Understanding Remote Administration

Previous page
Table of content
Next page


In this section of the chapter, we explore how you can administer an ISA server or array from a remote location, either using the ISA Management Console on a remote computer or by setting up the ISA server as a Terminal server and connecting to it via the Terminal Server client software. Remote administration allows you to perform management tasks and configure components for your ISA server or array when you are not at the same site as an ISA server computer.

You can connect to the network via a WAN link by dialing in to the remote access server or by connecting across the Internet through a VPN. Once the connection to the local network is established, you can remotely manage a stand-alone ISA server, an array, or the enterprise.

Installing the ISA Management Console

You can install ISA Management on a Windows 2000 Server that is not running ISA Server or on a Windows 2000 Professional computer. This is done as part of the setup process when you run the ISA Server installation CD.

Note

ISA Server or the ISA Management tools can also be installed on computers running Windows XP/Whistler, the next version of the Windows operating system.

When you run the setup program, select Custom installation, and check only the Administration Tools check box, as shown in Figure 24.56.

click to expand
Figure 24.56: To Install ISA Management on a Computer from Which You Want to Administer ISA, Select Custom Installation and Check the Administration Tools Check Box

After you install the Administration tools, ISA Server Management is accessible through the Programs menu on the remote computer. You can then connect to an ISA server or an array that is in the same domain or a domain with which a trust relationship exists.

Managing a Remote Standalone Computer

To manage a stand-alone ISA server remotely, open the ISA Management Console and right-click the root object in the left pane (Internet Security and Acceleration Server). Select Connect To from the context menu, and type the name of the stand-alone server that you want to manage in the box, as shown in Figure 24.57, or click the Browse button to find a computer in the directory.

click to expand
Figure 24.57: To Manage an ISA Server Remotely, You Must First Connect to It

Note

You must be a member of the Administrators or Server Operators group on the remote computer that you want to manage.

After you are successfully connected to the remote ISA server, the ISA objects for that server appear in the management console, and you can administer the server as though you were logged on to it locally.

Remotely Managing an Array or Enterprise

To manage an ISA server that is an array member from a remote location, you must choose to manage the enterprise. In this case, in the Connect To dialog box, select the Connect to enterprise and arrays radio button, as shown in Figure 24.58.

click to expand
Figure 24.58: To Manage an Array Remotely, Choose "Connect to Enterprise and Arrays"

You will be connected to the array and can administer it from the management console as though you were logged on locally to an ISA server belonging to the array.

Using Terminal Services for Remote Management of ISA

Another way to remotely administer your ISA servers and arrays without installing the ISA Management tools on the computer from which you want to manage ISA is to use Windows 2000 Terminal Services.

Windows 2000 Server family products (Server, Advanced Server, and Datacenter Server) include Terminal Services as a Windows component. Terminal Services provide remote access to a server desktop, using thin-client technology that serves as a terminal emulator. Processing is done on the server, so Terminal Services client software can be installed on low-powered machines running older operating systems such as Windows 3.x. With the Citrix MetaFrame client software, you can even connect to a Windows 2000 Terminal server from a machine running MS-DOS, UNIX, or Macintosh.

Terminal Services is the solution for remotely administering your ISA server if you need to do so from machines running these operating systems.

Installing Terminal Services on the ISA Server

Windows 2000 Terminal Services are installed from the Add/Remove Programs applet in Control Panel as a Windows component.

Terminal Server Mode

Terminal Services can be deployed in one of two modes: application server or remote administration. Application server mode is used to provide users a Windows 2000 desktop and applications via "thin-client" computing. By default, when you install Terminal Services, they are deployed in remote administration mode.

You should run Terminal Services in remote administration mode on the ISA server. This does not require Terminal Services client licenses and allows only two concurrent connections to the Terminal server. Additionally, only members of the Administrators group can connect to the Terminal server in remote administration mode.

Terminal Services Server Configuration

You can configure the Terminal server settings, including selection of the mode in which the Terminal Services will run, using the Terminal Services Configuration tool. This tool is installed in the Start | Programs | Administrative Tools menu when you install Terminal Services on the server. See Figure 24.59.

click to expand
Figure 24.59: The Terminal Server Settings Are Configured Via the Terminal Services Configuration Tool

Another tool that is installed with Terminal Services on the server is the Terminal Services Manager, which is used to view and manage client connections to the Terminal server, as shown in Figure 24.60.

click to expand
Figure 24.60: Use the Terminal Services Manager to View and Manage Client Sessions

A Terminal server can be accessed from any other computer on the network running the terminal client software, including dial-in or VPN clients.

Installing Terminal Services Client Software

You can create installation disks containing the Terminal Services client software by running the Terminal Services Client Creator program on the Terminal server. The 16-bit client installation program for Windows 3.x requires four floppy disks; the 32-bit client installation program for Windows 9x/2000 computers requires only two floppy disks.

Run the appropriate client installation program to install the Terminal Services client to the computer(s) from which you want to access the ISA server running Terminal Services.

Creating a Connection Shortcut with the Client Connection Manager

Once the services are installed, you can access the Microsoft Terminal Services Client through the Start | Programs menu. The Client Connection Manager, shown in Figure 24.61, is used to create a new connection to the ISA server/Terminal server.

click to expand
Figure 24.61: Use the Client Connection Manager to Create a Connection to a Terminal Server

To create a new connection to a Terminal server, select File | New Connection. This sequence starts the Client Connection Wizard, which creates a shortcut for connecting to the ISA server/Terminal server. You will be asked to provide a name for the connection and to enter the name or IP address of the Terminal server, as shown in Figure 24.62.

click to expand
Figure 24.62: The Client Connection Wizard Creates a Shortcut to the Terminal Server

The wizard allows you to specify the user account name and password to use in logging on to the server. You can leave this blank if you want and type in the credentials each time you connect. If you enter the information, you will not have to provide it when you log on to a terminal session. You can also choose the screen resolution at which the terminal window should run, or you can elect to have the terminal connection displayed full screen instead of in a window. You can also choose to enable data compression and/or to cache frequently used bitmaps to speed access, and you can specify a program path to run a program automatically when you connect to the Terminal server.

The new connection shortcut will appear in the Client Connection Manager Wizard, and you can connect to the Terminal server by double-clicking it.

Connecting to a Terminal Server with the Terminal Services Client

If you have not created a shortcut to the Terminal server, you can still connect to it, using the Terminal Services Client, also accessed via the Start | Programs | Terminal Services Client menu. The Terminal Services Client is shown in Figure 24.63.


Figure 24.63: You Can Use the Terminal Services Client to Connect to a Terminal Server

You can type a Terminal server name into the Server field, even if you have not created a shortcut connection to it using the Client Connection Manager. You can also use the Terminal Services Client when you want to connect to a Terminal server using a screen resolution or other parameters that are different from those specified in the shortcut connection. Just type in or select the Terminal server to which you want to connect, and click the Connect button.

Using the Terminal Desktop

Once your connection to the Terminal server is established, you will see the server desktop, as shown in Figure 24.64.

click to expand
Figure 24.64: Use the Terminal Server Desktop to Remotely Administer the ISA Server

If the Terminal server is an ISA server, you can now open the ISA Management tool and perform all administrative tasks as you would if you were sitting at the ISA server.


Previous page
Table of content
Next page
The Best Damn Firewall Book Period
The Best Damn Firewall Book Period
ISBN: 1931836906
EAN: 2147483647
Year: 2003
Pages: 240
Authors: Cherie Amon, Thomas W. Shinder, Anne Carasik-Henmi
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Certified Ethical Hacker Exam Prep
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
WebLogic: The Definitive Guide
Sap Bw: a Step By Step Guide for Bw 2.0
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy