Windows XP Remote Desktop
February 11, 2002
by Dan DiNicolo
Since I've been spending the last few articles looking at cool new features in Windows XP Professional, I decided to continue this theme by looking at an addition whose time has come - the inclusion of something called Remote Desktop in Windows XP.
If you recall, I looked at a new feature called Remote Assistance in a previous article. Remote Desktop is a completely different feature, though there are a number of similarities. First, Remote Desktop is the equivalent of each Windows XP desktop acting as its own mini Terminal Server. Not enabled by default, this feature allows administrators to control who can access this system remotely using a Remote Desktop Protocol (RDP) session. Now, I'm not necessarily saying that you should give this capability to your users (though you can), but it does make for yet another remote support and control utility. As with traditional Terminal Services, there are a number of different ways in which you can connect to your XP desktops, including standard Win32 and Win16 client software. Beyond these, you also have the option of connecting via a web browser (if the client is running the dreaded IIS). To install the Win32 client, pop in the Windows XP CD and choose Perform additional tasks, and then click Set up Remote Desktop Connection. For the 16-bit client, install the old client from the Windows 2000 CD. To that end, your Windows 2000 client software should work fine.
While Microsoft touts Remote Desktop as a feature to allow users to connect to their work desktops from home, I think you'll agree that most companies will probably avoid this feature. To that end, Remote Desktop capabilities are disabled by default and can only be enabled by someone with administrative privileges. Even after it has been activated, only an Administrator can actually allow users to connect using this technique. Thankfully, normal users cannot give themselves this ability.
When I think of remote desktop, I again think of the ability to connect to a system for the purpose of system administration. Given that XP and 2000 support WMI management, you now have as many options as you could ever want in terms of remotely supporting systems. You can use the MMC to connect remotely, use Remote Assistance to walk users through a problem, and can now connect to the system for the purposes of a terminal session. One important note is that when connecting to the desktop using Remote Desktop, you will create an entirely new session, meaning you will not see the screen of the currently logged on user (exactly like full-blown Terminal Services).
Enabling Remote Desktop is exceptionally simple. Access the System applet in Control Panel or go to the properties of My Computer. The Remote tab allows you to control and enable both Remote Desktop and Remote Assistance, as shown below:
off the 'Allow users to connect remotely to this computer' box enabled
the capability, but not until you add remote users will anyone actually be
able to connect. Clicking the 'Select remote Users' button allows
accounts to be added:
domain users, click the Advanced button which will allow you to search for
A few caveats as always.
First of all, Remote Desktop makes a user's local drives available to
them in their remote session. This is potentially dangerous, as clients
may be able to copy files back and forth between their office and home PC.
If you want to disable this, it can be configured with policies. It also
gives the ability to print remote content to a local printer, another
feature that you'll likely love or hate. If the local printer is
connected to a USB, parallel or serial port, a queue will automatically be
created on the Remote Desktop server.
To allow connections via
a web browser, you will need to make sure that IIS is installed on the
system, and also that the Remote Desktop Web Connection option is
selected, as shown below. Depending on your installation, this may not
have been included, so installing it might be required. For all intents
and purposes, it adds the same capabilities as the Terminal Services Web
you do allow web connections, be sure to disable anonymous access in the
properties of the tsweb folder in Internet Services Manager.
To access the server in
this way, simply open a web browser and access http://computername/tsweb.
them or hate them, Microsoft has added a number of interesting features to
Windows XP that can make administrative management more flexible. To that
end, for every feature added, you also get wonderful new security issues
to deal with. Have fun.