Sunday, August 10, 2008

Mobility, Remote Access in SBS 2003

Good day to you loyal readers! I am posting up a few pages a day from my book Windows Small Business Server 2003 Best PRactices (purple book) and today we start Chapter 8 on Mobility and Remote Access in SBS.


Harry Brlesford | CEO at SMB Nation |

Microsoft Small Business Specialist (SBSC), MBA CNE MCT MCSE and much more :)

check out our big fall conference in seattle in early october!!!! SBS 2008 and EBS 2008 launch party...


Chapter 8 Mobility and Remote Connectivity

Something that is huge in SBS 2003 is the emphasis on mobile computing or mobility. Such emphasis is well founded. Why? Because it’s mobile computing that’s almost single-handedly leading us out of the early 21st century “tech wreck” that followed the late 1990s boom in the dot-com and Y2K eras. Read for yourself in the article titled “PC Shipments Rise 15 Percent, Driven By Notebook Sales” (W. David Gardner, CRN, news/tech/45278.asp) and “Study: Notebook Sales Surpass Desktops In Retail Market” (Edward F. Moltzen, CRN, tech/43012.asp). I think you’ll agree that the evidence is proof positive that the era of the mobile worker has arrived. And the SBS development team is spot-on for recognizing the application of this trend in the small business space and making mobility a huge part of SBS 2003. This chapter reflects that mobility paradigm as it’s implemented in SBS 2003. A special emphasis is placed on Remote Web Workplace (RWW), which will start the chapter and move into exploring Outlook Web Access, Outlook Mobile Access, remote use of full Outlook, and VPN connectivity. Along the way, I’ll weave in the Springer Spaniels Limited (SPRINGERS) methodology and toss a few best practices your way.

Mobility and SBS 2003 Sizzle

Starting in early July 2003, you, I, and everyone else were allowed to start playing with SBS 2003 (in its release candidate form). I built a few machines with SBS 2003 (including virtual machines running VMWare that I discuss in Appendix D) and started giving public speeches and demonstrations to clients. Something that sparked my audiences was the sizzle surrounding mobility. My prize client, a real estate company, approved the upgrade to SBS 2003 on the

Visit for the latest updates for any Microsoft product.

spot after seeing only a few screenshots of Remote Web Workplace. The company owner, having just opened a new office in Phoenix, Arizona, (the main office is in Bellevue, Washington), was impressed by the simplicity of RWW. Similar reactions have been observed when people first see the mobility components of SBS 2003. See let’s move on and take a look.

What You Already Know About RemoteConnectivity

Go easy on yourself, mate! You’re completed just over 50 percent of this book and you probably are stronger in SBS 2003 than you’re willing to admit. So take a bow and kindly accept my virtual honor bow directed your way. You’ve already been configuring the remote components in SBS 2003 as per the following list.

• Windows Configuration during SBS 2003 setup. Peek back to Figures 3-18 and 3-19 and recall the early part of the Microsoft Windows Small Business Server Setup wizard. It was here that critical networking com­ponents facilitating mobility in SBS 2003 were laid down. An example is the implementation of the Remote and Routing Access Service (RRAS) . Figure 3-20 in the setup chapter displays more mobility stuff that is occurring, including the installation of remote client connectiv­ity components which will be used later.

BEST PRACTICE: By the way, now is as good of time to have a little chat about Texas terminology as any. While I refer throughout the book to the EICW, the folks at Microsoft in Redmond prefer to use the ten dollar acronym version and call it the CEICW for Configure E-mail and Internet Connection Wizard. That’s just too much for me to pronounce, but we’re talking about the same thing. To each her own!

• Remote Access Wizard. Revisit Figures 4-19 and 4-20 to see the short but sweet Remote Access Wizard in action. It was here you configured the server-side VPN settings. VPN connectivity is discussed a tad later in this chapter.

BEST PRACTICE: Remember that you can rerun the EICW and the Remote Access Wizard again and again. You’re not locked into a “mistake” if, after reading this chapter and working with the mobility and remote access capabilities of SBS 2003, you decide you might try something different in the real world. One example of a change you might make is to re-rerun the Remote Access Wizard to allow direct dial-in access, because you have since added a modem to the SBS server machine (said modem wasn’t present when you created the SBS server machine). This dial-in setting was revealed back on Figure 4-19.

• Add User Wizard/Set Up Computer Wizard. You should certainly know these wizards by now and readily recall that you had a few mo­bility and interaction points. First, some users you have created may have been set up with the way cool Mobile User Template (although in the SPRINGERS methodology, you set up simple users and power us­

ers - read the BEST PRACTICE below).

Note when the user will add a user member of the RWW group (which includes all templates by default), you receive a welcome message that describes RWW. You also have the election to deploy the Connection Manager VPN package to clients during the client computer setup (Con­nection Manager is discussed in a different section later in the chapter).

• Remote Assistance. You may have already explored a tad and discov­ered client-side capabilities such as Windows XP Professional’s Remote Assistance capability. This is the “cry for help” button that users can push to ping you and have you take over their desktop in a “PCAnywhere-like manner” to solve their problem. I discuss PCAnywhere later in the chapter.

Mind if a little advanced Remote Assistance (Windows XP Pro) discussion is interjected here? Remote Assistance uses Remote Desktop Protocol (RDP). Windows Messenger sets up the remote assistance session using the server-based session invite logic. Because of this, there is an issue with NAT addresses. So Remote Assistance includes additional logic to deal with the NAT scenario.

Visit for the latest updates for any Microsoft product.

This logic simply tries to complete the TCP connection from both clients. This way, if one of the clients is behind a NAT, the connection can still be created and remote assistance occurs. If both clients are behind a NAT, the connection will not be established. You can read more on this issue with three TechNet KBase articles: Q301527, Q301528, Q301529.

BEST PRACTICE: Fear not if you’ve set up users via the simple User Template back in Chapter 4 and you want these users to take advantage of the cool mobility features at a later date. There is a way to elevate the privileges for these users. See the discussion in Chapter 11 about the Change User Permissions Wizard (you’ll use this as part of the SPRINGERS methodology).

1 comment:

Anonymous said...

Can anyone recommend the top Patch Management software for a small IT service company like mine? Does anyone use or How do they compare to these guys I found recently: N-able N-central automated deployment
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!