A Network Attached Windows Box?

Richard Weidmann asks: "Can a Windows box be attached to a local network as freely available resource? I use Mac OS X and Linux but sometimes it is simply convenient to have a Windows computer to do some specific task or run some specific program. I would like to run my Windows computer headless in the network in such a fashion that I can access it easily from the other computers such that: VLC is started, so I see the Windows desktop; the home directory of my current machine is mounted on the Windows box; and my local optical drive can be read from the Windows machine. Has anybody seen such a setup or project?"

VNC?

[Drantin]

VLC is a Video Lan Client

while

VNC is Virtual Network Computing

Re:VNC?

[who+what+why]

VNC is the way to go. Install either tightvnc or Real VNC, configured as an NT service, and set the password. Now you can use most desktops apps through VNC (don't bother with anything video related though, although I've never tried that on giga-ethernet).

For network shares, I use Samba on linux. Click through the "My Network Places" tree to find your linux box, select the share you wish to mount and then right-click to select "Map as Network Drive", and you will be automatically connected at boot to the share.

As for optical drive, I guess Samba is the way to go there as well.

To be honest, I agree with the comments below that point out that you have already answered your over-obvious question in the asking... use VNC and Samba.

Terminal Services

[CosmicDreams]

I believe this is what Terminal Services is designed for. If you are fortunate enough to have a terminal Serivices Server around you could also configure your home directory and things like that. For an El Cheapo version of this Find a Windows XP machine and turn desktop sharing on.

The only downside to using the XP machine instead of the TS Server is that it seems to limit you to one connection at a time.

Re:Terminal Services

[ka9dgx]

You could configure it as a stand-alone Windows 2000 Server, turning on Terminal Services in "remote administration" mode (doesn't require a TS license, but does require the Administrator account to login) and give out the administrator password for people to log in with. (Its a windows box, how much does it really matter?) Then you can log in from wherever, do whatever WinApp you need to do, and keep the rest of your network for other OSs.

Remove the "default gateway" from its IP configuration to keep it from seeing the internet, if you want to lock it down a little bit.

--Mike--

Am I missing something?

[pardey]

VNC and Samba should do the trick. Robin

Re:Am I missing something?

[GiMP]

FUD. You can do anything to a samba share that you can do on a share hosted by a Windows box.

Remote Desktop

[Chester+K]

Windows XP and higher support Remote Drive Sharing and Remote Sound over a regular Remote Desktop connection. Windows 2000 and below support Remote Desktop (well, the same protocol, but it's Terminal Services), but don't support the drive sharing or sound forwarding.

Re:Remote Desktop

[Whatchamacallit]

Actually, this works quite well for me. There is a Remote Desktop Client for Mac OS X available at http://microsoft.com/mac - other products - Remote Desktop Connection for Mac.

It comes down to what you use more often, the Mac or the Linux box. If the Mac is your main workstation then you should have no problems if you run WinXP Pro on the PC and use the Remote Desktop client for the Mac.

My main workstation is a Dual PowerMac G5 w/Dual Apple 17" Studio displays. Secondary machine is a PowerBook G4. I also have a Sun Blade 100 and 3 Linux boxes as well. Then there is the fiance's Sony Vaio desktop. I use RDC to connect to the WinXP Pro box. I simply ssh into the Linux and Sun boxes or forward X11 windows.

You will need WinXP Pro as the Home version does not include Remote Desktop abilities.

you need Citrix

[stonebeat.org]

I think what you need is Citrix. It lets you access your drives as local drive, among other things.

VPC

[cybermace5]

You have a Macintosh. Get Virtual PC, foo'. That's all there is to it. It works.

Some options:

[cornice]

This has been done before. Try:

Wine if you just want a few Windows apps on your PC.
Win4Lin if you really want Windows on your PC.
VMWare if you want XP on your PC.
TightVNC if you want to access a Windows box from another box.
Samba if you want to share your drives back to your Windows box.

Tarantella does all this

[Kevin+Burtch]

Try Tarantella, made by the folks who USED to be called SCO (the ones who sold the name to Caldera).

This product is much like Citrix, but _much_ easier to administer and requires zero software be loaded on the machines the display is coming from or the ones the display is being forwarded to.
Oh, and it runs on Solaris or Linux!

The client uses any Java capable web-browser... can't get any simpler than that.

You will still need the MS-Windows box to actually run the apps on and provide the display, etc.

Tarantella will not only provide access to your local drives, but also your printers (configurable for security).

The data is also encrypted, so it's safe to use this as a remote-access method via the internet.

http://www.tarantella.com/

As a disclaimer, I should mention that I not only use this at work for remote access, but I work for a Tarantella reseller.
With this in mind, note that I'm pointing you to Tarantella's site, not the company I work for (we won't see any profit if you get it from someone else).
I just happen to like the product better than its alternatives.

We have such a setup

[mnmn]

Yes sir. It is called Terminal Services (read: Citrix) and thats how half of our company functions. We even have an awesome 3.2GHz Xeon dual-cpu hyperthreaded xSeries 235 with 6 RAIDED disks, serving many applications to many users as a test server. Looks like we can linearly scale the server's power with the number of users, until the requirements give in and we switch to Sun.

Terminal Services come with Windows 2000 Server, but I believe can be seperately installed with Windows2000 pro.

Note also many hosting providers are offering dedicated servers accessible by PC Anywhere.

Re:VNC is encrypted

[DA-MAN]

However, it doesn't sound like this is the case. It sounds like the asker will be using this system lightly to moderately, over a local network. Therefore, can you justify this:

WinConnect Server XP can be purchased for US $299.95 for a three user license.

Even if it's only $100 for one user, for the kind of use he implies, that money could be better spent. VNC (and ssh---yes, even through Cygwin---if necessary) sounds just right; RD would be overkill.

XP doesn't need WinConnect Server XP to do Remote Desktop. For a single user XP works fine with RD and since it will be headless it shouldn't be a problem whatsoever.

RD on a single user XP machine is probably the best solution.

I brought up WinConnect in reply to a user two parent posts up, who had said that if you wanted more than one user you have to get Win2k w/ a Terminal Services license. My point was, you don't.

IPSec on same subnet

[smcv]

I don't even think IPSec allows for you to communicate with machines on the same LAN on the same Subnet.

I don't know about the Windows implementation, but KAME (the *BSD IPSec stack, also used in Mac OS X, Linux 2.6 and Debian's patched Linux 2.4) looks as though it will do that fine.

Set up a policy for all traffic from anywhere to your Windows box, and vice versa, to have mandatory encryption in tunnel mode.

You will then need to to set up more specific policies for UDP port 500 (isakmp), and for protocols 50 (esp) and 51 (ah), to avoid trying to apply IPSec to them, since they're what IPSec itself uses (if you don't de-restrict these, you have a chicken and egg problem). You may also want to allow non-IPSec'ed DNS, or ssh, or whatever

Totally untested configuration (you may need to reverse the order of the lines):

#!/usr/bin/setkey -f
# This config is for the restricted box
# On the gateway, exchange the "in" and "out" keywords
flush;
spdflush;

# IPSec gateway is 192.168.0.1
# Restricted box is 192.168.0.2

# ISAKMP over UDP
spdadd 192.168.0.1[500] 192.168.0.2[500] udp -P in none;
spdadd 192.168.0.2[500] 192.168.0.1[500] udp -P out none;

# Encrypted IPSec data
spdadd 192.168.0.1 192.168.0.2 esp -P in none;
spdadd 192.168.0.2 192.168.0.1 esp -P out none;

# "Signed" IPSec data
spdadd 192.168.0.1 192.168.0.2 ah -P in none;
spdadd 192.168.0.2 192.168.0.1 ah -P out none;

# Everything else
spdadd 192.168.0.2 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.0.2-192.168.0.1/require;
spdad d 0.0.0.0/0 192.168.0.2 any -P in ipsec esp/tunnel/192.168.0.1-192.168.0.2/require;

Why not use DMX?

[TheScienceKid]

Since you don't have any more free slots, why not set up an older machine with a NIC and a few matrox graphics cards (I bet you could fit a GigE card and five triple-head parhelia cards in there.... just need to win the irish lottery now, eh?) and use DMX to distribute your display over 18 (that's your 3 + 15) screens? It'd be a pain scrolling slashdot though ;)

So, here's that url...

http://dmx.sourceforge.net/

...but don't answer yet... just look what else you get...

Dynamic MAXSCREENS

Regards,
TheScienceKid

RealVNC

[theobscurest]

I use RealVNC and find it works great for me as a system administrator. I don't have any headless clients, but it has other uses..

My primary domain server lost the keyboard port a while back, but I was able to get it working again via the mouse port, obviously losing the mouse. So instead, I use RealVNC to work on this server..

Also somewhat unrelated, one of my other domain servers is located about an hour's drive away at another site, and I have found it extremely useful to be able to login remotely to add users, check the DHCP leases, etc.., without having to drive all of the way down there to do a 5 minute task.

RealVNC has some minor glitches you have to work through/figure out, but overall it's extremely easy to set up and use, and is one of the handiest utilities I've found in a while. I believe it works for UNIX too (which could have some great uses as well), but I am just using it for Win now..