Windows XP Remote Desktop, Part 1: Setting Up Home and Office Systems

Windows XP Remote Desktop, Part 1: Setting Up Home and Office Systems

Tuesday, November 20, 2001

By Greg Shultz

(This article was originally published on the 8wire Web site and is reprinted on TheWinWiz with permission.)

If you're a typical IT professional, chances are that when you go home at the end of the day, you've left some perplexing task unfinished with the notion that you'll pick it up again in the morning when you get back to the office. However, many times you'll be sitting at home when all of a sudden the solution pops into your mind plain as day. Do you grab a pen and a paper and write down the solution? Do you jump in the car and go back to the office?

Well, if you're using Windows XP Professional on your office system and XP Pro or Home Edition on your home system, you can connect to your office system from home and take full control of the office system. You'l even have full access to all the resources on your company network.

In this article, I'll introduce you to Windows XP's Remote Desktop feature. I'll then show you how to configure your Windows XP Professional system at the office to run Remote Desktop. I'll also, of course, discuss some of the security issues you need to be concerned with when using Remote Desktop.

The Two Faces of Remote Desktop

Before I get started, it's important that you understand that there are actually two components to Windows XP's Remote Desktop feature - and that only Windows XP Professional comes with both of them.

The first component configures a system to act as a remote host and is simply called Remote Desktop. The second component, called Remote Desktop Connection, configures a system to act as a remote client and allows it to access the remote host. (Therefore, in the scenario I presented in the introduction, you'll use Remote Desktop Connection on your home system to connect to your office system running Remote Desktop.)

It's also important to know that both Windows XP Professional and Home Edition come with the Remote Desktop Connection component. However, only XP Professional comes with the Remote Desktop component. Therefore, only systems running Windows XP Professional can act as remote hosts.

Remote Desktop Fundamentals

Now that you understand the roles these two Remote Desktop components play, let's take a brief look at the inner workings of the Remote Desktop feature. First, Windows XP's Remote Desktop feature is based on Microsoft's Terminal Services technology and uses the Remote Desktop Protocol (RDP) to allow a client to connect to a remote host. Under RDP, which works across a TCP/IP connection, the client system is allowed to send keyboard and mouse input to the remote host to run applications located on the host system. The host system then uses RDP to send screen and audio information back to the client system.

In addition to input and output data transmission, RDP allows the sharing of certain resources between the client and remote host systems. For example, you can copy files back and forth between the client and host. You can also use the Clipboard to cut, copy, and paste information between applications running on the remote host and the client system.

Furthermore, any devices connected to the serial and parallel ports on the client system are accessible to applications running on the host system. For example, a word processing program running on the host system can print to a printer attached to the client system. (I'll discuss the configuration of these resource-sharing features in more detail in Part 2 of this series.)

Security Concerns

When you're connecting to your office system from your home system with Remote Desktop, there are some security issues you should be concerned with. First, since Remote Desktop uses RDP to allow a client to connect to a remote host across any TCP/IP connection, you can use any number of connectivity options, such as dial-up or the Internet, to access your office system.

In fact, it's possible to configure Remote Desktop such that on your home system you simply connect to your Internet Service Provider (ISP), launch Remote Desktop Connection, type in the IP address of your office computer, and establish a connection. However, because Remote Desktop is based on Terminal Services technology, which uses TCP port 3389 to allow communication between the client and the remote host, you'd have to open that port on both your home and office firewalls to allow this type of connection.

Since this could be considered a breach of security, you're better off using a more secure method of accessing your office system, such as a dial-up remote access server (RAS) or a virtual private network (VPN) connection. (Coverage of these connectivity technologies is beyond the scope of this article, but you can find many articles covering these topics on the Internet - just go to your favorite Search engine site and use the keywords RAS or VPN.)

Another important security factor you'll want to take into consideration is the logon password assigned to your office computer. You really should use a strong password made up of at least seven characters that consists of letters, numbers, and symbols. Furthermore, your password shouldn't contain your name or any common word. (For more information on strong passwords, search the Windows XP Help and Support Center for the keywords "strong password".)

Another way to enhance security is to not have Remote Desktop save your password with the rest of your connection information on your home system. When you opt not to save your password, you'll see a regular Log On To Windows dialog box when you connect to your office system and will have to manually log on before you can gain access to the system. This will prevent unauthorized users from using your home system to connect to your office system. (I'll discuss this password security feature in more detail when I discuss configuring your home system as a client in Part 2.)

Before we move on, it's important to point out another important security feature that Windows XP's Remote Desktop enables by default: remote sessions are encrypted at the highest possible level of security. This means that data sent back and forth between the client and remote host uses 128-bit encryption, which is the most secure form of encryption used for Internet connections.

Configuring the Host System

Configuring the Windows XP Professional system that will be acting as the host is really a simple procedure. However, keep in mind that you must be logged on to the system as an administrator or be a member of the administrators group to activate the Remote Desktop feature.

To begin, you'll access the System Properties dialog box. The quickest way to do so is to open the Start menu, right-click the My Computer icon, and select Properties from the context menu. Once you see the System Properties dialog box, click the Remote tab. Then select the "Allow Users To Connect Remotely To This Computer" check box, as shown in Figure 1.

Figure 1: Enable the Remote Desktop hosting component on the Remote tab of the System Properties dialog box.

As the user of this computer, you're automatically set up with a remote user account. Therefore, there's no need to use the Remote Desktop Users tool, accessible via the Select Remote Users button, to add a remote user account for yourself. You can verify this by clicking the Select Remote Users button to display the Remote Desktop Users dialog box. When the dialog box appears, you'll see your account name right below the list box, as shown in Figure 2.

Figure 2: By default, you are automatically set up with a remote user account.

This means you'll use the same user name and password to connect to your computer remotely as you would if you were physically sitting at your computer. More on this later.

The configuration of the host system is a one-time deal - you set it and forget it. However, before you head home for the day, you'll need to leave the system up and running; you'll probably want to log off to prevent an intruder from accessing your system. To do so, just click the Start button and select the Log Off button.

Accounting for Power Saving Features

If your office system is configured to go into Standby mode after a period of inactivity, you'll need to take that into account when using the Remote Desktop feature. If you have a network card and motherboard that support the Wake-on-LAN power management feature, you'll need to activate that feature. If your network card and motherboard don't support Wake-on-LAN, you'll need to disable Standby mode.

To activate the Wake-on-LAN feature, open the Start menu, right-click the My Network Places icon, and select Properties from the context menu. Once you see the Network Connections window, right-click the Local Area Connection icon and select Properties from the context menu. In the Local Area Connection Properties dialog box, click the Configure button right below the network card identification panel. Then, in the network card properties dialog box, choose the Power Management tab and select the "Allow This Device To Bring The Computer Out Of Standby" check box, as shown in Figure 3. Then click OK.

Figure 3: If your system is configured to go into Standby mode after a period of inactivity, you'll want to enable the Wake-On-LAN feature.

Using Windows XP's Remote Desktop feature can be a real lifesaver when you need to be able to access applications or data on your office computer from home or from the road with your laptop. In Part 2 of this article, I'll show you how to configure the client portion of Remote Desktop on your home system and then show you how a Remote Desktop session works.