VISIT LIBRARY SPONSOR A BOOK HOW IT WORKS NEWSLETTER FEEDBACK

The Definitive Guide to Windows Server 2003 Terminal Services Updated Edition

by Greyson Mitchem

SYNOPSIS

With the launch of Windows Server 2003 (WS2K3), Microsoft has continued to improve upon Terminal Services. At the launch event, Microsoft focused on the fact that this version of Windows is the most customer driven to date. Terminal Services’ new features clearly demonstrate this focus, and Microsoft has continued this focus on customer-driven enhancements with the recent release of Windows Server 2003 Service Pack 1.

This book will cover the new features and enhancements in WS2K3 Terminal Services and the new features included in Service Pack 1. It will also include best practices for configuring and managing Terminal Services with an eye to the new techniques available to systems administrators in WS2K3. Because of Remote Desktop Protocol (RDP) 5.2, Active Directory Service Interfaces (ADSI) access to Terminal Services attributes of user objects, new Group Policy Object (GPO) controls, and Session Directory, there exists the ability to use native Terminal Services as an enterprise-class solution for providing users with Terminal Services–based desktops.


CHAPTER PREVIEWS

Chapter 1: Introduction to Windows Server 2003 Terminal Services

With the launch of Windows Server 2003 (WS2K3), Microsoft has continued to improve upon Terminal Services. At the launch event, Microsoft focused on the fact that this version of Windows is the most customer-driven to date. Terminal Services’ new features clearly demonstrate this focus. Microsoft has continued this focus on customer-driven enhancements with the release of WS2K3 Service Pack 1 (SP1).

his guide will introduce you to the new features and enhancements in WS2K3 Terminal Services and the new features included in SP1. It will also discuss best practices for configuring and managing Terminal Services with an eye to the new techniques available to systems administrators in WS2K3. As we’ll explore, with Remote Desktop Protocol (RDP) 5.2, Active Directory Service Interfaces (ADSI) access to Terminal Services attributes of user objects, new Group Policy Object (GPO) controls, and Session Directory, you now have the ability to use native Terminal Services as an enterprise-class solution for providing users with Terminal Services–based desktops.


Chapter 2: Installing and Configuring the Terminal Server Role

This chapter will take you through the steps of adding the terminal server role to WS2K3. I’ll introduce you to the settings used to configure a terminal server via the administrative tools, Group Policy, and registry editor, and even give you a few system tweaks to help improve your server’s performance. Finally, I will give you an in-depth look at the Remote Desktop Connection client, and the new version of the Terminal Server Advanced Client (TSAC)—Remote Desktop Web Connection. I’ll begin by exploring the most common reasons for deploying Terminal Services.


Chapter 3: Load Balancing and Session Directory

If you have more users than a single terminal server can support or you need the ability to take a server offline for maintenance or application installations without impacting availability, load balancing will become an integral part of your Terminal Services architecture. In this chapter, I will introduce you to the native Microsoft Network Load Balancing (NLB) service. I will also cover a new feature of WS2K3—Session Directory—which enables Windows to track user sessions across multiple servers so that users can reconnect to the sessions when needed.

I’ll begin by introducing you to the basics of terminal server hardware configuration, then we’ll explore terminal server sizing. This foundation of information will enable you to determine how many servers you need to support your users’ needs.


Chapter 4: Terminal Services Administration

As with any technology deployment, the process of installing and configuring your terminal server is only half the work. You must also plan for ongoing administration and maintenance and software life cycle management. In this chapter, we’ll focus on Terminal Services administration, including user account configuration and management. In addition, we’ll explore GPO-based configuration from an AD perspective. I will introduce you to loopback policy processing, the creation of custom administrative templates, and the domain policy processing order. I will also walk you through some common terminal server administrative tasks and introduce you to the tools—both GUI and command line—used to manage terminal servers and user sessions. Let’s start by jumping into user account administration.


Chapter 5: Application Installation and Compatibility

We’ve explored how to enable the Terminal Services role, create and manage a Session Directory farm, and integrate terminal servers into your AD environment. All of these factors are vital to a successful Terminal Services infrastructure, but it is the user applications that can make or break your terminal server deployment.

As Terminal Services evolved, user applications have also evolved. Today, the majority of applications will install natively on Terminal Services and function in a multi-user environment without modification. However, there will always be a mission-critical program that is either legacy or from a vendor that does not follow the Microsoft Windows Logo specifications, so it is important to become familiar with the various features available in Windows Server 2003 to help address application compatibility.

This chapter will focus on installing, deploying, and managing applications in a Terminal Services environment. You’ll learn how to tune applications for simultaneous users, write an application compatibility script, and use Terminal Services registry flags to handle legacy applications. I’ll discuss the various administrative modes that you’ll use and how to test an application for Terminal Services compatibility.


Chapter 6: Managing User Profiles

User profile management is the linchpin to a successful terminal server deployment. Eighty percent of all end-user issues are most likely profile related. Careful analysis, planning, and implementation are required to ensure that the you successfully manage user profiles, as the type of profiles you use will not only determine the level of autonomy and personalization your users will have in the terminal server environment but also dictate the amount of support your users will need.

Even with the improvements in profile management in Windows XP and WS2K3, user profiles are subject to corruption, and in a terminal server environment, corruption can be common because the server must handle the loading and unloading of many profiles simultaneously. Add that to the fact that in a load-balanced environment, users have the potential of logging into a different server each day, and you have a recipe for disaster.

This chapter will introduce you to the types of profiles available in WS2K3, how to implement each type, and options available for creating a mixed environment in which different servers use different types of profiles. It will also discuss third-party options that create additional flexibility for user profile management.


Chapter 7: Managing Security and Virus Protection

Blaster, Love Bug, Nimda, Melissa—computer viruses and worms are a fact of life these days, so Windows infrastructure design must take them into account. Virus scanning software, firewalls, and patch management should be a part of even the smallest environments. If users will be accessing email or browsing the Internet from terminal servers, you will need to be vigilant in keeping your servers safe and virus free. Luckily, the restrictive permissions on a terminal server make it difficult for users to introduce viruses to the system; nonetheless, you should be prepared.

This chapter will explore available options for keeping servers secure and up to date, including Microsoft Automatic Updates and software, Widows Server Update Services, and Microsoft AntiSpyware (Beta), as well as cover best practices for implementing these options in your environment. In addition, I will highlight considerations for installing virus scanning software on terminal servers.


Chapter 8: Managing and Optimizing Terminal Services Performance and Capacity

You now have the tools you need to design and build a terminal server infrastructure, install applications, secure the OS to protect from worms, viruses, and even the users themselves, and make the desktops and applications available to designated users. This chapter will cover methods used to optimize your terminal servers so that you can support the largest possible number of users on the least possible number of servers—doing more with less. The chapter will start by looking at optimization and management options for each server as an individual unit, then discuss the latest trend in the server world—virtualization—and how it fits into a Terminal Services environment.