IIS 6 Administration
|
|
Another way of remotely administering IIS machines is to use the Remote Desktop feature of Windows Server 2003. On the earlier Windows 2000 Server platform, an optional Terminal Services component could be installed, turning your machine into a terminal server (TS). In Windows 2000, you could configure your TS to run in one of two possible modes:
-
Remote Administration This mode allowed you to remotely manage your TS from any Windows computer running the appropriate Terminal Services client. Remote Administration mode supported up to two concurrent connections from TS clients.
-
Application Server This mode enabled your Terminal Services clients to run Windows applications directly on the TS, offloading some of the processing power and disk space needed on client computers and allowing you to deploy “thin clients” on your network.
Things are different, however, in Windows Server 2003. The new Remote Desktop feature of Windows Server 2003 corresponds to the earlier Remote Administration mode for Terminal Services in Windows 2000 Server, and you don’t need to install Remote Desktop on your Windows Server 2003 because it’s installed automatically by default—-you just have to enable it. Once Remote Desktop is enabled on your .NET Server, you can connect to it from any other Windows Server 2003 on your network (or from any computer having Remote Desktop Connection client software installed on it) and administer your server as if you were sitting at its local console.
Note | If you want to use your Windows Server 2003 machine as a real TS for running applications for clients, however, you still need to install the Terminal Services component of Windows Server 2003 to do so. |
Components of Remote Desktop
The Remote Desktop (RD) feature of Windows Server 2003 has two components, which are both installed by default during Setup (they cannot be deselected). These components are
-
Remote Desktop for Administration (RDA) This is the server-side component of RD and allows client computers to connect to your server to remotely manage the desktop. RDA depends on Terminal Services, a Windows Server 2003 service, as do other features like Remote Assistance (which lets you invite a remote user to take control of your machine to try to fix a problem) and Terminal Services (the full TS component that allows clients to run applications remotely). Note that while Terminal Services the service is installed and started by default on Windows Server 2003 machines, Terminal Services the component (for turning your machine into a terminal server) is not installed by default!
-
Remote Desktop Connection (RDC) This is the client-side component of RD and enables client computers to connect to one Windows Server 2003 machine to manage it by accessing its desktop remotely.
In addition, there is a Remote Desktops MMC console that functions as another client-side component of RD and enables you to simultaneously connect to multiple Windows Server 2003 machines and remotely manage them from a single console window. You can also add the Remote Desktops snap-in to a blank MMC console to create your own custom console for administering Windows Server 2003 remotely.
Tip | Windows XP includes a desktop version of Remote Desktop for Administration, but it’s called Remote Desktop on that platform. |
Enabling Remote Desktop
The first thing you need to do if you want to remotely manage an IIS 6 server using Remote Desktop is to enable RDA on the server. This is straightforward—-just open the System utility in Control Panel on your IIS 6 machine, switch to the Remote tab, and select the check box that says Allow Users To Connect Remotely To This Computer (see Figure 5-11). When you do this, you will be warned that you cannot use RD to log on to a remote machine if your password is blank, and that if you have a firewall you need the RDP port (normally 3389) open to connect to the remote machine. Click OK to close the System utility, and your IIS 6 machine is ready for remote administration!
If you like, you can click Select Remote Users to specify accounts for users allowed to remotely manage this machine. You can also add your own user account and other user accounts to the Remote Desktop Users group on the local machine. To do this, open Computer Management and select the Local Users And Groups node in the console tree. Adding yourself to the Remote Desktop Users group has the effect that you no longer need to log on when you connect to your server remotely using Remote Desktop Connection. If you decide to do this, be sure to add your regular user account to this group, not your Administrator account. Otherwise, you will have to log on to your client computer using your Administrator account, which is not recommended as a security best practice.
Using Remote Desktop Connection
Now go to your client machine and connect to your IIS 6 server, and remotely manage it using Remote Desktop Connection. Start with the simplest case, where the client machine is another computer running Windows Server 2003. Just click Start and select All Programs | Accessories | Communications | and Remote Desktop Connection to open the Remote Desktop Connection dialog box, and type the name (DNS or NetBIOS) or IP address of the computer you want to remotely manage (see Figure 5-12). To configure your connection settings, click Options and modify the settings for connection speed, color depth, and so on. Click Connect when you’re ready to connect to the remote machine.
At this point you may have to enter your credentials to log on to the remote machine, unless you have configured the connection option for automatic logon with your username and password (or added your user account to the Remote Desktop Users group on the remote machine).
After you log on, you are presented with the desktop on the remote machine, and you can manage it as if you were sitting in front of its local console. A connection bar is displayed at the top of the screen, indicating that you are viewing the desktop of a remote machine and displaying the name of the remote machine. The resize buttons on the connection bar also allow you to switch between window mode and full-screen mode for managing the remote server (the default is full-screen mode). With window mode, you can also perform tasks on your local computer while managing the remote machine.
Now it’s time to remotely administer your IIS machine. Click Start | Administrative Tools | Internet Information Services (IIS) to open the IIS Manager console on the remote machine (see Figure 5-13). If the mouse pointer movement seems jerky, that’s because your keyboard, mouse, and monitor commands are being sent over the network to the remote machine using Remote Desktop Protocol (RDP), the underlying protocol behind Terminal Services and Remote Desktop. The overhead of this protocol, the latency of TCP/IP connections, and the speed of your network all affect RDP and result in a responsiveness somewhat less than what you would get if you were sitting at the local console of the remote machine.
Now see if it works. Open the properties sheet for the IIS machine and make a change to its configuration, such as enabling the check box for Direct Metabase Edit. Close the property sheet to apply the change and log off your Remote Desktop session by selecting Start | Windows Security | Log Off | Log Off (if you click the Close gadget on the connection bar or RD session window, you will be disconnected, but any applications you opened will continue to run). The connection bar will disappear and you will be looking at your local computer’s desktop again. Now go to the IIS 6 machine and log on to the local console. Start IIS Manager and confirm that the configuration change you made during your Remote Desktop session has in fact been made.
Note | You can also use Remote Desktop Connection to remotely administer Windows 2000 Server computers that have Terminal Services installed and are running in Remote Administration mode. |
Using the Remote Desktops Console
An alternative way of connecting to an IIS 6 machine using RD is using the Remote Desktops console in Administrative Tools (or by installing the Remote Desktops snap-in in a blank MMC console). Just open this console, right-click the Remote Desktops node, and select Add New Connection (see Figure 5-14). Then specify the name or IP address of the remote computer you want to administer, a friendly name to remember the connection, and the credentials to use to connect, and click OK.
Now expand the Remote Desktops node in the console tree, select the new connection you created, and watch as the console logs on to Terminal Services on the remote machine and displays its desktop within the right-side details pane of the console (see Figure 5-15). Note that the desktop of the remote machine is compressed in this view, and some Start menu items may be difficult to access unless you use smaller icons in the menu. The advantage of performing remote administration this way is that you can connect to several machines remotely using a single console tool (Remote Desktop Connection only supports one remote connection). The disadvantage is that you have a bit less space on the remote desktop to perform administration tasks (although you can configure the details pane to display differently).
Tip | To log off from your remote connection, right-click the connection in the console tree and select Disconnect. To configure the connection and its display properties, right-click it and select Properties. |
Note | You can also use the Remote Desktops console of Windows Server 2003 to remotely administer Windows 2000 Server computers that have Terminal Services installed and running in Remote Administration mode. |
Other Remote Desktop Clients
Remote Desktop Connection is automatically installed on Windows XP Professional machines, and this allows you to use Terminal Services to remotely administer any Windows .NET Server anywhere on your network. Just go to a Windows XP workstation, click Start and All Programs | Accessories | Communications | Remote Desktop Connection to open the Remote Desktop Connection dialog box, and type the name of the computer you want to remotely manage and continue as discussed previously.
You can also install Remote Desktop Connection on any Windows 95, Windows 98, Windows NT 4, and Windows 2000 machine from any machine running Windows Server 2003. Just go to your .NET Server and share the %SystemRoot%\System32\Clients\ Tsclient folder using the share name Tsclient to make the Terminal Services client available to your 32-bit Windows machines. Then go to your 32-bit Windows computer, log on as Administrator, click Start, and select Run. Type \\computer_name\tsclient\ win32\setup.exe, where computer_name is the name of the Windows Server 2003 machines on which you share the \Tsclient folder. Then follow the prompts to install Remote Desktop Connection and access it as for XP.
|
|