Networking / Beginners

---

Allowing Remote Desktop Access

If users only need to be able to access shared resources on dial-up and VPN servers or the corporate network, the procedures already provided in this tutorial can be used to satisfy their remote connectivity requirements. However, if users need to be able to directly access and remotely control the applications and data located on their personal desktops, administrators can set up Remote Desktop connections.

Windows XP Professional's Remote Desktop feature allows remote access to a Windows XP Professional computer and to its applications and data from any network connection, including:

• LAN
• Dial-up
• ISDN
• DSL
• VPN

Using Remote Desktop, users have complete access to everything on their computer, just as if they were sitting in front of it. Remote Desktop works by first enabling Remote Desktop on the remote computer (that is, the computer that will be remotely accessed), establishing a network connection between the remote and the local computer, and then running the Remote Access Client on the local computer. Once successfully initiated, a Remote Desktop session provides the local user with all of the following:

• The ability to start and to work with applications on the remote computer
• Access to the remote computer's disk drives, which appear as drives with the name <drive_letter> on tsclient in Windows Explorer on the local computer
• Access to network resources to which the remote computer is connected
• Access to audio played on the remote computer
• The ability to submit print jobs using applications and data stored on the remote computer to the local computer's printer
• The ability of the remote computer to access and use devices, such as scanners, connected to ports on the local computer
• Access to a shared clipboard that allows data to be moved between applications running on the local and remote computers

Remote Desktop is based on Windows Terminal Services. It uses the RDP (Remote Desktop Protocol) (version 5.1) to manage communications between the local and remote computer. RDP is a presentation protocol that facilitates communications between a computer running Terminal Server and a client computer running a Terminal Server client.

Remote Desktop lets the users access and use the applications that reside on the remote computer. For example, if users have Microsoft Office installed on their work computers but not on their laptops, they could use Remote Desktop to connect remotely to their desktop computers. They could run Microsoft Word, create and save a letter, and then print a copy of that letter on the laptop's portable printer. During a Remote Desktop session, applications are run on the remote computer. This limits the data sent between the local and remote computers to just mouse and keyboard input and screen output. This minimizes network requirements and helps Remote Desktop operate even over slow dial-up network connections.

In order to establish a Remote Desktop session, the user must be a member of either the administrators group or the Remote Desktop Users group on the computer. It's best to use an account that is a member of the Remote Desktop Users group when connecting remotely, as opposed to connecting using an administrative account. This way, if somebody should compromise the account, that person will be limited to the security permissions applied to that account instead of to an account with full administrative control over the computer. Membership in the Remote Desktop Users group only allows a user to establish a remote connection. It does not provide any specific security permissions to any resources located on the remote computer.