programming4us
           
 
 
Windows Server

Windows Server 2008 : Configuring Terminal Services (part 1)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
10/22/2010 6:03:27 PM
The Terminal Services Configuration console is the main tool used to configure the Terminal Services role. The server options available in this tool primarily affect the user’s environment when connecting to the local terminal server. Other options available in this tool, however, relate to server licensing and load balancing features. After describing all the options and features configurable in the Terminal Services Configuration console, this lesson describes supplementary configuration options available in Group Policy for one feature in particular: printer redirection.

Introducing the Terminal Services Configuration Console

The Terminal Services Configuration (TSC) console is designed to control settings that affect all users connecting to the terminal server or all users connecting through certain connection types. For instance, you can use the TSC console to set the encryption level of all Terminal Services sessions, to configure the graphical resolution of sessions, or to restrict all users to one session. The TSC console is shown in Figure 1.

Figure 1. The Terminal Services Configuration console

The TSC console provides two general areas for configuration: the connection (RDP-Tcp) properties dialog box and the Edit Terminal Server Settings area. The following sections describe the options available through each of these configuration areas.

Configuring Connection (RDP-Tcp) Properties

Connection properties are used to customize the behavior of all Terminal Services sessions initiated through certain specific transport protocols (such as RDP over TCP) or through specific network adapters on the terminal server. By default, only one connection (named RDP-Tcp) is available for configuration; the properties configured for this connection apply to RDP sessions through all local network adapters. Beyond this default connection, you can also create new connections that apply to third-party transport protocols or to particular adapters.

For environments using only the built-in functionality offered by Windows Server 2008, the RDP-Tcp connection normally will serve as the only connection, and the RDP-Tcp Properties dialog box provides key configuration options for the entire server.

To open the properties of the RDP-Tcp connection, in the TSC console Connections area, right-click RDP-Tcp, and then click Properties. This procedure opens the RDP-Tcp Properties dialog box, as shown in Figure 2.

Figure 2. RDP-Tcp Properties General tab

The following section explains the configurable options available through each of the eight tabs.


General Tab

The General tab enables you to modify settings in three security areas: security layer, encryption level, and NLA. These three areas are described in the following section.

Security Layer

All RDP connections are encrypted automatically. Security layer settings determine the type of encryption used for these Terminal Services connections. Three options for the security level are available: RDP Security Layer, SSL (TLS 1.0), and Negotiate.

  • The RDP Security Layer option limits encryption to the native encryption built into Remote Desktop protocol. The advantages of this option are that it requires no additional configuration and that it offers a high standard of performance. Its disadvantage is that it does not provide terminal server authentication for all client types. Although RDP 6.0 can provide server authentication for clients running Windows Vista and later, Terminal Services clients running Windows XP and earlier do not support server authentication. If you want to enable RDP clients running Windows XP to authenticate the terminal server before establishing a connection, you have to configure SSL encryption.

  • The SSL (TSL 1.0) option offers two advantages over RDP encryption. First, it offers stronger encryption. Second, it offers the possibility of server authentication for RDP client versions earlier than 6.0. SSL is, therefore, a good option if you need to support terminal server authentication for Windows XP clients. However, this option does have some drawbacks. To begin with, SSL requires a computer certificate for both encryption and authentication. By default, only a self-signed certificate is used, which is equivalent to no authentication. To improve security, you must obtain a valid computer certificate from a trusted certification authority (CA), and you must store this certificate in the computer account certificate store on the terminal server. Another disadvantage of SSL is that its high encryption results in slower performance compared to that of other RDP connections.

  • When you choose the Negotiate option, the terminal server will use SSL security only when supported by both the client and the server. Otherwise, native RDP encryption is used. Negotiate is also the default selection.

Encryption Level

The Encryption Level setting on the General tab enables you to define the strength of the encryption algorithm used in RDP connections. The default selection is Client Compatible, which chooses the maximum key strength supported by the client computer. The other available options are FIPS Compliant (highest), High, and Low.

Network Level Authentication

When the Allow Connections Only From Computers Running Remote Desktop With Network Level Authentication setting is enabled, only clients that support NLA will be allowed to connect to the terminal server.

To determine whether a computer is running a version of the Remote Desktop Connection (RDC) client that supports NLA, start the RDC client, click the icon in the upper-left corner of the Remote Desktop Connection dialog box, and then click About. Look for the phrase “Network Level Authentication Supported” in the About Remote Desktop Connection dialog box, shown in Figure 3.

Figure 3. Verifying NLA support
Logon Settings Tab

The Logon Settings tab, shown in Figure 4, enables you to configure all Terminal Services clients to use a single predefined username and password. Sharing credentials in this way enables users to connect to the terminal server without having to supply any credentials. Choosing this option might be suitable for testing environments or for public terminals.

Figure 4. Configuring Terminal Services logon settings

When you select the Always Prompt For Password option, the user must always supply at least a password (if not the username) before connecting.
Other -----------------
- Windows Server 2008 : Deploying a Terminal Server (part 2) - Specifying NLA Settings
- Windows Server 2008 : Deploying a Terminal Server (part 1)
- Windows Server 2008 : Configuring Server Clusters (part 2)
- Windows Server 2008 : Configuring Server Clusters (part 1)
- Windows Server 2008 : Configuring Server Storage (part 3) - Configuring a Mount Point
- Windows Server 2008 : Configuring Server Storage (part 2) - Managing Disks, Volumes, and Partitions
- Windows Server 2008 : Configuring Server Storage (part 1)
- Use the Microsoft Management Console (MMC)
- Manage Windows Server 2008 : Work with Preconfigured MMCs
- Manage Windows Server 2008 : Work with the Task Scheduler
- Manage Windows Server 2008 Using Remote Desktop
- Manage Windows Server 2008: Configure Backups and Perform Restores
- Windows Server 2008 : Determine Which Terminal Services Roles to Install
- Windows Server 2008 : Install the TS Gateway Role Service and TS Web Access Role Service
- Windows Server 2008 : Install the TS Licensing Role Service
- Windows Server 2008 : Install the Terminal Server Role Service
- Windows Server 2008 : Configure a Load-Balanced Farm with TS Session Broker
- Windows Server 2008 : Configure the TS Gateway Manager
- Windows Server 2008 : Configure the TS RemoteApp Manager
- Windows Server 2008 : Manage Terminal Services
 
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us