2003 License Server Terminal
2003 License Server Terminal
Remote Desktop Services , formerly known as Terminal Services , is one of the components of Microsoft Windows (both server and client versions) that allows a user to access applications and data on a remote computer over a network. Terminal Services is Microsoft's implementation of thin-client terminal server computing, where Windows applications, or even the entire desktop of the computer running terminal services, are made accessible to a remote client machine. The client can either be a fully-fledged computer, running any operating system as long as the terminal services protocol is supported, or a barebone machine powerful enough to support the protocol (such as Windows FLP). With terminal services, only the user interface of an application is presented at the client. Any input to it is redirected over the network to the server, where all application execution takes place. This is in contrast to appstreaming systems, like Microsoft Application Virtualization, in which the applications, while still stored on a centralized server, are streamed to the client on-demand and then executed on the client machine.
Overview
Terminal Services was first introduced in Windows NT 4.0 Terminal Server Edition . It was significantly improved for Windows 2000 and Windows Server 2003. Both the underlying protocol as well as the service was again overhauled for Windows Vista and Windows Server 2008 . Windows includes two client applications which utilize terminal services: the first, Remote Assistance is available in all versions of Windows XP and successors and allows one user to assist another user. The second, Remote Desktop, allows a user to log in to a remote system and access the desktop, applications and data on the system as well as control it remotely. However, this is only available in certain Windows editions. These are Windows NT Terminal Server; subsequent Windows server editions, Windows XP Professional, and Windows Vista Business, Enterprise and Ultimate. In the client versions of Windows, Terminal Services supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.
Microsoft provides the client software Remote Desktop Connection (formerly called Terminal Services Client ), available for most 32-bit versions of Windows, including Windows Mobile, and Apple's Mac OS X, that allows a user to connect to a server running Terminal Services. On Windows, both Terminal Services client and Remote Desktop Protocol (RDP) use TCP port 3389 by default, which is editable in the Windows registry. It also includes an ActiveX control to embed the functionality in other applications or even a web page. A Windows CE version of the client software is also available. Server versions of Windows OSs also include the Remote Desktop for Administration client (a special mode of the Remote Desktop Connection client), which allows remote connection to the traditional session 0 console of the server. In Windows Vista and later this session is reserved for services, and users always log onto session >0. The server functionality is provided by the Terminal Server component, which is able to handle Remote Assistance, Remote Desktop as well as the Remote Administration clients. Third-party developers have created client software for other platforms, including the open source rdesktop client for common Unix platforms.
For an enterprise, Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the Internet. This centralization makes upgrading, troubleshooting, and software management much easier. As long as employees have Remote Desktop software, they will be able to use enterprise software. Terminal Services can also integrate with Windows authentication systems to prevent unauthorized users from accessing the applications or data.
Microsoft has a long-standing agreement with Citrix to facilitate sharing of technologies and patent licensing between Microsoft Terminal Services and Citrix Presentation Server (formerly Citrix MetaFrame) which has now been renamed to Citrix XenApp. In this arrangement, Citrix has access to key source code for the Windows platform enabling their developers to improve the security and performance of the Terminal Services platform. In late December, 2004 the two companies announced a five-year renewal of this arrangement to cover Windows Vista.
Architecture
The server component of Remote Desktop Services is
Terminal Server
(
termdd.sys
), which listens on TCP port 3389. When an RDP client connects to this port, it is tagged with a unique
SessionID
and associated with a freshly spawned console session (Session 0, keyboard, mouse and character mode UI only). The login subsystem (winlogon.exe) and the GDI graphics subsystem is then initiated, which handles the job of authenticating the user and presenting the GUI. These executables are loaded in a new session, rather than the console session. When creating the new session, the graphics and keyboard/mouse device drivers are replaced with RDP-specific drivers:
RdpDD.sys
and
RdpWD.sys
. The
RdpDD.sys
is the device driver and it captures the UI rendering calls into a format that is transmittable over RDP.
RdpWD.sys
acts as keyboard and mouse driver; it receives keyboard and mouse input over the TCP connection and presents them as keyboard or mouse inputs. It also allows creation of
virtual channels
, which allow other devices, such as disc, audio, printers, and COM ports to be redirected, i.e., the channels act as replacement for these devices. The channels connect to the client over the TCP connection; as the channels are accessed for data, the client is informed of the request, which is then transferred over the TCP connection to the application. This entire procedure is done by the terminal server and the client, with the RDP protocol mediating the correct transfer, and is entirely transparent to the applications. RDP communications are encrypted using 128-bit RC4 encryption. Windows Server 2003 onwards, it can use a FIPS 140 compliant encryption scheme.
Once a client initiates a connection and is informed of a successful invocation of the terminal services stack at the server, it loads up the device as well as the keyboard/mouse drivers. The UI data received over RDP is decoded and rendered as UI, whereas the keyboard and mouse inputs to the Window hosting the UI is intercepted by the drivers, and transmitted over RDP to the server. It also creates the other virtual channels and sets up the redirection. RDP communication can be encrypted; using either low, medium or high encryption. With low encryption, user input (outgoing data) is encrypted using a weak (40-bit RC4) cipher. With medium encryption, UI packets (incoming data) are encrypted using this weak cipher as well. With high encryption, the cipher is changed to an unspecified 128-bit one.
Terminal Server
Terminal Server is the server component of Terminal services. It handles the job of authenticating clients, as well as making the applications available remotely. It is also entrusted with the job of restricting the clients according to the level of access they have. The Terminal Server respects the configured software restriction policies, so as to restrict the availability of certain software to only a certain group of users. The remote session information is stored in specialized directories, called Session Directory which is stored at the server. Session directories are used to store state information about a session, and can be used to resume interrupted sessions. The terminal server also has to manage these directories. Terminal Servers can be used in a cluster as well.
In Windows Server 2008, it has been significantly overhauled. While logging in, if the user logged on to the local system using a Windows Server Domain account, the credentials from the same sign-on can be used to authenticate the remote session. However, this requires Windows Server 2008 to be the terminal server OS, while the client OS is limited to Windows Server 2008, Windows Vista and Windows 7. In addition, the terminal server can provide access to only a single program, rather than the entire desktop, by means of a feature named RemoteApp. Terminal Services Web Access (TS Web Access) makes a RemoteApp session invocable from the web browser. It includes the TS Web Access Web Part control which maintains the list of RemoteApps deployed on the server and keeps the list up to date. Terminal Server can also integrate with Windows System Resource Manager to throttle resource usage of remote applications.
Terminal Server is managed by the Terminal Server Manager MMC snap-in. It can be used to configure the sign in requirements, as well as to enforce a single instance of remote session. It can also be configured by using Group Policy or WMI. It is, however, not available in client versions of Windows OS, where the server is pre-configured to allow only one session and enforce the rights of the user account on the remote session, without any customization.
Terminal Services Gateway
The Terminal Services Gateway service component, also known as TS Gateway , can tunnel the Remote Desktop Protocol session using a HTTPS channel. This increases the security of Remote Desktop Services b
Microsoft Windows Server 2003 Terminal Services
Windows Server 2003 Terminal Server Licensing. This white paper provides an overview of Terminal Server licensing, the client license management service for the operating systems in ...
Terminal Server License Service Discovery – Part 1 ...
Windows Server 2003 allows the license server to be installed on any server in the enterprise. The Terminal Services License ... when Michael Burke releases Terminal Server License ...
Windows Server 2003 Terminal Server licensing issues ...
Install Windows Server 2003 Terminal Server License Server on a member server that is running Windows Server 2003. Demote the Windows 2000-based license server to a member server ...
Windows Server 2003 Terminal Server Licensing
This white paper provides an introduction to Terminal Server Licensing, the client license management service for the operating systems in the Microsoft Windows Server 2003 family.
How to override the license server discovery process in ...
This article describes how to override the license server discovery process in Microsoft Windows Server 2003 Terminal Services.
Buy Microsoft Terminal Server CAL's Microsoft Open ...
Open License pricing for Microsoft Terminal Service CAL's & External Conn 2003. Buy software assurance for your Terminal Server External Connector 2003 and save. Wasatch Software ...
Buy Terminal Server 2003 Single User CAL License, R19 ...
Buy cheap Terminal Server 2003 Single User CAL License, R19-00133 from Microsoft, Microsoft Open License is a so
Terminal Server 2003 license server - Petri.co.il ...
Terminal Server 2003 license server Terminal Services ... Welcome to the petri.co.il forums. You are currently viewing our boards as a guest which gives you limited access to view most ...
Windows Server 2003 Terminal Server Licensing
Date Published: 01 MAY 2003 : About the White Paper: This white paper provides an introduction to Terminal Server Licensing, the client license management service for the operating ...
Terminal Server 2003 License Server, in the Licensing ...
Terminal Server 2003 License Server, in the Licensing forum on BrianMadden.com
