Announcement

Collapse
No announcement yet.

Homeworking project

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Homeworking project

    Hey guys

    I have been asked to start a project where some of our emploees is going to be able to work from their home.
    We run a callcentre-business and use both PC and phones ofcourse.

    I can give the users their own laptop and I think we will use a softphone-solution for the speech.

    But for now I want to focus on the PC part of the project.

    My question is:

    1.
    Can I setup a 2008 server with terminal services and have the users connect to this via RDP and meet only a limited desktop that shows only the programs I give them access to?
    I dont want the users to be able to use anything on the terminal server other than the programs I give them access to.

    I have not used terminal services very much before so keep it basic if possible


    2.
    Any suggestions as to how I can limit the laptops the users get also?
    I have thought about a basic boot from a USB-stick for example... but I dont know what will work best.
    The laptop will need to run a VPN-client to connect to our server, a soundcard driver so the softphone will work and a RDP-client for the terminal server.

    Tnx.

    -Petter
    Greetings from
    Petter C.
    Norway

  • #2
    Re: Homeworking project

    1) yes you can. And even further, you do not need to make the desktop available to the user. Meaning, that you can provide on the application to the server by RDP.

    2) Yes you can, but why invest on all of this? Provide them with a thin client. The most of the thin client have a basic operating system that provides internet. Which is enough to provide access to the application.

    http://www.igel.com/

    These thinclients support SmartCard authentication.

    Windows Server 2008 has some serious modification in terms of terminal services and providing secure access to these applications. Read up on Windows Server 2008 terminal services:
    http://www.microsoft.com/windowsserv...-features.aspx
    [Powershell]
    Start-DayDream
    Set-Location Malibu Beach
    Get-Drink
    Lay-Back
    Start-Sleep
    ....
    Wake-Up!
    Resume-Service
    Write-Warning
    [/Powershell]

    BLOG: Therealshrimp.blogspot.com

    Comment


    • #3
      Re: Homeworking project

      The reason I want to give them laptops is that I want to provide the entire hardware in one package if you know what I mean... Computer, monitor, keyboard and mouse...

      However... I will check solutions for the hardware when we get this far... for now I want to make the RDP-sessions work the way I want it to.

      Any tips to how I can provide the users with only the programs I want, no access to the startmeny for example... and any other useful tips

      -Petter
      Greetings from
      Petter C.
      Norway

      Comment


      • #4
        Re: Homeworking project

        Software restriction Policies.
        Can be applied by group policy to your terminal servers.
        If you are going to provide a desktop. Customize the default user profile, in which you customize the desktop and start menu.

        Other settings that you might need to consider is hiding the drives of the Terminal Server (can also be done by policy).

        If you only provide access tgo the application itself, you do not need to modify the default user profile.
        [Powershell]
        Start-DayDream
        Set-Location Malibu Beach
        Get-Drink
        Lay-Back
        Start-Sleep
        ....
        Wake-Up!
        Resume-Service
        Write-Warning
        [/Powershell]

        BLOG: Therealshrimp.blogspot.com

        Comment


        • #5
          Re: Homeworking project

          You could look into mobile thin clients. Examples include HP's models from their acquisition of Neoware and WYSE's X series mobile thin clients. However, the appearance of a laptop might confuse people as to why they can't use it exactly like a laptop. Maybe you'd want to consider a more traditional looking thin client but with the monitor built in such as the HP e370 or a Planar network display thin client.
          Wesley David
          LinkedIn | Careers 2.0
          -------------------------------
          Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
          Vendor Neutral Certifications: CWNA
          Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
          Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

          Comment


          • #6
            Re: Homeworking project

            Originally posted by torcar View Post
            Can I setup a 2008 server with terminal services and have the users connect to this via RDP and meet only a limited desktop that shows only the programs I give them access to?
            Simple answer, no. SBS only allows administrators to connect via remote desktop, and the number of connections is limited. You *can* setup a Windows XP / Vista client on the network for the user to RDP into once they connect through VPN.

            Complex answer, yes, if you get SBS 2008 Premium edition. This includes a licence for Server 2008 Standard to install on a member server, which can be setup as a Terminal Server.

            Please use
            Gareth Howells

            BSc (Hons), MBCS, MCP, MCDST, ICCE

            Any advice is given in good faith and without warranty.

            Please give reputation points if somebody has helped you.

            "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

            "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

            Comment


            • #7
              Re: Homeworking project

              Originally posted by gforceindustries View Post
              Simple answer, no. SBS only allows administrators to connect via remote desktop, and the number of connections is limited. You *can* setup a Windows XP / Vista client on the network for the user to RDP into once they connect through VPN.

              Complex answer, yes, if you get SBS 2008 Premium edition. This includes a licence for Server 2008 Standard to install on a member server, which can be setup as a Terminal Server.

              Please use
              ????? Where is SBS mentioned earlier? Did I missed something?
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: Homeworking project

                My bad...

                In that case, yes you can setup Terminal Services for standard users to connect, but I would strongly recommend against letting them RDC into a domain controller.
                Gareth Howells

                BSc (Hons), MBCS, MCP, MCDST, ICCE

                Any advice is given in good faith and without warranty.

                Please give reputation points if somebody has helped you.

                "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

                "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

                Comment


                • #9
                  Re: Homeworking project

                  My question is:

                  1.
                  Can I setup a 2008 server with terminal services and have the users connect to this via RDP and meet only a limited desktop that shows only the programs I give them access to?
                  I dont want the users to be able to use anything on the terminal server other than the programs I give them access to.

                  I have not used terminal services very much before so keep it basic if possible
                  Yep, sure, its called a locked down policy.

                  http://support.microsoft.com/kb/278295

                  The article is on windows 2000 & 2003 servers, but its the same process on 2008. Your DC is probably on another server that is using 2003 anyway.

                  Get it worrking on the LAN first before you try getting it working over the WAN.

                  Create a new folder on some drive & put a shortcut to all the apps you want these new users to see & then use this:

                  http://www.computerperformance.co.uk...r_redirect.htm

                  Personaly, I only use the redirect Start menu option.

                  2.
                  Any suggestions as to how I can limit the laptops the users get also?
                  Regardless of whether the users is logging in from a Thin client, Laptop, desktop or server, the user will be typing in their username to authenticate & you will have them all in this new organizational unit with a locked down environment. They will all see the same desktop & start menu.

                  Get it working at your office first though before you think about WAN side of things, as you have a few things to get right first if you havnt done this before.

                  Comment

                  Working...
                  X