Remote Access - How to connect to a HITS-managed Windows Server or VM


Introduction

Microsoft includes the Remote Desktop Connection application in Windows that allows you to see and control a computer or server remotely.

To remotely log into a Windows server you will need the following:

  • A Windows computer running either Windows 10 Professional or Education editions
    • Note:  Macs can connect to Windows Servers, but they use a different program called "Remote Desktop" from the App Store. 
  • An admin user account (in the form of: umhs-uniquename) that is a member of the Remote Desktop Users group or Administrators group on the server you wish to connect to.
    • To gain membership, send a request to the manager of the application team responsible for the server. They can add you to the appropriate group using the IDM group management tool.
  • The name or IP address of the Windows server you wish to remote to.

Depending on what type of Windows PC you are using (CoreImage or personally owned) and where it is located, your method to connect will change:

  1. Type:  CoreImage PC;  Location:  At Michigan Medicine;  Instructions:  See below.

    Core Image connecting to M. Fleet Wireless connecting to Windows Server


  2. Type:  CoreImage PC;  Location:  Remote;  Instructions:  See below

    Core Image connection through the Internet over VPN connecting to Windows Server on Michigan Medicine network


  3. Type:  Personally owned Windows PC or Mac;  Location:  At Michigan Medicine;  Instructions:  Use Windows Virtual Desktop after connecting to the eduroam wireless network, and then follow the instructions below to use the Remote Desktop Connection application from within a WVD session.

    Personal Device connecting to Microsoft WVD over E.D.U. Roam Wireless connecting to Windows Server


  4. Type:  Personally owned Windows PC or Mac;  Location:  Remote;  Instructions:  Use Windows Virtual Desktop instead of the VPN, and then follow the instructions below to use the Remote Desktop Connection application from within a WVD session
    Personal device connecting over internet to Microsoft WVD connecting to Windows Server on Michigan Medicine network

 

Instructions

For scenarios A and B, use the following instructions.

Scenarios C and D require a Windows Virtual Desktop session before using the following instructions.

 

The Remote Desktop Connection tool comes standard on Windows computers.

  1. If using a CoreImage that is not on-site, launch the Cisco AnyConnect VPN.  (Only applies to Scenario B above)

  2. Type Remote Desktop Connection into the start menu.

  3. Open the application, and in the Computer field enter ServerName.umhs.med.umich.edu (replacing "ServerName" with the ServerName of the target server).


  4. Click Connect.

  5. If presented with the following window, click Connect again.


  6. When the pop up appears asking for your credentials, select More Choices.


  7. Select Use a different account.

  8. Enter the following information in the Windows security window:


    1. In the Username field, enter UMHS\umhs-uniqname (replacing "uniqname" with your uniqname).

    2. In the Password field, enter your privileged SA password aquired from CyberArk PIM Vault.

  9. Click OK.  You will then be connected to the target server and see the normal login screen for the server.

  10. You may be presented with a normal Windows login screen asking for your username and password.  Enter your umhs-uniqname and privileged SA password to complete the login.

  11. You now have access to the remote Windows server as if you were sitting in front of it.