Hi,
I wanted to ask a quick question, we have a network of around 50 machines and around 5 people want to be able to use remote desktop to connect to their office machines from home every now and then. We currently conect through a sonicwall vpn to establish a conection to the network for accesing files externally etc.
I wanted to know if I allow users to remote desktop to their respective machines [ only a few users so we dont need any fancy Virtual solution, i want to use what we currently have ] are we breaking any licensing rules for example with microsoft office [ office 365 clients ] or maybe autodesk or any other large vendors, do they prohibit the use of using their software over RDP ?
- Think you're an IT whiz? Try and ace our quiz!
- MDT problems installing apps and completing TS on physical computer
- Cannot Take Ownership of a File Folder Created by an App Installer
- closed sharing sessions become idle and files locked
- ROM
- CPU
- RAM
- GPU
18 Replies
As far as I'm aware, if a user RDP's from home to a windows 10 machine that they'd normally use in the office then this is fine and not a licence breach. It's only non admins RDP'ing to servers and using them as remote desktops that are a licence breach but I could be wrong.DragonsRulemay know more.
- DragonsRulePure Capsaicin
Gary D Williams wrote:
As far as I'm aware, if a user RDP's from home to a windows 10 machine that they'd normally use in the office then this is fine and not a licence breach. It's only non admins RDP'ing to servers and using them as remote desktops that are a licence breach but I could be wrong.DragonsRulemay know more.
Yep, pretty much as I understand it too.
As long as they are RDP'ing into their regular physical PC this is fine and covered under existing licenses.
You only run into issues where you have users RDP'ing into a server for their work or where you try and turn a desktop OS into a budget RDS server.
Brand Representative for Microsoft
With Windows 10, license-wise, only the single primary user may remotely access his/her PC. Any other user would require Windows SA/Windows VDA.
Office 365 is a user license and Office 2016 VL is a device based license.
Sounds like we will be fine then as it literally is only users accessing their own machines.
Brand Representative for Microsoft
Damjo wrote:
Sounds like we will be fine then as it literally is only users accessing their own machines.
As far as I can tell, yes youre good.
My only concern would be Office... I couldnt tell if your users/devices were licensed with O365 or Office VL.
Damjo wrote:
Sounds like we will be fine then as it literally is only users accessing their own machines.
So far you are good to go. It is good to ask these questions though to make sure you are in the right path.
Under Office 365 licencing you are allowed to install the office suite onto 5 separate devices.So if the are remoting in only to use office, either let them install on their home machine or access the web portal and use the online version
But if they are working from home often, why not supply them a laptop so they can take it with them, why allow non-secure, unmanaged devices to connect to your office at all?
Do you posture validate?
my question was just regarding the legality not change of infrastructure or new kit, thanks for the input though
Rod-IT wrote:
But if they are working from home often, why not supply them a laptop so they can take it with them, why allow non-secure, unmanaged devices to connect to your office at all?
Do you posture validate?
I understood your question, i was simply enquiring as to why they wouldn't have laptops instead.
Its your network, control it how you will, the community isn't just for answers though, sometimes questions can help.
Security is a talking point to all this, besides license issues.
1. AV Security. Can they transfer a virus/malware/crpyto mining from the remote site ??? Think Poisoned/Weaponized documents?
2. IP/Data Security. [ IP = Intellectual Property ]
Best Regards, Michael
M7 Technology Solutions is an IT service provider.
Software use rights vary from software to software so you'll have to read the EULA for each to be certain you are in compliance.
Typically, if your users are signing into their company computer through RDP in order to access software on that computer then licensing is the same as if they were sitting in front of the computer. Licensing gets hairy when it is installed on a shared computer or Terminal Server.
RDP from outside the office isn't secure at all......you are inviting ransomware hackers to your network.
I have opened RDP port on the internet on a network before and hackers kept exploiting it. So I don't even think about it anymore.
Why not use LogMeIn for such purposes
Lolu2650 wrote:
RDP from outside the office isn't secure at all......you are inviting ransomware hackers to your network.
That depends on how you set it up. If you VPN in first there's no issue, for instance.
Autodesk doesn't want you using AutoCAD over remote desktop in general... and it would seem it is to those ends that they do not even allow installation in a VM. May be worth looking into their stipulations.
Some of their license models allow installation on multiple PCs for the same user.
that exactly what we do, i would never rdp directly that just crazy
Rod-IT wrote:
I understood your question, i was simply enquiring as to why they wouldn't have laptops instead.
Its your network, control it how you will, the community isn't just for answers though, sometimes questions can help.
i appreciate that but to expand the reason they dont have laptops is because their machine are around £5000 each, they are extremley high spec. we just dont and would not purchase these types of kit on mobile form hence they just remote from a lesser spec machine into these when needed.
Addendum to Security: Find a good VPN, that is under your control. Think through, an out boarding process, for when it happens. May involve changing the VPN key for everyone else. Changing Password for user, leaves network open still, think that, they may know someone's login.
Regards, Michael
This topic has been locked by an administrator and is no longer open for commenting.
To continue this discussion, please ask a new question.