Setting UP RDP
the phone or fix the problem on-site. A third option is to use Remote Desktop to fix the problem from a distance. This tip details how to set up and establish a remote session for Exchange Server 2003 or Exchange Server 2007 administration using the Remote Desktop Protocol (RDP).
Setting up the Remote Desktop Protocol
The Remote Desktop lets administrators use the Remote Desktop Protocol to control an Exchange Server at a distance using a terminal service session. The benefit of the Remote Desktop is that it doesn't require you to purchase any special licenses, unlike a full-scale Terminal Server environment.
To set up the Remote Desktop:
- Right click on Computer in the Start menu.
- Go to Properties to view the System Properties sheet.
- Select the Remote tab, and then the Enable Remote Desktop checkbox, as shown in Figure A.
Figure A. Select the Enable Remote Desktop checkbox to allow remote administration.
You now can select remote users. By default, members of the Administrators group can remotely administer the server, whether or not you add them to the list of remote users. This button enables you to give other users remote access to the server - but this is not advised.
There are two caveats that you must be aware of when using the Remote Desktop to manage an Exchange Server environment.
- Remote Desktop uses RDP, which is the same protocol that Windows Terminal Services uses. Therefore, you must configure your firewall to allow traffic to pass through port 3389.
- While this is undocumented, it seems that Exchange 2007 contains a bug related to Remote Desktop. In my lab, I can connect to the Exchange Server using Remote Desktop, but cannot use the Exchange Management Console. Fortunately, this problem seems to have been corrected in Exchange Server Service Pack 1 (SP1).
Establishing a Remote Desktop session
The most common method to establish a Remote Desktop session is by creating a connection. The exact method to do this varies, depending on the version of Windows in use.
In Windows Vista, there is a Remote Desktop Connection option available on the Start -> All Programs -> Accessories menu. Setting up a Remote Desktop connection through Windows Vista or XP is an intuitive process. For steps to establish a Remote Desktop connection on Windows Server 2003, read How to manage Exchange Server remotely on Windows 2003.
If the Exchange server that you want to administer remotely has Internet Information Services (IIS) installed, you can establish a Remote Desktop session using a Web browser. To install IIS's remote administration component:
- Open the Add/Remove Programs applet found on the Control Panel.
- Click on Add/Remove Windows Components.
- When the list of Windows components appears, select Application Server and click Details.
- Windows will display a list of Application Server components. Choose the IIS option and click on Details.
- You will see a list of IIS-related components. Select the World Wide Web Service checkbox to enable all of its sub-components.
- Click OK until all dialog boxes close. When you reach the Windows Components wizard screen, click Next and follow the prompts to install the components that you have selected.
You have installed all of the necessary components to administer your Exchange server remotely. Before establishing a connection, let's focus on security. Making a server remotely accessible using a Web browser can be risky if you don't take the necessary precautions. Therefore, I recommend installing a Secure Sockets Layer (SSL) certificate and requiring that the connection be encrypted.
I also recommend limiting access to the administrative console based on IP address. The best advice is to consider the implications of providing remote administration using a Web browser, and implement your security settings accordingly.
IIS uses some non-standard port numbers for the administrative Web site. You can access the site via HTTP over port 8099. The site is configured to use port number 8098 for SSL traffic. You can access the administrative Web site through:
Upon doing so, you will be prompted to enter a set of authentication credentials, and will be taken to the administrative Web site. The Remote Desktop link is located on the Maintenance tab, as shown in Figure B.
Figure B. You can establish a Remote Desktop session directly using the administrative console.
Most administrators prefer to connect to a Remote Desktop session directly through Windows, rather than use IIS. But IIS is a good alternative if you need to manage your Exchange server remotely from a machine running a non-Windows operating system or an older version of Windows.