Vista remote desktop service

You can view the certificate and it will say it's for "msi-p" and that it's trusted. You're just seeing this warning because the RDP client is comparing the name on the certificate with the name of the computer you're connecting to.

For this example, I was trying to connect to " Since I intended to connect to that IP address or some other publicly resolvable DNS name on the public Internet, and since the certificate was valid, I knew I wasn't being deceived. So I was comfortable clicking Yes to connect anyway.

To avoid seeing this error in the future, I'll need to edit the local host file to map the IP or DNS name to "msi-p" or whatever the name of my machine is. But what if a hacker poses as your server with a made-up certificate? In that case, you'll see the warning shown in Figure AE telling you that not only does the name not match, the certificate isn't even from a trusted certifying authority.

If you see this kind of error when you've already gone through the certificate installation procedure from Figure U to Figure AB, you know someone is trying to dupe you. You should click No and not connect to the server. If you attempt to make the connection anyway, you'll reveal enough of your credentials for the hacker to quickly run a dictionary attack to find your password.

If this seems like a rather complex process just to get no warning signs for an RDP connection, it is--but it's the only practical way to establish a secure and trusted connection. Fortunately, you have to do it only once, and all subsequent connections are secure and hassle free. This level of security using a Public Key Exchange is used to secure e-commerce transactions. On an enterprise level, this entire procedure with GPO settings and digital certificates can actually be automated on both the server and the client side using Active Directory Group Policies, but now you know how it all works.

In a future article, I'll show you how to set up a free dynamic DNS entry that's publicly resolvable and that points to your home dynamic IP broadband service. When everything is secure, we'll trick the client machine into not generating any more warning messages at all. Figure C. Editor's Picks. Otherwise, the connection might be allowed to close when there is no activity from inside your LAN, and you might not be able to connect later.

All Internet connections are established on the basis of a number called an IP address, which is to your Internet connection as your telephone number is to your phone. Your IP address uniquely identifies your computer among all the millions of connected computers worldwide. If you use a shared connection, all your network's computers share one public IP address, much as the phone extensions in an office share one outside telephone number.

The question is, when you're somewhere else, how do you find your computer's IP address so that Remote Desktop can establish a connection to it? It has four sets of numbers separated by periods and looks something like this: This will always be your computer's number. You can simply type this in when using the Remote Desktop client to connect to your computer. However, static addresses are relatively hard to get and usually carry a monthly surcharge; in some cases, ISPs simply cannot or will not provide them.

So although this is worth looking into, it might not be an option. My home ISP is sonic. In most cases, dial-up, DSL, and cable Internet connections use dynamic addressing, in which a different IP address is assigned to you every time you or your router connects to your ISP or, in the case of cable service, whenever your cable modem is reset.

Thus, your computer's IP address can change at any time, and you won't necessarily know what it is when you want to connect from somewhere else. The solution to this problem is to use a free dynamic domain name service DDNS. It has two parts: First, on a DDNS provider's website, you register a host name , a name of your own choice, attached to one of several domain names that the provider makes available.

For example, you might register the host name mycomputer in the domain homedns. Some Internet connection-sharing routers have a DDNS client built in, or you can download and install a software version on your computer.

When this is all set up, you can use the name mycomputer. Many DDNS providers exist, most of which are free services. Here I give you step-by-step instructions for setting up service with dyndns. Now your DDNS service is set up. Your router's setup screen will likely differ from this, but it will generally look something like the one in Figure Figure Type the command ipconfig and press Enter.

Note the gateway address for the local area connection entry, which will be something like Close this window and open Internet Explorer. If your router doesn't have a DDNS client built in, or if you are not using a hardware router, you have to install a software DDNS client to do the job. You want one that doesn't require any manual intervention to get started and that always runs even when nobody is logged on.

This means that you need one that operates as a Windows service rather than as a regular desktop application. Here's how to set it up. If you use Windows Internet Connection Sharing, perform this procedure on the computer that shares its connection with the Internet, whether or not it's the computer that you're enabling for Remote Desktop access. Otherwise, do this on the computer that you're enabling for Remote Desktop access. Follow the wizard's instructions, clicking Next after you fill in any required information on each page.

On the first page, if you have dial-up or DSL service that requires a logon and password and the connection is made directly from your computer , click Dial-Up. If you have cable Internet service or you have a router that establishes the connection for you, select Local Area Network. Now your registered host name will always point to your computer, even when your IP address changes. After a change, it might take up to an hour for the update to occur, but changes should be infrequent.

The last setup step is to make sure that incoming Remote Desktop connections from the Internet make it to the right computer. If your computer connects directly to your cable or DSL modem, you can skip this step. However, if you use Internet Connection Sharing or a connection-sharing router, you have to instruct your sharing computer or router to forward Remote Desktop data through to your computer.

To be precise, you have to set up your sharing computer or router to forward incoming requests on TCP port to the computer you want to reach by Remote Desktop. The procedure depends on whether you are using the Internet Connection Sharing service built into Windows or a hardware-sharing router.

Use one of the procedures described in the next two sections. If you use the built-in Internet Connection Sharing service provided with Windows to share an Internet connection on one computer with the rest of your LAN, the forwarding procedure is pretty straightforward using these steps:. Now you should be able to reach your computer from anywhere on the Internet. If the connection doesn't work, check the "Troubleshooting" section at the end of the chapter for some suggestions.

If you are using a hardware connection-sharing router, setup is a bit more difficult but is worthwhile. First, because your router doesn't know your computers by their names, you have to set up a fixed IP address on the computer that you will be using via Remote Desktop, using these steps:. If you need to set up any other computers with a fixed IP address, use the same procedure but use addresses ending in. Now you have to instruct your router to forward Remote Desktop connections to this computer.

You need to use the router's setup screen to enable its Port Forwarding feature, which some routers call Virtual Server or Applications and Gaming. There you need to enter the fixed IP address that you assigned to your computer and tell the router to forward connections on TCP port to this address. Every router uses a slightly different scheme, but Figure If a range of port numbers is required or external and internal numbers are entered separately, enter in all fields.

To learn more about forwarding network requests on a shared Internet connection, see "Enabling Access with a Sharing Router," p. I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time. Pearson Education, Inc. This content can then be video encoded and sent to the client in encoded format. Personal desktop task agent API reference. The personal desktop task agent API is used to handle scheduled updates to a personal virtual desktop.

About Remote Desktop Services. Remote Desktop Services formerly known as Terminal Services provides functionality similar to a terminal-based, centralized host, or mainframe, environment in which multiple terminals connect to a host computer.

Remote Desktop Management Services Provider. Remote Desktop Services reference. Documentation of property methods that you can use to examine and configure Remote Desktop Services user properties. Remote Desktop Services functions, structures, and Remote Desktop Web Connection scriptable interfaces are also documented. Remote Desktop Services Shortcut Keys.