Access and Availability

Two rights groups (R groups) are provided for each managed Windows server for independent administration:

• R-MW-Computer-{Server name}-LocalAdmin
  Members of this group are added to the local “Administrators” group on the server and thus have full administrative rights on the server. This automatically includes the right to log on to this server via RDP.
• R-MW-Computer-{Server name}-RemoteLogin
  Members of this group are granted the right to log on to this server via Remote Desktop Connection (RDP).

Since user IDs cannot be assigned directly to these rights groups, you can either add your own existing user groups (O groups) or use these additionally provided and already linked user groups:

• O-MW-Computer-{ServerName}-LocalAdmin
  This group is a member of R-MW-Computer-{server name}-LocalAdministrate
• O-MW-Computer-{server name}-RemoteDesktopUser
  This group is a member of R-MW-Computer-{server name}-RemoteLogin

All groups can be maintained using the RRZ group management tool (direct link to the tool). There you will also find an explanation of user and rights groups.

Accessibility

Each managed Windows server can be accessed from the UHH network via Remote Desktop Connection (RDP).

If additional services are operated or provided on the server, an activation in the firewall must be requested for each service. This request can be made informally by the person responsible for the server by submitting a ticket(rrz-serviceline"AT"uni-hamburg.de?subject=Antrag auf Firewall-Freischaltung (#SRQ-vServer)) to the service line. In addition to the server name, the service (= the port) and access (explicit IP range, UHH or worldwide) should be specified.

Please note: If the server provides websites worldwide without registration, the requirements for operating websites must be strictly adhered to. You should also contact Department 2 (Communication and Marketing) of the President's Office to ensure that all legal requirements (such as a correct imprint) are met.