RWW is installed on the server during SBS Setup, but is not fully configured for Internet access until you complete the \u201cInternet Address Management Wizard\u201d (IAMW). Note:<\/strong> If you are using a 3rd<\/sup> party SSL certificate, you must complete the \u201cAdd A Trusted Certificate Wizard\u201d also. It is installed as the remote<\/em> virtual directory under the SBS Web Applications site, which accepts SSL connections on port 443. By default, the IAMW will add the prefix \u201cremote\u201d to your chosen domain name to distinguish the SBS 2008 in your web presence as the remote user portal. In this case, if you chose contoso.com<\/em> as your domain name, you would access RWW using \u201chttps:\/\/remote.contoso.com\u201d.<\/em><\/p>\n For full access to the RWW feature set from the Internet, you must ensure the following:<\/p>\n From a centralized location, users can launch OWA, connect to an authorized computer, launch CompanyWeb, change their password, and access the built-in corporate links (help for RWW and Outlook Anywhere) or customized links (these links are shared with the Vista Desktop Gadget).<\/p>\n Administrators and users are presented with the same features upon login to the homepage, with the following exceptions:<\/p>\n From the SBS 2008 console, you can perform a variety of management tasks for the website itself. You can access this under \u201cShared Folders and Web Sites\u201d. The various tasks you can perform include:<\/p>\n As it did in SBS 2003, RWW uses forms based authentication, which stores the encrypted credentials from the user\u2019s initial login as a cookie in the web browser. This cookie is used to authenticate further connections to restricted resources inside RWW, such as OWA and CompanyWeb. Only members of the Windows SBS Remote Web Workplace Users security group are allowed to login to RWW. To modify membership for this group, use the SBS 2008 Console:<\/p>\n User Account Properties for RWW Login Rights<\/p>\n When OWA and CompanyWeb are launched in RWW, your browser is connected to either https:\/\/remote.domain.com<\/em>\/owa<\/strong> or https:\/\/remote.domain.com<\/em>:987<\/strong> respectively; where remote.domain.com<\/em> is the domain name that you have configured in the IAMW.<\/em> By default, they open in their own restricted Window with no address or navigation bar, preventing you from navigating to a different site in the same window. You can override this (only in IE 7) on the client machine by opening Tools > Internet Options > General > Tabs > Settings <\/strong>and allowing pop-ups to be opened in a new tab:<\/p>\n When a user clicks \u201cConnect to a computer\u201d, they are presented with a list of computers in which they are authorized to connect to and set as their default. Once they choose a default computer, they will no longer be presented with a list and will connect automatically to their chosen machine. Note: If the user is authorized to only a single machine, a list is not shown and instead will be directly connected to their authorized machine. <\/strong>This is meant to give the Administrator greater control over what machines their users can connect to. This information is defined both on the user account and computer account properties from the SBS 2008 console:<\/p>\n Computer account properties:<\/p>\n Once \u201cCan log on remotely to this computer\u201d is checked, the next group policy refresh will add the user account to the \u201cRemote Desktop Users\u201d local group on the machine. Note: Administrators automatically have the right to remotely connect to any machine in the domain.<\/strong><\/p>\n If you have installed Terminal servers in your domain, you can run into a problem where they will not show up in the list of computers to connect to for standard users. To override this behavior to display all computers in the domain, perform the following:<\/p>\n RWW in SBS 2008 leverages the TSGateway service that is running on the SBS server to perform the remote desktop connection to the chosen machine. Like RWW, TSGateway is fully enabled when the IAMW is completed (\u201cAdd a Trusted Certificate\u201d must also be completed if you are using a 3rd<\/sup> party SSL certificate). This allows remote desktop connections to your domain-joined machines through port 443. This is different from RWW in SBS 2003, where you had to open port 4125 through your firewall.<\/p>\n The following screenshot shows what an RDP connection to TSGateway looks like. We can see that the \u201cGateway server\u201d field is populated with the URL of the server, which is resolvable both externally and internally in DNS. The \u201cRemote computer\u201d field is populated with the internal machine name of the computer that we are connecting to:<\/p>\n You can, in fact, configure the RDP 6.1 client or higher to connect directly through TSGateway without having to first login to RWW. The only difference between this and connecting through RWW is that RWW does this for you automatically. Click on \u201cOptions\u201d > select the \u201cAdvanced\u201d tab > and click on \u201cSettings\u201d under \u201cConnect from Anywhere\u201d to display the TSGateway configuration settings:<\/p>\n Enter in the URL for the SBS 2008 server (which you configured during the IAMW)<\/p>\n\n
Features<\/h4>\n
![\"clip_image002\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image002_thumb.jpg\")
<\/a><\/em><\/p>\n\n
SBS Console Integration<\/h4>\n
\n
![\"clip_image004\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image004_thumb.jpg\")
<\/a><\/p>\nLogin Requirements<\/h4>\n
![\"clip_image006\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image006_thumb.jpg\")
<\/a><\/p>\n![\"clip_image008\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image008_thumb.jpg\")
<\/a><\/p>\nLaunching OWA and CompanyWeb<\/h4>\n
![\"clip_image010\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image010_thumb.jpg\")
<\/a><\/p>\nConnect to a computer<\/h4>\n
![\"clip_image012\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image012_thumb.jpg\")
<\/a><\/p>\n![\"clip_image014\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image014_thumb.jpg\")
<\/a><\/p>\n\n
![\"clip_image016\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image016_thumb.jpg\")
<\/a><\/p>\nTSGateway Integration<\/h4>\n
![\"clip_image018\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image018_thumb.jpg\")
<\/a><\/p>\n![\"clip_image020\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image020_thumb.jpg\")
<\/a><\/p>\n
![\"clip_image022\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image022_thumb.jpg\")
<\/a><\/p>\n![\"clip_image024\"](\"http:\/\/blogs.technet.com\/blogfiles\/sbs\/WindowsLiveWriter\/SBS2008IntroductiontoRemoteWebWorkplace_C5F6\/clip_image024_thumb.jpg\")
<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"