Tải bản đầy đủ - 0 (trang)
Chapter 27. Windows Server 2003 Terminal Services

Chapter 27. Windows Server 2003 Terminal Services

Tải bản đầy đủ - 0trang

needstorunasingleapplication,theTerminalServerperforms

alltheprocessingandusesitshardwareresources.Inabasic

TerminalServersession,theclientsendsoutonlykeyboardand

mousesignalsandreceivesvideoimages,whichrequiresonlya

smallamountofbandwidthonthenetwork.Foramorerobust

multimedia-intensivesession,TerminalServicesprovidestruecolorvideosupportalongwithaudio,localprinter,COMport,

andlocaldiskredirectiontoprovideeaseofdatatransfer

betweentheclientandserverthroughasinglenetworkport.

TerminalServicesalsoprovideslocaltimezoneredirection,

whichallowsuserstoviewtimestampsofemailandfiles

relativetotheirlocation.

ATerminalServicesimplementationcanprovideremote

administrationservices,butalsocanbeusedasacentralized

applicationserver,thusreducingtheneedtodeployhigh-end

workstationstoenduserswhorarelyneedhighperformanceon

theirlocalworkstations.ATerminalServicesimplementation

canalsoimprovenetworkperformanceforenterprise

messaging,databaseapplications,andothermultitiered

applicationsbyreducingtheamountofnetworktrafficeach

backendserverandnetworkdeviceneedstoprocess.Costsin

desktopapplicationsupportcanalsobereducedasaresultofa

TerminalServicesimplementationbylimitingapplication

upgradesandsecuritypatchinstallationstotheTerminalServer

insteadoftheadministratorhavingtovisiteveryworkstation.

Inthischapter,planning,implementation,management,and

supportofWindowsServer2003TerminalServicessystemsare

covered.Thischapteraddressesnotonlythenewfeatures

addedinWindowsServer2003,butalsohowthesenew

technologiescanbeleveragedtoimproveremoteaccess

servicesbyusers,aswellasadministrationandmanagement

bynetworkadministrators.



WhyImplementTerminalServices?

TerminalServicesisaversatileproductthatcanbe

implementedtomeetseveraldifferentbusinessneeds.

Administratorscanuseittoremotelyadministeraserver,or

userscanrunapplicationsandutilizenetworkresources

remotely.TerminalServicescanbeaccessedandusedbylocal

areanetwork(LAN)usersandremoteInternet-basedusers,to

provideaccesstoasingleapplicationorafulldesktop

environmentwithinaterminalsession.Userdesktopsupport

canalsobeprovidedtouserswhilerunninginTerminalServer

sessionsoriftheusersareworkingondesktopsrunning

WindowsXPProfessionalwithRemoteDesktopenabled.



Note

WindowsXPProfessionalincludesascaled-down

versionofWindowsServer2003TerminalServices

thatcanbeenabledandusedforremote

administrationorremoteworkstationconsole

access.



Lastly,TerminalServicescanbeimplementedbyapplication

serviceproviders(ASPs)tocreatemanagedapplicationservices

towhichclientscansubscribe.Thiseliminatestheneedforeach

businesstobuyserverhardware,software,andsupport.



RemoteDesktopforAdministration

Asaremoteadministrationtool,TerminalServicestechnology



givesanadministratortheoptionofperformingserver

administrationfromtheserverconsoleorfromanyotherserver

orworkstationwithaTerminalServicesclient.Thisoptionis

installedbydefault,butisnotautomaticallyenabled.This

capabilitysimplifiesadministrationfortheITdepartmentby

allowingthepersonneltodotheirjobfromalmostanyconsole

onthenetwork.ThiscanimproveITresponsetimesto

completetroubleticketsconcerningaccesstonetwork

resourcesoruseraccountmanagement.Servermaintenance

taskssuchasreviewinglogsorgatheringserverperformance

datacanbeaccomplishedthroughtheclient.

ApplicationsandupdatescanbeinstalledthroughaTerminal

Serversession,butshouldbedoneonlywhentheinstallation

doesnotinvolveaWindowsComponentinstallationorwhen

usersarerunningTerminalServicesserversessions.Installing

applicationsfromthelocalserverconsoleisrecommended,but

ifanapplicationmustbeinstalledremotely,youshouldconnect

totheserverconsoletorunthesession.



Caution

Avoidinstallingapplications,especiallyWindows

Server2003servicesandWindowscomponents,

fromwithinaTerminalServicesserversession.This

way,youavoidgettinglockedoutofyourTerminal

Servicesserversessionsandnotbeingableto

recover.



TerminalServicesforLANUsers

TherearemanybenefitsofmakingTerminalServicesavailable



toLANusers.Companyhardwarecostscanbereduced,

applicationavailabilityandlicensingmanagementcanbe

simplified,andnetworkperformancemayincrease.

Becauseaterminalsessionisreallyavirtualdesktopsession

runningontheTerminalServer,allTerminalServerusersrun

applicationsontheTerminalServer,utilizingtheprocessing

poweroftheserverwhilereducingtheloadonthelocal

workstation.Thiscanextendthelifeofanunderpowered

machinewhosedeficientresourcesmayimpedeworkflow

throughhighprocessor,memory,ordiskutilization.

Fromadesktopsupportperspective,aTerminalServercanbe

putinplaceandusedasasecondarymeansofprovidingusers

accesstotheirapplicationsifproblemsareencounteredwith

theapplicationsontheirlocalworkstations.Althoughthis

approachmayseemtobeoverkill,providingasecondary

meansofapplicationaccesscanbevitaltouserproductivity

andcompanyrevenuewhensupportpersonnelmaynotbe

readilyavailabletofixenduserapplicationissues.

ProvidingcentralizedapplicationsforLANusersthoughTerminal

Servicescansimplifyapplicationmanagementbyreducingthe

numberofmachinesonwhichapplicationupgrades,security

updates,andfixesneedtobeinstalled.Becauseallthe

applicationsrunontheTerminalServicesserver,onlythe

TerminalServicesserveritselfneedstobeupdated,andthe

entireuserbasebenefitsfromthechangeimmediately.This

way,theupdatescanbeperformedforallTerminalServices

serverusersatonetime.



TerminalServicesforRemoteUserSupport

TerminalServicescanbeusedtoprovideapplicationsupportfor

enduserswithinaTerminalServersession.Whenusersare

runninginaTerminalServersession,anadministratorcan



configureremotecontrolorshadowingfunctionalitytoviewor

completelyinteractwithauser'ssession.Thisfeaturecanbe

usedtotrainusers,provideapplicationsupport,orcreate

configurationchangessuchasinstallingaprinterorconnecting

toanetworkfileshare.Thiscapabilitycangreatlyreducethe

numberofadministratorsneededduringtheregularworkday

becausemultipleuserscanbeassistedfromonelocation.



Note

Tocomplywithmanyorganizations'securityand

privacypolices,WindowsServer2003Terminal

Servicesprovidesanoptionfortheremotecontrol

functiontobecompletelydisabled.Alternatively,

ratherthancompletelydisablingthefunctionforall

users,TerminalServicescanbeconfiguredtogive

userstheabilitytochoosewhetherornottoallow

anadministratortointeractwithherterminalserver

session.



TerminalServicesforApplicationService

Providers

TerminalServicesrunninginTerminalServermodeallows

applicationsandservicestobemadeavailabletousersinany

location.Companiesthatprovideservicestobusinessesthrough

proprietaryapplicationscanstandardizeandprovidetheir

applicationsexclusivelythroughWindowsServer2003Terminal

ServicesandgainallthebenefitsoutlinedintheprecedingLAN

andremoteusersections.Anaddedbonusforthesecompanies

isthatTerminalServicesreducestheneedtosendapplication



mediaouttoeachclient,andendusersupportcanbeprovided

inawayneverbeforepossible.

Applicationserviceproviderswhomakeseveralapplications

availabletoclientscanuseTerminalServicestoservice

hundredsorthousandsofusersfromdifferentorganizations

whilechargingafeeforapplicationusageorterminalsession

timeusage.



Note

WindowsServer2003doesnotprovideastandard

reportingmechanismtopresentTerminalServices

sessiondata.However,somevaluableinformation

canbegatheredbyfilteringthesecurityeventlog

foruserlogonandlogoffevents,usingtheTerminal

ServicesLicensingReporter(lsreport.exe)fromthe

WindowsServer2003ResourceKit,aswellas

teamingthisinformationwithdatagatheredby

creatingperformancelogsconfiguredtomonitor

TerminalServerServicessessioncountersusingthe

PerformanceMicrosoftManagementConsole(MMC)

snap-in,includedwithWindowsServer2003.Itis

alsoimportanttonotethatMicrosoftOperations

Manager(MOM)andsomethird-partysolutionsfor

TerminalServicesprovideexceptionalreporting

functionality.







HowTerminalServicesWorks

TerminalServicesprovidesaclient/serversessionthatcreatesa

virtualdesktopwithinasingleclientwindowthatemulatesa

truelocaldesktopenvironment.Usingprimarilykeyboardand

mouseredirects,TerminalServicesclientsrunapplicationson

theTerminalServer,soalmostnoprocessingpowerisneeded

ontheclientsystem.

TheTerminalServicesclientsoftwarecommunicateswiththe

TerminalServicesserverbyredirectingthelocalworkstation's

keyboardandmousesignalstotheTerminalServer.These

commandsaresenttotheTerminalServerviaasingleTCPport

(3389),andonlyminimalnetworkbandwidthperuseris

needed.Infact,solittlenetworkbandwidthisneededthat

TerminalServerclientscanconnecttoTerminalServersusing

28.8Kbpsmodemconnections.Forricherterminalsessions

utilizingadvancedfeaturessuchasportredirection,color

settingshigherthan256colors,filetransfer,and128-bit

encryption,increasedlinespeedisrecommended.



ModesofOperation

WindowsServer2003TerminalServicescanberunintwo

differentmodesofoperation.OneiscalledtheRemoteDesktop

forAdministrationmodeandtheotheriscalledTerminalServer

mode.



RemoteDesktopforAdministrationMode

TerminalServicesRemoteDesktopforAdministrationmodeis

includedandinstalledwiththeWindowsServer2003operating

systemandonlyneedstobeenabled.Thiseasesautomated



andunattendedserverdeploymentbyallowinganadministrator

todeployserversthatcanbemanagedremotelyafterthe

operatingsystemshavecompletedinstallation.Thismodecan

alsobeusedtomanageaheadlessserver,whichreducesthe

amountofspaceneededinanyserverrack.Morespacecanbe

dedicatedtoserversinsteadofswitchboxes,monitors,

keyboards,andmousedevices.

TheRemoteDesktopforAdministrationmodelimitsthenumber

ofterminalsessionstotwo,andonlylocaladministratorscan

connecttothesesessionsbydefault.Noadditionallicensesare

neededtorunaserverinthisTerminalServicesmode,which

allowsanadministratortoperformalmostalltheserver

managementdutiesremotely.

EventhoughRemoteDesktopforAdministrationisinstalledby

default,thismodedoesnothavetobeenabled.Some

organizationsmayseethisasanunneededsecurityriskand

choosetokeepitdisabled.Thisfunctioncaneasilybedisabled

throughouttheentireActiveDirectoryforestbyusingaGroup

Policysettingtodisableusersandgroupsfromconnectingto

TerminalServerslocatedinthecontainersthatthepolicy

appliesto.ThismodeofTerminalServicesisavailableinevery

WindowsServer2003versionaswellasinWindowsXP

Professional.



TerminalServerMode

TerminalServermodeallowsanyauthorizedusertoconnectto

theserverandrunasingleapplicationoracompletedesktop

sessionfromtheclientworkstation.

RunningTerminalServicesinthismoderequiresthepurchase

ofaTerminalServerclientaccesslicense(CAL)foreach

simultaneousconnection.TomanagetheseCALs,aTerminal

ServicesLicenseserverisneededtoallocateandtrackthe



licensesfortheTerminalServer.TheTerminalServicesLicense

serverservicecanbeinstalledonanyWindowsServer2003

EnterpriseorDataCenterserver.TheLicenseserverdoesnot

needtohaveTerminalServicesenabledinanymodetorunthis

service.



Note

Toquicklyobtainclientlicenseinformationona

clientcomputer,usetheWindowsServer2003

ResourceKittoolcalledTerminalServerClient

LicenseDump(TscTst.exe).



InstallingapplicationsforTerminalServermoderequiresthata

strictprocessbefollowedtoensurethateachapplicationruns

asitshouldinmultipleusersessions.Someapplicationsmay

notbeproperlysuitedtorunonaTerminalServer;insuch

cases,specialTerminalServerapplicationcompatibilityscripts

needtoberunagainsttheprogramsfortheseapplicationsto

runcorrectly.ThoroughtestingofeachTerminalServer

applicationishighlyrecommendedbeforeitisreleasedintothe

productionTerminalServerenvironment.



Note

TerminalServermodeisnotavailableinWindows

Server2003Webedition.



Client-SideTerminalServices



WindowsXPProfessionalincludesascaled-downversionof

TerminalServicescalledRemoteDesktop.RemoteDesktop

allowsausertoconnecttotheXPworkstationandremotely

takeovertheworkstationtorunapplicationsthathewould

normallyrunfromhisdesklocally.Thisfeatureallowsauser

whoworksfromhomeparttimetoconnecttothecompany

workstationtocompleteworkorcheckemailfromaworkstation

thatisalreadyconfiguredforhim.

Asanadministrationtool,thisclient-sideTerminalServicescan

beusedtoinstallsoftwareonanenduser'sworkstationfroma

remotemachine.Also,itcanbeusedtologintoauser's

desktopenvironmenttoremotelyconfigureauser'sprofile

settings.



RemoteAssistance

RemoteAssistanceisafeaturenewtoWindowsServer2003

andWindowsXPProfessional.Thisfeatureallowsauserto

requestassistancefromatrustedfriendoradministratortohelp

dealwithdesktopissuesandconfigurations.Thisfeaturegives

theenduserthepowertocontrolwhatlevelofparticipationthe

remoteassistantcanhave.Theremoteassistantcanbegranted

theabilitytochatwiththeenduser,viewthedesktop,or

remotelycontrolthedesktop.Duringremoteassistance

sessions,boththeenduserandremoteassistantcanhandoff

controlofthekeyboardandmouse.Remoteassistanceusesthe

underlyingRemoteDesktopProtocol(RDP)usedbyTerminal

Services.



RemoteDesktopConnection

RemoteDesktopConnectionisthenewlyimprovedand

renamedTerminalServerclient.Thisfull-featuredclientnow

enablestheendusertocontrolTerminalServersessionsettings



suchaslocaldisk,audio,andportredirection,plusadditional

settingssuchasrunningonlyasingleprogramorloggingon

automatically.RemoteDesktopConnectioninformationcanbe

savedandreusedtoconnecttoTerminalServerswith

previouslydefinedsessionspecifications.



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Chapter 27. Windows Server 2003 Terminal Services

Tải bản đầy đủ ngay(0 tr)

×