Microsoft Windows Server 2003 Terminal Services (ENG).pdf

Microsoft Windows Server 2003

Terminal Services

Microsoft Windows Server 2003 Terminal Services

by Bernhard Tritsch

Microsoft Windows Server 2003 Terminal Services

Bernhard Tritsch

PUBLISHED BY Microsoft Press

A Division of Microsoft Corporation

One Microsoft Way

Redmond, Washington 98052-6399

form or by any means without the written permission of the publisher.

Library of Congress Cataloging-in-Publication Data. Tritsch, Bernhard.

Microsoft Windows Server 2003 Terminal Services / Bernhard Tritsch.

p. cm. Includes index. ISBN 0-7356-1904-2

1. Microsoft Windows server. 2. Operating systems (Computers). I. Title.

QA76.76.O63T755 2003

005.4'47682--dc22 2003058664

Printed and bound in the United States of America.

1 2 3 4 5 6 7 8 9 QWE 8 7 6 5 4 3

Distributed in Canada by H.B. Fenn and Company Ltd.

A CIP catalogue record for this book is available from the British Library.

Microsoft Press books are available through booksellers and distributors worldwide. For further

information about international editions, contact your local Microsoft Corporation office or contact

Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at

www.microsoft.com/mspress. Send comments to mspinput@microsoft.com .

Active Desktop, Active Directory, ActiveX, BackOffice, DirectX, JScript, Microsoft, Microsoft

Press, MS-DOS, NetMeeting, Outlook, PowerPoint, SharePoint, Visual Basic, Visual Studio,

Win32, Windows, the Windows logo, Windows Media, Windows NT, and Windows Server are

either registered trademarks or trademarks of Microsoft Corporation in the United States and/or

other countries. Other product and company names mentioned herein may be the trademarks of

their respective owners.

The example companies, organizations, products, domain names, e-mail addresses, logos,

people, places, and events depicted herein are fictitious. No association with any real company,

organization, product, domain name, e-mail address, logo, person, place, or event is intended or

should be inferred.

Acquisitions Editor: Martin DelRe

Project Editor: Valerie Woolley

Technical Editor: Pete Zeeb

Body Part No. X09-69362

Dr. Bernhard Tritsch

As Chief System Architect for visionapp GmbH in Frankfurt, Germany, Bernhard Tritsch is

responsible for the development and the adaptation of terminal server and application access

portal products for the commercial market. visionapp was founded when the Dresdner Bank

terminal server project starship and the German terminal server system integrator asp4you were

merged into a new company. Today, visionapp has offices in Germany and in England, and it

belongs to the Dresdner Bank Group and the Allianz Group.

Before joining visionapp, Bernhard Tritsch was Director of Software Development and New

Technologies for the Group Technologies AG business unit asp4you in Karlsruhe, Germany, from

July 2001 to October 2002. Under his leadership, the system integrator asp4you started with the

development of products derived from large terminal server projects. This resulted in a very close

cooperation with the developers from the project starship at Dresdner Bank. At that time, starship

was one of the most spectacular terminal server projects in Europe, including 250 terminal

servers with 140 published applications for 5,500 international users.

Prior to that, from 1999 to 2001, Bernhard Tritsch held the position of a Technical Director at

GTS-GRAL in Rossdorf, Germany. Leading 40 highly-skilled systems engineers in the United

States and in Europe, he and his team were reponsible for consulting, system integration, and

customer support in the field of server-based computing solutions for enterprises.

Bernhard Tritsch joined the Fraunhofer Institute for Computer Graphics in Darmstadt, Germany,

where he worked in research as Windows developer (C, C++) and project leader for international

computer graphics projects for four years. After receiving an equivalent to a Ph.D. in Computer

Science in 1996 from the Technical University in Darmstadt, Germany, Bernhard Tritsch was the

group leader responsible for the introduction and the administration of more than 400 PCs under

Windows NT at the Fraunhofer Institute and its affiliated research institutes in Germany, Portugal,

Singapore, and the United States until the end of 1998. During that time he was also leading a

test and development laboratory for Windows NT in heterogeneous networks, which was

supported by Microsoft. The goal of this laboratory was to work out enterprise solutions based on

Windows NT, Active Server Pages, Terminal Servers and Citrix MetaFrame.

Previously, Bernhard Tritsch received an equivalent to an M.S. degree in Physics from the

University in Freiburg, Germany, after finishing his master’s thesis at the European Organization

for Nuclear Research CERN in Geneva, Switzerland.

Over the last 12 years, Bernhard Tritsch gave some 200 presentations in Europe and in the

United States, published more than 24 articles, and wrote four books in German; three of them

were about terminal servers. This is his first book in English.

When he is not in multi-user Windows mode, Bernhard Tritsch enjoys the time he shares with his

wife, his two sons, and the teammates from his volleyball team. They are the ones who keep him

going.

Preface

This book deals with terminal servers as central execution platforms for Windows- based

applications. Users can access these terminal servers using clients that do not necessarily have

to be overly intelligent. This might not sound terribly spectacular and might even remind you of

the “good old days” of mainframes. You might also be wondering if the author of this book is an

advocate of the old technologies who is seizing an opportunity to rebuff the current client/server

concept. Quite the contrary! Terminal servers “adopt” an idea that has matured and developed

out of the mainframe world and strengthens the client/server model. Widely distributed

client/server environments will be re-centralized without changing the original goals that were set

with their introduction.

Note

I should emphasize that I have no wish to argue the success that mainframes

have enjoyed. The more involved I get in terminal servers and large project

environments, the deeper I venture into the mainframe world, which has much

to teach about operational concepts and system stability.

In 1995, I first heard about a special multiple-user variant of Microsoft Windows NT. It was called

WinCenter Pro and, through integrating additional functions, it allowed multiple users to log on

simultaneously and even start their sessions using X11 clients. WinCenter was the perfect

concept that I needed for a mixed UNIX – and Microsoft Windows environment with almost 800

computers. With WinCenter, UNIX users were finally able to work with the “killer applications”

from the PC environment. Soon after the purchase of a 15-concurrent-user license and its

installation on our first server, WinCenter Pro became one of the most frequently used services

on the network at one of the world’s largest research institutes for computer graphics, the

Fraunhofer Institute for Computer Graphics, which has its headquarters in Germany and affiliated

institutes in the United States, Portugal, and Singapore. In this way, approximately 200 UNIX

graphics developers increasingly began to accept Windows NT. Unknowingly, I thus became one

of the first system administrators in Europe to successfully establish a multiple-user server

running Windows NT in a large, heterogeneous environment.

It was not necessarily easy to configure and run a PC with a multi-user Windows NT, especially

on a network that could not deny its UNIX roots. The amount of time that I needed to set up (and

understand) a stable system was quite substantial. But other administrators reported similar

experiences, and the idea took root to modify the “hands-on training seminars” that I had been

holding since 1996 on Windows NT administration to include WinCenter administrators. These

seminars became so successful; they were quickly adapted to Microsoft Windows NT 4.0 Server,

Terminal Server Edition, and Windows 2000 Terminal Services as soon as they became

available. In view of the success of these seminars and my documentation on the WinCenter

production environment, Thomas Pohlmann of Microsoft Press Germany and I had the idea to

write a book about the terminal server for the German-speaking market, a book designed to be a

real help for routine terminal server operation.

The first book was an unexpected and huge success; a second book followed when Windows

2000 and its Terminal Services were launched. The second book revealed the increasing

relevance of Terminal Services for corporate environments. The third book, the one you are

reading now, became an international edition and describes Microsoft Windows Server 2003

Terminal Services. Two additional, new areas of interest are also included: Web integration and

application access portals. Much has changed since Windows NT 4.0 Server, Terminal Server

Edition , Microsoft Press Germany, 1999 and Windows 2000 Terminal Services , Microsoft Press

Germany, 2000 were released. This book draws on the experience gathered during eight years of

terminal server projects with many customers in the United States and Europe. The individual

project scope has changed from several dozens of users on individual servers to many thousands

of users on several hundreds of servers. The terminal server concept has matured.

I would like to thank Martin DelRe, Valerie Woolley, and Florian Helmchen at Microsoft Press for

their wonderful encouragement to publish a book whose target group might be somewhat

different from the usual Microsoft readership. The contents of this book are not based solely on

my own project experience and the limitless amount of “processed” information available in

knowledge base articles, white papers, conference presentations, product manuals, tons of Help

pages, and news groups. On the contrary, the knowledge and diligence of a number of specialists

made invaluable contributions to this book and its quality.

My special appreciation goes to Josef Zeiler at SBC-Consulting. As my German technical

editor, he ensured that my imprecise or just plain wrong explanations did not find their way

into this book. Furthermore, he supplied valuable information on the topic of licensing. Our

technical discussions were often arduous, but always very productive.

You would not be able to read this book in English were it not for the tireless efforts of the

translators who met tighter-than-tight deadlines and made this mission impossible possible.

Special thanks to Monika Schutz, who in addition to translating managed the first phase of

the transcontinental translation project, Patricia Callow, Claire Jokubauskas, and Gabrielle

Vernier.

Pete Zeeb (technical reviewer) and Lisa Pawlewicz (copyeditor) with Microsoft Press,

U.S., were essential players as they lent their skills to provide a nicely translated and

technically accurate English version of Microsoft Windows Server 2003 Terminal Services .

Sascha Goeckel is responsible for central Europe in his function as Technical Reseller

Manager at AppSense Technologies Ltd. It was he, of course, who wrote the draft version

describing the AppSense products in this book. Our discussions were always a great

inspiration, especially on the topic of basic security in terminal server environments.

Frank Seibert is the Director of Consulting Services at visionapp operating in Germany

and in England. He is, in my humble opinion, a walking-talking encyclopedia on all topics

even remotely connected to terminal servers. Many of the small (and great) configuration

tricks described in this book are based on his vast knowledge, such as the optimized printer

integration described in Chapter 14 .

Andreas Mariotti is a freelance consultant who works on many IT projects. He focuses on

Windows terminal servers and Citrix MetaFrame, particularly on software distribution and

automation. Andreas’s knowledge about deploying terminal servers in large corporate

environments is vast. He was one of my most important resources, especially when

describing the application configuration in Chapter 5 . He is also responsible for many minor,

but important, improvements to almost all chapters. I have come to believe that Andreas

probably knows every Knowledge Base article and white paper on terminal servers by heart.

Thomas Goehring is the specialist for server and security infrastructure at visionapp. I am

indebted to him for the detailed information about access control ( Chapter 8 ) and the

different encryption options for communicating with terminal servers.

Christian Weyer was one of my students when I was working on my Ph.D. thesis. After

successfully concluding his studies, he founded his own little company, which he named

Eyesoft. He is now a Regional Director at Microsoft, MVP ASP.NET & XML Web Services, a

successful book author, and a much- sought-after lecturer at many conferences. I owe it to

Christian that Microsoft .NET technologies found sufficient recognition in this book. Without

his help, I would have never understood the technical context, as described in Chapter 5 , for

instance.

The topics relating to application access portals in Chapter 13 also involve the Citrix

MetaFrame Secure Access Manager. Marc O. Borchert supplied this description. He is a

Senior Strategic Systems Engineer at Citrix and draws his knowledge on this rather new

product from the practical experience he has gained from customers and partners all over

Europe. Additionally, he has a direct line to the product developers at Citrix.

I would also to like thank the following individuals for the detailed information, critical comments,

corrections, tips, or test installations that contributed to this book: Mark Austin (AppSense), Peter

Bergler (Microsoft), Christian Ferber (Fujitsu Siemens Computers), Christian Gehring (Citrix), Ralf

Germowitz (BFE), Mark Gerrards (AppSense), Peter Ghostine (Emergent Online), Costin Hagiu

(Microsoft), René Huebel (Fujitsu Siemens Computers), Christine Koch (Microsoft), Bob Kruger

(Citrix), Jennifer Lang (Citrix), Daniel Liebisch (Citrix), Russ Naples (Citrix), Rizwan Pirani (Citrix),

Mark Russinovich (WinInternals Software and SysInternals), Adam Overton (Microsoft), Enrico

Schwalbe (Citrix), David Smith (Citrix), David Solomon (David Solomon Expert Seminars), Patrick

Sommer (Software Spectrum), Oliver Schroeder (MCS), Edwin Sternitzky (Citrix), Mark

Templeton (Citrix), and Walter Weinfurter (Microsoft).

Furthermore, I would express my thanks to my colleagues at visionapp, who are always ready to

offer their advice and support: Petra Boeckmann, Chris Dittmar, Marc Freidhof, Klaus Friemann,

Ulrike Gebhard, Thomas Gierich, Thorsten Goebel, Simon Hirth, Sascha Holzenthal, Sigfried

Kienzel, Oliver Mahr, Klaus Mitter, Frank Roth, Dirk Schaefer, Ingo Schulz, Meik Schwind, Enis

Sari, Perry Stanford, Michael Syre, Markus Thorwartl, Daniel Vollmer, and Daniel Winkler.

Special thanks, of course, go to Joerg Krick and Jan Zirn, the managing directors of visionapp, for

their generosity, giving me all the time and support I needed to write this book in addition to my

regular job as Chief System Architect.

I would also like to thank the Ober-Ramstadt volleyball team for providing me with much-needed

physical and mental balance during the writing of this book. They remained undeterred by my

mood swings and continued to practice, celebrate, and live through unforgettable matches with

me.

Last, but absolutely not least, my very special thank-you goes to my wife, Tina, and my sons,

Luca and Tobias. They are the center of my personal universe. I’d also like to thank my parents

and my parents-in-law, Erika and Dieter Liebschner. My family has always been and always will

be my most valuable moral support. Every day, they show me what is truly important in this life.

Dr. Bernhard Tritsch

Ober-Ramstadt,

Germany, October 2003

About This Book

Overview

Microsoft Windows Server 2003 was developed as the successor to the Microsoft Windows 2000

Server series, with special emphasis on use by IT professionals in corporate networks. It offers

both exceptional stability and excellent performance. A computer system running Windows

Server 2003 supports simultaneous execution of an almost unlimited number of processes for

users interactively logged on to the system. It is, of course, possible to use several processors

simultaneously to increase scalability. Specially adapted system components allow multiple users

to log on to the system interactively (multi-user operation). Redirecting input and output

operations to remote computers in application server mode is possible in the core Windows

Server 2003 system using Terminal Services. However, this option first needs to be activated.

The multiple-user function of Windows Server 2003 Terminal Services should not be confused

with the function that allows multiple users to be connected to the server through the network in a

more general sense. Multi-user service without interactive logon to the server’s user interface is

frequently used for file, print, or directory services. In contrast, Terminal Services allows multiple

interactive user sessions in parallel, with each of the sessions providing a desktop.

Terminal Services enables the connection of thin clients, also called terminals . Each client is

assigned a session. Using this session, a logged-on user performs all operations on the server

except keyboard, mouse, and monitor operations, which take place on the client itself. This

design opens up interesting and powerful possibilities for Windows Server 2003 because it can

be used in large corporate environments with extensive computer networks that are widely

dispersed geographically. Windows Server 2003 with Terminal Services in application server

mode allows simple centralization of administrative tasks and the use of low-maintenance clients.

The technical term for this arrangement is server-based computing .

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: