How to Create a Remote Desktop Server


Remote Desktop is a software application that allows a user to access and control their computer remotely. This can be a huge boost to productivity for companies who want to allow their employees to work from home or while traveling. The three components involved in establishing a Remote Desktop connection are the Client (the computer making the connection), the Server (the computer that is being controlled by a remote user) and the Terminal Services Gateway that acts as a bridge to make the connection between the two computers.

Things You'll Need

  • 2 computers running a current version of Windows (XP, Vista, Server 2003 or Server 2008) (one computer will be used to connect to the other)
  • Proxy server between the Internet and the internal network; in Windows Server 2008, this is referred to as the Terminal Services (TS) Gateway role
  • SSL certificate purchased from a public certificate authority (CA)

Configure the Terminal Services Gateway

  • As shown in the illustration, Remote Desktop Clients use HTTPS to connect to the Terminal Services (TS) Gateway. Therefore, the TS Gateway will need an SSL certificate---purchased from a public certificate authority (CA)---in order to allow the HTTPS connection. This is the same type of certificate used by any e-commerce Web server.

  • Log in to the server that you want to use as the TS Gateway. You must be logged in as an administrator.

  • Open Server Manager, right click on "Roles," and select "Add Role." The "Add Role Wizard" will begin. Click "Next" on the first page to begin.

  • On the Select Server Roles page, select "Terminal Services" and click "Next." On the Terminal Services page, click "Next" again.

  • Select "TS Gateway" on the Role Services page. When prompted, click on "Add Required Role Services," then click "Next."

  • Select the SSL certificate you purchased on the Server Authentication Certificate page, and click "Next."

  • On the Authorization Policies page, choose "Now," then click "Next."

  • Select "Add" on the TS Gateway Users Group page, and then choose the user groups that you want to allow to connect through your TS Gateway. The ideal configuration is to make a new Active Directory security group for all Remote Desktop users who will be connecting to your network from the Internet. Add all authorized users to that group, and then click "Next."

  • Create a name for the Terminal Services Connection Authorization Policy. You will need to choose if you want to allow authentication using passwords, smart cards or both. Then click "Next."

  • Create a name for the Terminal Services Resource Authorization Policy. You will need to choose if you want to allow Remote Desktop Client computers to be able to connect to all computers on your network, or only computers in a specific group. Then click "Next."

  • On the Confirmation page, click "Install." Once the installation is complete, click "Close," and choose "Yes" to restart the computer.

Configure the Remote Desktop Client

  • In order to connect to the Remote Desktop server on the internal network, the client computer must be configured to connect to the IP address of the TS Gateway. To begin, go to the "Start" menu, then choose "Accessories," and "Remote Desktop Connection."

  • Choose the "Options" button in order to display the Remote Desktop Connection settings (see image). Enter in the Remote Desktop server's name or IP address (note that this is not the IP address of the TS Gateway). This will most likely be a private IP address that is not directly reachable.

  • Choose the "Advanced" tab, then choose the "Settings" button. On the Gateway Server Settings dialog box that appears (see image), choose "Use these TS Gateway server settings," type in the TS Gateway server's name---exactly as it appears on the SSL certificate---and choose a logon method.

  • After customizing any other settings that are particular to your network environment, go back to the "General" tab and save your settings to an RDP file by clicking "Save As." To connect to the internal network, the user will need to double click on the RDP file to open it, and they should instantly connect to the Remote Desktop Server.

Configure the Remote Desktop Server

  • In most current versions of Windows, the Remote Desktop Server service is not enabled by default; therefore, if a user wants to connect to a computer remotely, the service will have to be turned on manually. To begin, click on the "Start" button, and then choose "Control Panel." From there, double-click on "System" to open the computer's properties.

  • Click on the "Remote Settings" option in order to open the system properties' "Remote" tab. You will see that the option "Don't allow connections to this computer" is selected by default. Choose either "Allow connections from computers running any version of Remote Desktop (less secure)," or "Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)." Choose the option that is the best fit for your particular network settings.

  • Click on the "Select Users" button to choose all users that will be given remote logon rights in order to remotely access and control the computer.

  • Click "OK" to save the settings.

Tips & Warnings

  • If your computer is running Windows XP Service Pack 1 or Windows Server 2003 Service Pack 1 or 2, you will first need to download and install Terminal Services Client 6.0. It can be downloaded from
  • If you are using either Windows XP Home or Windows Vista Home, this process will not work. Remote Desktop is only authorized for the professional editions of the Windows OS.

Related Searches

Promoted By Zergnet



Related Searches

Check It Out

Geek Vs Geek: Robot battles, hoverboard drag race, and more

Is DIY in your DNA? Become part of our maker community.
Submit Your Work!