How many times have you or one of your users been at home or on the road and needed to access something on your office PC? Windows XP Professional’s Remote Desktop feature allows you to do anything that you could do on your office desktop from your home PC or from a laptop when you're out of the office. In this article, I will explain the basics on how to configure and use it.
How it works
Although Remote Desktop behaves similarly to Symantec’s pcAnywhere, the technology is actually more similar to Windows 2000’s terminal services. In fact, the remote user uses a terminal server client to access the PC running Windows XP Pro. Because Remote Desktop is built on terminal server technology, the terminal server client is available for a variety of platforms. So although the PC that’s hosting the session must be running Windows XP Pro, the machine that the user is accessing the remote PC from can be running any OS that’s capable of running a terminal server client. In fact, in tests, I was actually able to remotely control a Windows XP Pro machine from a Pocket PC running a thin client.
What about security?
From a security standpoint, the thought of enabling your office PC to connect to another machine can be a pretty scary thought. Fortunately, as I'll explain, you can control who can and can’t log in to your PC. However, once you've enabled Remote Desktop, administrators automatically have permission to access the system remotely.
You may also be concerned about the possibility of someone at the office watching your screen as you work from a remote location. Even worse, what’s to stop someone from waiting until you remotely log in and then hijacking your session? Well, when you remotely connect to the system, the system’s screen is blanked and displays the Press CTRL + ALT + Delete To Login message. So no one can watch you work. And if someone does log on locally to the system during a remote session, the remote session is instantly terminated. However, the fact that local users must enter a logon name and password to log in to the system prevents just anyone from coming along and killing your session.
Enabling Remote Desktop
As a security precaution, Remote Desktop is disabled by default. To enable it, open Control Panel and click Performance And Maintenance | System. Windows will open the System Properties sheet. Select the Remote tab and then select the Allow Users To Connect Remotely To This Computer check box. Any one in the domain Administrators group will now have remote access to the machine.
Next, you must set up who can remotely access the machine. Click the Select Remote Users button and you’ll then see a dialog box similar to the one shown in Figure A.
|You can select which users can remotely control the system.|
In Figure A, you can see that you can click the Add button to add a user, or you may select a user and click the Remove button to revoke access. Notice that the text at the top states that any members of the Administrators group can connect even if they aren’t listed. Click OK twice, and the remote desktop will be active.
Any of the remote users that you specified and anyone from the Administrators group will then be able to remotely access the system. There are still a couple of things missing though. First, there must be a valid network path through which the connection can be made. Typically, this path is established by having the remote user to either dial in to a modem that’s directly connected to the PC or by having the remote user to dial in to an RAS server. Obviously, however, these aren’t the only methods of connecting; you could use any third-party ISP and a VPN connection. Whatever connection method is used, though, relies on both the local and remote systems using the TCP/IP protocol.
Windows XP has many different options you can set to optimize the remote session. I’ll discuss these options in a later article. If your organization uses Windows XP's Remote Desktop on a regular basis, we'd love to hear from you. Post a comment to this article and let us know about your experiences with Remote Desktop.