2. Managing and Troubleshooting Terminal Server
Several
tools exist that can configure terminal servers, terminal services user
settings, connections, and sessions. These include Group Policy Object
Editor, Terminal Services Configuration, Active Directory Users And
Computers, and the Remote Desktop Connection client itself. This
section will help you understand the use of each tool and the most
important configuration settings by examining the creation, use, and
deletion of a user session.
2.1 Points of Administration
Several
processes occur as a user connects to a terminal server; and at each
step, there are opportunities to configure the behavior of the
connection.
The Remote Desktop Connection
client allows 32-bit Windows platforms to connect to a Terminal Server
using the Remote Desktop Protocol (RDP). The client has been greatly
improved over earlier versions of the Terminal Services client, and it
now includes a wider variety of data redirection types (including file
system, serial port, printer, audio, and time zone) and supports
connections in up to 24-bit color. The client includes numerous
settings that configure the connection and the user’s experience. Some
of those settings are seen in Figure 4.
Settings are saved in Remote Desktop Connection (.rdp) files that can
easily be opened for future connections or distributed to other users
as a connection profile. Settings in the .rdp file or the Remote
Desktop Connection client affect the current user’s connection to the
specified terminal server.
When
a user connects to a terminal server, the server will examine the
terminal services properties of the user’s account to determine certain
settings. If terminal services user accounts are stored on the terminal
server, the Local Users And Groups snap-in will expose terminal
services settings in the properties of user accounts. More commonly,
user accounts are in Active Directory, in which case Active Directory
Users And Computers exposes terminal services settings on the
Environment, Remote Control, and Terminal Services Profile tabs within
the user properties dialog box, as shown in Figure 3. Settings in the user account will override settings in the Remote Desktop client.
A
client connects to the terminal server by specifying the server’s name
or IP address. The terminal server receives the connection request via
the specified network adapter. This connection is represented by a
connection object, visible in the Terminal Services Configuration
console shown in Figure 5.
The connection object’s properties configure settings that affect all
user connections through the network adapter. Settings in the
connection will override client-requested settings and settings in the
user account.
Tip
A
terminal server’s RDP-Tcp connection properties, accessible through
Terminal Services Configuration, will override client and user account
settings for all user sessions through the connection on that
individual terminal server. |
Windows
Server 2003 Group Policy includes numerous computer-based and
user-based policies to control terminal services. Configurations
specified by group policy objects (GPOs) will override settings in
Remote Desktop Connection, in the user account, or on the RDP-Tcp
connections of terminal servers. Of course, those settings will apply
only to the users or computers within the scope of the organizational
unit (OU) to which the GPO is linked. In an environment consisting only
of terminal servers running one of the Windows Server 2003 family
operating systems, Group Policy will enable terminal services
configuration with the least administrative effort. Terminal services
group policies do not apply to terminal servers running earlier
versions of Windows.
Once a user session
has been enabled, the Terminal Services Manager administrative tool can
be used to monitor users, sessions, and applications on each terminal
server. Terminal Services Manager can also be used to manage the server
and to connect to, disconnect from, or reset user sessions or processes.
Before
continuing the examination of Terminal Server configuration options and
tools, take a moment to memorize the order of precedence for
configuration settings:
1. | Computer-level
group policies. Most Terminal Services configuration can be set by
group policy objects (GPOs) linked to an OU in which terminal server
computer objects are created. These policies override settings made
with any other tool.
|
2. | User-level group policies.
|
3. | Configuration
of the terminal server or the RDP-Tcp connection using the Terminal
Services Configuration tool. While this tool is server and connection
specific, and therefore cannot specify a single configuration as Group
Policy can, this tool is able to configure Windows 2000 terminal
servers. In addition, there are times when a configuration should be
different between terminal servers or between connections. Terminal
Services Configuration is the tool to manage such a scenario.
|
4. | User account properties configured with Active Directory Users And Computers.
|
5. | Remote Desktop Connection client configuration.
|
