, such as the Internet, and enables a computer to send and receive data as if it were directly connected to the private network.


 * VPNs provide security by the use of tunneling protocols and through security procedures such as authentication and encryption.


 * Windows Server 2019 VPN supports the following tunneling protocols: PPTP, L2TP, and SSTP.


 * Windows Server 2019 VPN supports the following authentication methods: PAP, CHAP, MS-CHAP v2, and EAP. EAP implemented with public key certificates is considered to be the most secure.

Key Terms

 * Apple Remote Desktop (ARD)
 * A Macintosh application produced by Apple Inc., that allows users to remotely control or monitor other Macintosh computers over a network.


 * application virtualization
 * A software technology that encapsulates application software from the underlying operating system on which it is executed.


 * Challenge-Handshake Authentication Protocol (CHAP)
 * An authentication protocol that uses an algorithm to generate a password challenge based on a known password without ever transmitting the actual password across the network, making it more secure than PAP.


 * Citrix XenApp
 * An application virtualization product that allows users to connect to their corporate applications from a wide range of computer systems and mobile devices.


 * Extensible Authentication Protocol (EAP)
 * An authentication framework providing for the transport and usage of keying material and parameters and supporting a wide variety of authentication methods.


 * Generic Routing Encapsulation (GRE)
 * A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork and identified as IP protocol type 47.


 * Layer 2 Tunneling Protocol (L2TP)
 * A tunneling protocol used to support virtual private networks (VPNs).


 * MS-CHAP
 * The Microsoft version of the Challenge-Handshake Authentication Protocol, CHAP.


 * NAT traversal
 * A general term for techniques that establish and maintain Internet protocol connections traversing network address translation (NAT) gateways.


 * Network Address Translation (NAT)
 * The process of modifying IP address information in IPv4 headers while in transit across a traffic routing device.


 * Password Authentication Protocol (PAP)
 * An authentication protocol that uses a clear-text password.


 * Peer Name Resolution Protocol (PNRP)
 * A peer-to-peer protocol designed by Microsoft that enables dynamic name publication and resolution, and requires IPv6.


 * Point-to-Point Tunneling Protocol (PPTP)
 * A method for implementing virtual private networks using a TCP connection on port 1723 and a GRE tunnel to encapsulate PPP packets.


 * RemoteApp
 * A special mode of Remote Desktop Services where the user interface for a remote application is rendered in a window on the local desktop, and is managed like any other window for local applications.


 * RemoteFX
 * A set of Microsoft technologies that enhance the visual experience of the Remote Desktop Protocol (RDP).


 * Secure Socket Tunneling Protocol (SSTP)
 * A form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel, allowing SSTP to pass through most firewalls and proxy servers.


 * Terminal Services
 * The previous name for Microsoft's Remote Desktop Services.


 * tunneling protocol
 * A network protocol (the delivery protocol) used to encapsulate a different payload protocol to carry a payload over an incompatible delivery-network or provide a secure path through an untrusted network.


 * Virtual Network Computing (VNC)
 * An open source graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer.


 * Wake-on-LAN
 * An Ethernet computer networking standard that allows a computer to be turned on or awakened by a network message.

Flashcards

 * Test your understanding of this lesson.
 * Test your understanding of the key terms.