Using Terminal Server to host applications centrally
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Using Terminal Server to host applications centrally
Terminal Server provides an effective and reliable way to distribute Windows-based programs by making them available on a network server. With Terminal Server, a single point of installation allows multiple users to access the desktop of a server running one of the Windows Server 2003 family operating systems. Users can run programs, save files, and use network resources as though they were sitting at that computer. Terminal Server delivers the Windows desktop and Windows-based applications to computers that might not typically be able to run Windows operating systems.
Note
- Terminal Server is not included in Windows Server 2003, Web Edition.
Ease of use
| Feature | Description | For more information, see: |
|---|---|---|
Improved client: Remote Desktop Connection |
Renamed Remote Desktop Connection, the Terminal Services client features a more streamlined user interface that allows you to connect to terminal servers, change connection settings, save connection information, and connect to a remote computer. The old Terminal Services Client Connection Manager tool is no longer needed, although you can still use any connections that were created with that tool. With Remote Desktop Connection, users can create connection files, which are predefined connections to servers for either a single program or full desktop access, and save them in My Documents. You can ensure that the same version of a single program is being used across the computing environment by creating a connection file and distribute it along with the Remote Desktop Connection client software. |
|
Automated local printer support |
Terminal Services can both add and automatically reconnect printers attached to Terminal Services clients. |
|
Drive and file system redirection |
Users can see their local drives while logged on to a terminal server. In Microsoft Windows Explorer, users' local drives appear in the session folder tree as <driveletter> on <client>. |
|
Audio redirection |
Users of a terminal server can direct audio output from the terminal server to the audio device on their local computer. |
|
Clipboard redirection |
Users can cut and paste between the programs running on the local computer and the terminal server. |
|
Performance enhancements |
Enhancements to caching, including persistent caching, packet utilization, and frame size, provide significant performance improvements over earlier versions of Terminal Services. |
|
Roaming disconnect support |
This feature enables users to disconnect from a session without logging off. A session can remain active while disconnected, enabling the user to reconnect to the existing session from another computer or at a later time. Logon is required for reconnection, keeping each session secure at all times. |
|
Multiple logon support |
Users can log on to multiple sessions simultaneously from one or more clients, to multiple terminal servers, or to a single server multiple times. As a result, the user can do several tasks concurrently or run multiple unique desktop sessions. |
Manageability
| Feature | Description | For more information, see: |
|---|---|---|
Terminal Services Group Policies |
With the addition of Terminal Services Group Policies, administrators can use one tool (Group Policy) to manage Terminal Services-related settings throughout an organization. Terminal Services nodes have been added to the Computer and User section of the Administrative Group Policy template (System.adm). |
|
Terminal Services WMI provider |
The Windows Management Instrumentation (WMI) provider for Terminal Services allows you to use scripts to manage, configure, and troubleshoot terminal servers remotely, bypassing the Terminal Services tools, command-line options, and other management methods. |
|
Session remote control |
Support staff can either view or control another Terminal Services session. Keyboard input, mouse movements, and display graphics are shared between two Terminal Services sessions, giving support staff the ability to diagnose and resolve configuration problems, as well as provide user training from a remote location. This feature is particularly useful for organizations with branch offices. |
|
Load balancing |
Terminal Services Connection Management (TSCM), combined with load balancing technology, allows Terminal Services clients to connect to the least busy member of a group of terminal servers. Session Directory services ensure that disconnected sessions are reconnected to the same server where the original connection was established. |
|
Terminal Services Web Client: Remote Desktop Web Connection |
Remote Desktop Web Connection is an ActiveX control that provides virtually the same functionality as the full Remote Desktop Connection client, but is designed to deliver this functionality over the Web. When embedded in a Web page, Remote Desktop Web Connection can host a Terminal Services client session even if the full client is not installed on the user's computer. |
|
Microsoft Windows Installer (MSI) package for client deployment |
Remote Desktop Connection can be installed with Windows Installer. Windows Installer provides a quick and efficient means for deploying client software to target computers, using either a network-based share point or Microsoft IntelliMirror. |
|
Windows-based terminals |
Windows-based terminals are available from a variety of manufacturers. They use a custom implementation of the Microsoft Windows CE operating system and the Remote Desktop Protocol (RDP). |
|
Terminal Server Licensing |
Terminal Server Licensing helps system administrators and purchasing offices track clients and their associated licenses. |
|
Distributed File System (DFS) support |
Support for Distributed File System (DFS) enables users to connect to a DFS share, and administrators to host a DFS share from a terminal server. |
|
Terminal Services Manager |
Administrators can use Terminal Services Manager to query and manage Terminal Services sessions, users, and processes. |
|
Terminal Services Configuration |
Terminal Services Configuration allows you to create, modify, configure, and delete Remote Desktop Protocol (RDP) connections. You can also use Terminal Services Configuration to view and set terminal server settings. |
|
Integration with Local Users and Groups and Active Directory Users and Computers |
Administrators can create accounts for Terminal Services users the same way they create accounts for users on any Windows Server 2003 family operating system. Extra fields exist for specifying information specific to Terminal Services, such as the Terminal Services Profile Path and Home Directory. |
|
Integration with System Monitor |
Integration with System Monitor enables administrators to monitor Terminal Services system performance, including tracking processor use, memory allocation, and paged memory usage and swapping per-user session. |
|
Messaging support |
Administrators can alert users to important information, such as system shutdowns, upgrades, or new programs. |
|
Remote administration with Remote Desktop for Administration |
Any member of the Administrators group with access to the Terminal Services administrative utilities can remotely manage all aspects of a server. Remote Desktop for Administration is installed automatically on all Windows Server 2003 family operating systems. |
|
Configurable session time-out |
Administrators can reduce server resource usage by configuring session time-outs. Administrators can specify the length of an active session and how long a session can remain idle on the server. |
Security
| Feature | Description | For more information, see: |
|---|---|---|
Security modes |
Terminal Server can run in one of two security modes, depending on the applications you plan to run:
|
|
Encryption |
Terminal Services has four levels of encryption.
In addition, the Terminal Services logon process includes change password, unlock desktop, and unlock screen saver features. The logon process is encrypted, ensuring secure transfer of user name and password. |
Configuring authentication and encryptionSystem cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing |
Limit logon attempts and connection time |
Administrators can limit the number of user logon attempts to prevent unauthorized access to a server. Additionally, the connection time of an individual user or a group of users can be limited. |