Monitoring any network service is an important task
of an IT administrator. Once Terminal Services are deployed, the job of
regularly fine-tuning and monitoring them becomes essential to ensure
network resources are optimally utilized and the users are getting what
they want. Installation of specific server roles, installation of
terminal server aware applications and publishing them to make it
available to remote users, monitoring user sessions, and deploying
load-balancing solutions when the network grows, are the important
tasks. In this chapter, we’ll discuss the Terminal Services management
tools (snap-in/console in Microsoft terms).
Windows 2008 Terminal Services includes the following components:
Terminal Server
Provides the ability to publish Windows-based applications or provide
access to the Windows desktop remotely. Users can run programs from
remote clients and store data on the network. Users access local
applications alongside the remote applications seamlessly.
Terminal Services Licensing
Manages the Terminal Services licensing including client access
licenses (CALs). Every client requires a license to connect to a
terminal server. You can install, assign, and monitor the CALs on your
network.
Terminal Services Web Access Provides a Web platform to access remote applications through a Web site. Remote applications appear as a Web link on the corporate Web site. When users click on the link the remote application opens up.
Terminal Services Gateway
Provides the ability to offer secure connection to your remote users
without a need to establish a Virtual Private Network (VPN). Any
Internet-connected device can initiate a Hypertext Transfer Protocol
over SSL (HTTPS) connection. Remote Desktop Protocol (RDP) traffic is
encapsulated into the HTTPS traffic until it reaches the TS Gateway
server and then HTTPS is removed and only RDP traffic gets passed to
the terminal servers.
Terminal Services Session Broker
Provides the session load balancing among the terminal servers in a
farm. When a remote user session terminates for any reason, a
reconnection is possible to resume the session from where it was left
off.
For managing the sub-components of Terminal Services, various management and monitoring tools are provided by Microsoft. Figure 1 provides a pictorial view of the Windows 2008 Terminal Services components and management tools.
Terminal Server management tools include:
Terminal Services Manager
Terminal Services Configuration
TS RemoteApp Manager
Windows System Resource Manager
Terminal Services Licensing management tool includes:
Terminal Services Web Access management tool includes:
Terminal Services Gateway management tool includes:
Terminal Services Session Broker management tools include:
The management and monitoring features offered by these management tools are:
Terminal Services Manager
With this tool, you can view and monitor users, sessions, and processes
that are running on the terminal servers. Routine administration tasks
such as sending a message, logging off users, or disconnecting them
from a terminal service session are part of this tool.
Terminal Services Configuration
With this tool you can configure, modify, and delete RDP connection
settings. You can configure on a per-connection basis or use
configurations that apply to the whole terminal server. You can also
configure farms; add members for a Terminal Services Session Broker
load balancing.
TS RemoteApp Manager
With this tool you can provide access to Windows-based programs and
applications for remote users. Remote users need only an Internet
connection. Modern hand-held devices powered with the Windows Mobile
operating system supports Remote Desktop Connection (RDC) client.
Access to applications hosted centrally in the corporate
networks is made available to these hand-held devices without consuming
much of the network bandwidth. Only keyboard depressions, mouse clicks,
and screen changes travel across the network. You can publish
applications and manage it centrally in a scenario where branch offices
may not have IT staff to install and configure applications.
Windows System Resource Manager
With this tool you can manage the resources by allocating memory and
processing the terminal server on a per-user basis or per-session
basis. Though this management tool is not specific to Terminal
Services, you can configure resource allocation policies for Terminal
Services.
Terminal Services Licensing Manager
With this tool you can manage Terminal Services CALs and you can
install, allocate, and track the CALs. This is an important activity
for a Terminal Services administrator.
TS Web Access Administration
With this tool you can access remote programs and desktops that are
published by TS RemoteApp. You can also configure remote desktop
parameters including devices and resources (printers, drives, serial
ports, clipboard, and plug-and-play devices), sound, display
resolution, and modem parameters.
TS Gateway Manager
With this tool you can configure secure remote sessions to access a
resource on a corporate network. Resources include terminal servers, TS
RemoteApp programs, or desktops with Remote Desktop enabled. RDP over
HTTPS is used to create a secure connection without a need for a VPN.
NLB Manager
With this tool you can ensure servers’ availability by load balancing
between several identical roles. Load balancing can be extended to any
service. However, in this context, NLB can be used to create terminal
server clusters and efficiently load-balance the traffic. Dedicated
hardware-based load balancers can also be considered for your network.
Allocating Resources by Using Windows System Resource Manager
Windows
System Resource Manager (WSRM) allows you to allocate memory and
processor resources to users, Terminal Service sessions, applications,
and other services. Often, leaving the resources allocation to the
applications or sessions will create
a situation where some other services have to compromise their share of
resources. Using WSRM you can ensure that the services offered by a
server is allocated to all (applications, users, or services) on an
equal basis or based on the prioritization of the organization.
WSRM
gets into the act through policies and actively manages the resource
allocation when the load of the server is greater than 70 percent.
However, normal scenario WSRM policies do not play a role. This means
contention of resources result in invoking the policies.
WSRM
features include managing system resources through policies, calendar
rules to define time-based policies, dynamically allocating resources
based on server capability (such as powerful processor or higher
memory), and accounting.
Resource allocation policies (RAP) specific to Terminal Service scenarios are equal per session and equal per user policies.
We’ll briefly discuss the installation of WSRM and later configure resource allocation policies for Terminal Services.
Installing WSRM
Windows
2008 treats individual services as server roles. Some of the server
roles are Domain Name System (DNS), Dynamic Host Configuration Protocol
(DHCP), Fax, and ADS. Roles can be considered as logical software
packages. Features are not directly part of any roles, but can enhance
or support the functionality of a role in the Windows 2008 environment.
Some of the features include Simple Transmission Control Protocol
(TCP)/Internet Protocol (IP) services, .Net Framework 3.0, Failover
Clustering, and Simple Network Management Protocol (SNMP) services.
WSRM is also a feature. You need to access Server Manager to add WSRM
to the server.
To install WSRM:
1. | Click Start | Administrative Tools | Server Manager (see Figure 2).
|
2. | Select Features on the left pane, and click on Add Features on the right pane under the Features Summary.
|
3. | Scroll-down to select Windows System Resource Manager under the “Select one or more features to install on this server” list (see Figure 3).
|
4. | Click on the Add Required Features button in response to the prompt to add Windows Internal Database, a pre-requisite to install WSRM (see Figure 4).
|
5. | Click Next.
|
6. | Click Install.
|
7. | Click Close to complete the installation.
|
8. | Click Start | Administrative Tools | Services, and check that the Windows System Resource Manager service is started.
|
To allocate resources for Terminal Services:
1. | Click Start | Administrative Tools | Windows System Resource Manager (see Figure 5).
|
2. | Click on This Computer and then click Connect in the “Connect to computer” dialog box.
|
3. | Click on Resource Allocation Policies on the left pane (console tree).
|
4. | Click on Equal_Per_Session policy.
|
5. | Click on Set as Managing Policy on the Actions pane (third window on your right).
|
6. | Click OK on the warning dialog box, The calendar will be disabled. Do you want to continue?
|
Computer
resources such as memory and central processing unit (CPU) are
allocated to various processes running on the server. Resource
allocation policy determines the usage of such resources. Equal per user or Equal per session
can be configured as managing policy for Terminal Services. You may
find more such resource allocation policies based on the services
installed on your server. For example Internet Information Services
(IIS) adds Equal_Per_IISAppPool policy. Default is the Equal_Per_Process policy.
|
|
Configuring Application Logging
WSRM’s
accounting feature logs accounting information of applications running
on the server. To log accounting data, you need to ensure the policy is
configured as managing policy (through Set as Managing Policy) or profiling policy (through Set as Profile Policy).
WSRM accounting captures the following information:
Details on applications that exceeded the resources
Changes to the managing policies
Name of the process
Name of the domain
Name of the user
Name of the resource allocation policy
Policy time (when it was set)
Process matching the policy criteria
Program location
Detailed information memory, disk, and processor operations
You
have the option to store the data in the local WSRM database or on a
Structured Query Language (SQL) database server. You also have the
option to archive, export (.txt or .csv format), group similar items, sort items, and filter events for ease of viewing (through Filter View). Figure 6 shows the accounting screen of WSRM.
