Windows Server 2003 Terminal Services is designed to provide a multiuser environment, which makes it possible for several users to connect to a server and run applications concurrently. Terminal Services consists of three major components:
Windows Terminal Services is designed to distribute the Windows 32-bit desktop to clients that are usually not able to run it. Although for the client it appears that the application is running locally, all processing actually occurs on the server. The only processing that occurs at the client involves displaying the user interface and accepting input from the keyboard and mouse. Although the application is run on the server, the information needed to control the user interface, such as keystrokes and mouse clicks, is sent over the connection to the client. The data rate of the connection is very small, generally less than 16KB. This makes Terminal Services well suited for low-bandwidth connections, such as low-speed dial-up lines. The RDP clients supplied with Windows Server 2003 Terminal Services can be used on most Windows PCs and Windows terminals. A 32-bit client is used with Windows 9x, NT, 2000, and XP. Note: Additional Clients Clients for the Macintosh and a Terminal Services (not RDC) client for the Pocket PC are not included on the Windows Server 2003 CD-ROM, but they are available for download from the Microsoft website at http://www.microsoft.com/downloads.
The RDC client provides the standard Win32 desktop to users. It is a Windows-based application and runs only on Windows platforms. However, it is a very small application (generally less than 2MB in size) and can run on machines with very limited processor and memory resources. This client provides the following features:
Terminal Services Advantages and DisadvantagesTerminal Services offers many advantages. Here are a few of them:
Terminal Services also has a couple of disadvantages, as follows:
Environments for Which Terminal Services Is RecommendedTerminal Services is recommended for use in a variety of environments. The following are some examples:
Terminal Services Is Not Recommended For...Here are some applications for which the use of Windows Terminal Services is not recommended:
Working with Terminal ServicesTerminal Services is available in two modes: Remote Desktop for Administration (formerly called Remote Administration mode) and Application Server mode. Application Server mode configures Windows Server 2003 to operate similar to the previous version of Windows NT Terminal Server 5.0. Remote Desktop for Administration mode is used to provide remote server management. Unlike in Windows 2000, where the Remote Administration mode was an option, the Remote Desktop for Administration mode is automatically installed in Windows Server 2003. However, incoming connections are disabled by default. Using Terminal Services in Remote Desktop for Administration ModeThe Terminal Services (TS) Remote Administration mode was first available in Windows 2000. The previous version of Windows NT 5.0 Terminal Server did not have this feature. With Windows Server 2003 Terminal Services in Remote Desktop for Administration mode, you are allowed two concurrent sessions, plus a console session to the Windows server. These sessions can be used to remotely access any programs or data on the server. Using the Terminal Services client is just like working on the server console. The Remote Desktop for Administration mode allows you to have two concurrent TS sessions without any additional Client Access Licenses required. The beauty of the Remote Desktop for Administration mode is that it allows you to manage your server from just about anywhere and from just about any computer. Because the TS client is supported on a variety of Windows platforms, including Windows CE and Pocket PC 2002 and later, you can load the client on any Windows box that you have available and manage your server. Imagine managing your server from your Pocket PC! In addition, because the RDC connection between the server and the client requires a minimum of bandwidth, you are not limited to a high-speed LAN connection. The Terminal Services client can access the servers via a dial-up connection, the Internet, or even a wireless connection. Again, think about managing your servers from your Pocket PC while sitting on a warm, sandy beach. Note: Switching Between Terminal Services Modes Although it is possible to switch from one mode to another, it is necessary to reinstall all applications. In addition to the two virtual sessions, a new feature in Windows Server 2003 provides the capability to connect to the real console of the server. In the past, a lot of tools and applications could not be run remotely, because they were written to interact directly with "session 0," or the physical server console. Also, most system messages are routed to the console automatically, so if you were trying to manage the server remotely and a pop-up error message was sent, you wouldn't be able to see it. Working with Terminal Services in Remote Desktop for Administration mode is covered at length in the "Managing Servers Remotely" section of Chapter 5, "Administering Windows Server 2003." Terminal Services in Application Server ModeThe purpose of Application Server mode in Windows Server 2003 Terminal Services is to enable applications to be shared and managed from a central location. The Terminal Services Application Server mode changes the characteristics of the server. Normally, a server is tuned to give best performance to the background processes that are running. This enables server-type applications, such as databases and mail servers, to perform better. However, when Windows is configured for Terminal Services Application Server mode, the server is tuned to give the best performance to the foreground processes. This is similar to the way a workstation operating system is tuned, because those are the types of tasks the operating system is now handling. With Terminal Services, each user is assigned an individual session of 2GB of virtual memory on the server. Performance depends on the capacity of the server, how many users are logged on, and what applications are running. The Application Server mode of Terminal Services allows the system administrator to load common applications that can be shared by multiple users. The users can be granted the ability to connect to a specific application or a complete desktop environment. This can greatly decrease the support costs associated with an organization because there are fewer visits to the end user. There is no need for upgrade visits, and there are fewer visits for application issues because everything is located and controlled centrally. Unlike Remote Desktop for Administration mode, in which there are only two concurrent connections plus the console allowed, Application Server mode allows you to have an unlimited number of concurrent connections, subject to server capacity and licensing. The number of users supported varies widely, depending on the type of applications in use and the hardware configuration of the server. Typically, on the same hardware, you can support far more users running terminal emulatortype applications than users who are using CAD applications. To install Terminal Services in Application Server mode, follow the procedure outlined in Step by Step 11.1.
Terminal Services LicensingApplication Server mode requires that each remote connection have a Windows Server 2003 Terminal Services user or device Client Access License (TS CAL). These licenses are separate from the normal Windows Client Access Licenses (CALs) and must be installed and managed using a Terminal Services licensing server. Terminal Services Licensing Server is an option that is installed from the Add/Remove Programs applet in the Control Panel. Windows Server 2003 offers two types of Terminal Services licensing servers:
To install a Terminal Services licensing server, follow the procedure outlined in Step by Step 11.2.
Note: TS CALS New with Windows Server 2003 are the concepts of a user Client Access License and a device Client Access License. Separating licensing in this way allows organizations additional license options. For example, if a Terminal Services user connects via multiple devices, such as a PC and a handheld device, the organization would need to purchase a user license instead of a device license. The standard TS CAL is valid only for connections to Windows 2000 Terminal Services servers. Unlike the Windows 2000 license server, which had to be installed on a domain controller in an Active Directory environment, the Windows Server 2003 Terminal Services license server can be installed on any domain controller, member server, or standalone server. This license server can support an unlimited number of Terminal Services servers, and it can issue Terminal Services 2000 Internet Connector licenses, TS 2003 user CALs, TS 2003 device CALs, and temporary TS CALs. The Internet Connector CALs are for non-employees who connect to your Windows 2000 Terminal Services servers over the Internet. A temporary TS CAL is issued when there are no TS user or device CALs available on the license server. A temporary TS CAL allows the client to connect to the Terminal Services server for 120 days. A Terminal Services server can initially operate for up to 120 days without being serviced by a TS licensing server. However, after this grace period expires, the server no longer accepts any TS connections until it is associated with a valid licensing server. The new licensing setup is only for Windows Server 2003 Terminal Services. As you can see, it is somewhat different from Microsoft's previous Terminal Services licensing methods. Fortunately, Microsoft has provided a whitepaper that gives an overview of the new licensing rules and processes. It can be obtained from the Microsoft Web site at http://www.microsoft.com/windowsserver2003/techinfo/overview/termservlic.mspx. Note: TS External Connector Another new licensing feature is the Windows Server 2003 Terminal Server External Connector license. This is a license that is purchased to allow an unlimited number of external users access to your Terminal Services server. This replaces the Internet Connector license that was available for Windows 2000 Terminal Services. Installing ApplicationsFor each user to have his own application configurations, Terminal Services monitors the changes that the application makes to the Registry as the program is being installed, and it watches for changes to the %windir% folder. Once captured, these changes are copied to a home folder that Terminal Services maintains for each user. When the user logs on to Terminal Services, these Registry settings are transferred to the user-specific Registry keys. To install applications on a Terminal Services server, you must be in Install mode. This can be accomplished by installing programs via the Add/Remove Programs applet in the Control Panel or via the Change User command. The Change User /install command places Terminal Services in Install mode, so that all user-specific mapping is turned off, and the system can monitor the installation process. After the application is installed, use the Change User /execute command to restore user-specific mapping. This also moves any newly installed user-specific files to the user's home folder. To install an application on a Terminal Services server in Application Server mode, follow the procedure outlined in Step by Step 11.3.
Although not all applications install or run properly in a multiuser environment, some manufacturers are supplying Terminal Services configuration files so that their applications install properly. An example is Microsoft, which has supplied a transform file with Office 2000 so that it can be properly installed on Terminal Services. This file is named TERMSRVR.MST and is available in the Office 2000 Resource Kit. Note: Terminal ServicesAware Applications Current applications may be Terminal Services aware. For example, Office XP or 2003 no longer needs either compatibility scripts or transform files to be installed in Windows Server 2003 Terminal Services. Microsoft has also supplied several application-compatibility scripts for several common applications that are run after application installation to change their installed configuration to allow them to operate properly in a multiuser environment. These scripts are located in the %systemroot%\Application Compatibility Scripts\Install folder. These scripts are typically run after the initial installation of the application and are used to move user-specific files and configuration information to the user's home folder. These scripts can be run at every logon by adding a reference to them in USRLOGON.CMD, which is run whenever a user logs on to Terminal Services, or via an individual user's Terminal Services logon script. A close examination of these scripts can give you ideas on how to create compatibility scripts for your own applications. Note: Application Installation in Remote Desktop for Administration Mode There are no special steps necessary to install applications in Windows Server 2003 TS Remote Desktop for Administration mode. Managing User Sessions in Terminal ServicesTerminal Services comes with a variety of administrative tools. The Terminal Services Manager is the tool that is used to monitor and manage the Remote Desktop sessions. From this tool, the system administrator has the ability to perform the following tasks on a user session:
As shown in Figure 11.5, when a user connects to a Remote Desktop session, this connection is displayed in the Terminal Services Manager MMC. This view shows the status for all the connections, including the following:
Figure 11.5. The Terminal Service Manager MMC, showing the connected sessions.To manage a user session, right-click the connection from the Sessions tab and select an option from the pop-up menu, as shown in Figure 11.6. Descriptions of the various options are listed in the following sections. Figure 11.6. The Terminal Service Manager MMC, showing the session-management options.Note: Terminal Services Manager Restrictions The Remote Control and Connect to Session features of the Terminal Services Manager tool are available only when the tool is run in a Terminal Services session. These features are not available when the Terminal Services Manager is run from the server console. Disconnecting and Reconnecting a SessionTo disconnect a session, click Disconnect on the Action menu. Disconnecting a session closes the connection between the server and client; however, the user is not logged off and all running programs remain. If the user logs on to the server again, the disconnected session is reconnected to the client. A disconnected session shows Disc in the State field. To connect to the disconnected session, click the session in Terminal Services Manager and select Connect from the Action menu. The current session is disconnected, and the selected session is connected to your terminal. Your session must be capable of supporting the video resolution used by the disconnected session. If the session does not support the required video resolution, the operation fails. Sending MessagesYou can send a message to users informing them of problems or asking them to log off the server. To send a message, right-click an active session and then select Send Message from the Action menu. If you select multiple users, the message is sent to each user. Remote Controlling a User's SessionYou can monitor the actions of users by remote controlling their sessions. The remote-controlled session is displayed in the controller's session, and it can be controlled by the mouse and keyboard of the remote control terminal. By default, the user being controlled is asked to allow or deny session remote control. Keyboards, mice, and notification options can be controlled from the Active Directory Users and Computers MMC. To remote control a session, right-click the session from the Sessions tab and then select Remote Control from the Action menu. The remote control session must be capable of supporting the video resolution used by the shadowed session. If the remote control session does not support the required video resolution, the operation fails. Resetting a Session or ConnectionYou can reset a session in case of an error. Resetting the session terminates all processes running on that session. To reset a user session, right-click the user from the Users tab of the Terminal Services Manager MMC and then select Reset from the Action menu. If you select multiple users, each user session is reset. Resetting a session may cause applications to close without saving data. If you reset the special RDP-TCP Listener session, all sessions for that server are reset. Logging Users off the ServerYou can forcefully end a user's session by right-clicking the user from within the Users tab and then selecting Logoff from the Action menu. If you select multiple users, each user is logged off. Caution: Data Loss! Logging off or resetting a user's session without giving her a chance to close her applications can result in data loss. Terminating ProcessesTo end a user or system process, right-click the process from the Process tab and then select Terminate from the Action menu. If you select multiple processes, each process is terminated. Caution: Termination Instability! Terminating a user process can result in the loss of data and can also cause the server to become unstable. Using the Remote Desktop Connection ClientThe Remote Desktop Connection client is installed by default on Windows Server 2003. You can open an RDC session by clicking Start, All Programs, Accessories, Communications, Remote Desktop Connection. This opens the RDC client, as shown in Figure 11.7. In the Computer field, you can type either the IP address or the name of the remote computer to which you want to connect. If you have previously connected to this computer, you can click the drop-down list, and you will see a list of the computers to which you have made connections. Figure 11.7. You can select a previous RDC connection via the drop-down list in the Remote Desktop Connection dialog box.
If you do not see the name or IP address listed, and you cannot remember it, you can click <Browse for more...>, and all the Terminal Services servers you are able to connect to will be listed. Note: Remote Desktop for Administration Mode Doesn't Advertise By default, only Windows Server 2003 computers running Terminal Services in Application Server mode advertise their presence to the browse list. To enable a Windows Server 2003 server running in Remote Desktop for Administration mode to advertise itself as a Terminal Services server in the browse list, change the value of the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\TSADVERTISE key from 0 to 1. After selecting a connection, click Connect and you will see the logon prompt for the remote server. Enter the proper credentials, and you will log on to a desktop from the remote server (see Figure 11.8). Figure 11.8. After you successfully connect remotely, you will see a Remote Desktop window.From this window, you can run the programs on the remote server, just as if you were sitting in front of the server console. If you would prefer to see the remote desktop in full-screen mode, click the Maximize button in the upper-right corner of the window. When running RDC in full-screen mode, it is hard to tell that this is a virtual session. When it's time to end your session, you have two choices: You can either log off or disconnect the session. You log off the session by clicking Start, Shutdown, and then Logoff from the Security dialog box. To disconnect the session, select Disconnect from the Security dialog box or click the Close button in the upper-right corner of the window. If you log off a session, any programs running are automatically shut down for you, just as if you were using your own computer. However, if you disconnect a session, any programs that are running remain running. The next time you log in to the server, the session will be just as you left it. Note: Terminal Services Etiquette The default configuration of a Terminal Services server is to maintain disconnected sessions indefinitely. However, even when a session is disconnected, it still uses resources on the server. Unless you have a good reason for leaving a session running, such as running a batch job or a long-running database function, it is usually best to log off when you are finished. Logging off allows the server to release the session, and the resources associated with keeping it active will be available for other processes. Using the Remote Desktop ClientIn the previous section, we logged on to a Remote Desktop session using the default settings. However, the RDC client has many configuration options available that allow you to configure it for the optimum performance in many different situations. To access these settings, open the RDC client and click the Options button. The settings on the General tab allow you to preconfigure the server, username, password, and domain to connect to. The RDC client also allows you to export your client configuration settings to a file that can be used on other machines. Just click Save As under Connection Settings. The display settings are available from the Display tab (see Figure 11.9). The screen display can be configured in the following resolutions:
Figure 11.9. You configure display settings for Remote Desktop Connection via the Display tab.
You can also set the color resolution, up to a maximum of True Color (24 Bit); however, the higher the resolution, the more data that has to go over the link between the client and the remote server. You will probably want to keep this as low as possible over low-speed links. It's important to remember that the settings on the Terminal Services server always override the RDC client settings. There is also an option to display the connection bar when you are in full-screen mode. The icons on the connection bar allow you to quickly minimize or maximize your session. The connection bar appears when you move your mouse to the top of the screen. To always display the connection bar at the top of the screen, click the push pin. The connection bar was shown earlier in Figure 11.8. Note: Display Characteristics The maximum values that you can configure the display resolution to will be equal to the settings on your client computer. For example, if the client is configured for 800x600 with 256 colors, you won't be able to configure the RDC session to 1024x768 with 16-bit resolution. The client has to have a desktop resolution either equal to or higher than the RDC session. The Local Resources tab, shown in Figure 11.10, allows you to configure the interface characteristics of the session, such as sound, keyboard, and device mapping. The Remote Computer Sound option allows you to hear the sounds generated by the remote server session through your local computer. Although this is useful for applications that use sounds as prompts, it's not a good idea to play MP3s over a low-speed connection because sound uses a significant amount of bandwidth. For slow connections, it's recommended that you set this to Do Not Play. Figure 11.10. You can configure interface characteristics for the Remote Desktop connection via the Local Resources tab.
The Local Devices option allows you to specify which of the devices attached to your local computer will be available in your RDC session. This allows you to access your local drives, printers, the Clipboard, or any devices attached to your serial port. For example, you can cut and paste data from the RDC session to the local computer, and vice versa. You can also copy files from the local drives to the drives of the Windows Server 2003 Terminal Services server, if you have the proper NTFS permissions. The Keyboard option allows you to specify how the standard Windows key combinations are handled while you are in a remote session. For example, if you are running a remote session and you select the Alt+Tab key combination, the local computer will respond to the keystrokes. You can choose to have the Windows keys assigned to one of the following:
The Programs tab allows you to specify the name and location of a program to run when you connect to the remote session. You will have access only to the program and will not get the Windows desktop. When you close the application, your session will be automatically logged off. The Experience tab, shown in Figure 11.11, allows you to tailor the performance of your RDC session to the speed of your connection. For example, on a slow dial-up connection, you should turn off all the options except for Bitmap Caching. The Bitmap Caching feature improves performance by using your local disk to cache frequently used bitmaps to reduce the RDP traffic. The visual features listed here greatly affect the amount of data that has to be carried over the link between the server and the client. Figure 11.11. You can configure additional options for Remote Desktop Connection via the Experience tab.
You will notice as you select the different connection speeds, different options are selected. These are Microsoft's recommendations for each link speed. You can create your own configuration by selecting Custom. Unless you are connecting locally via a LAN, it's usually best to turn off all the options except for Bitmap Caching. Configuring Terminal Services ConnectionsAlthough the default Terminal Services configuration settings are fine for the average installation, the Terminal Services Configuration MMC allows you to fine tune Terminal Services to provide the best combination of performance and features for your installation. The Terminal Services Connection MMC is used to configure the Remote Desktop ProtocolTransmission Control Protocol (RDP-TCP) used to communicate between the Windows Server 2003 server and the RDC client. The RDP-TCP connection can be configured by right-clicking the connection entry in the Terminal Services Connection MMC and selecting Properties from the pop-up menu. From the General tab, shown in Figure 11.12, you can add a comment to describe the connection, configure the encryption level of the connection, or select whether to use Windows authentication. The settings for encryption are as follows:
Note: Per User Settings The settings described in this section apply to all users. The settings for an individual user can be configured via the Terminal Services tab of the user object in the Active Directory Users and Computers MMC. The Use Standard Windows Authentication option needs to be selected only in those cases where a third-party authentication mechanism has been installed and you want to use the Windows Standard Authentication method for RDP connections. From the Logon Settings tab, you can select to have all users automatically log on to the Terminal Services server by using a common username and password that you enter here. In addition, you can select to prompt them for a password when using this common account by selecting the Always Prompt for Password option. The default is for the user to provide logon credentials. From the Sessions tab, shown in Figure 11.13, you can select the default session timeout and reconnection settings. These settings are used to determine what action, if any, to take for sessions that have been connected longer than a specified time or have been disconnected. The options are as follows:
Figure 11.13. You can override user settings via the RDP-TCP Properties dialog box's Sessions tab.
The Sessions tab allows you to override any configuration settings that were made in the user profile, RDC, or Terminal Services client using the options on the tabs of the RDP-TCP Properties dialog box. The Remote Control tab allows you to configure the Remote Control feature of Windows Server 2003 Terminal Services. The available options are as follows:
The Client Settings tab, shown in Figure 11.14, allows you to configure the client experience features of Windows Server 2003 Terminal Services. Figure 11.14. Client Settings allows you to map local resources to your session.
The Connection area allows you either to use the connection settings chosen on the Local Resources tab of the RDC client (the default) or to configure the settings individually. These options control whether the various devices configured on the computer that the RDC client is installed on will be available in the RDC session. The options in the Disable the Following area allow you to enable/disable various actions, such as printing from the RDC session to the printers attached to the client computer on which you are running the RDC client. As shown in Figure 11.15, when drive mapping is enabled, the drives on the local client are available within an RDC session, listed under the Other section. Figure 11.15. My Computer, showing the mapped client devices listed under Other.The Network Adapter tab allows you to limit the number of concurrent RDC client connections by network adapter. The Permissions tab allows you to configure which users or groups are allowed to connect to Windows Server 2003 Terminal Services and what permissions they will have. The recommended method of allowing users to connect to Windows Server 2003 Terminal Services is to add their user accounts to the Remote Desktop Users group. This group has already been granted the necessary permissions, including the Allow Logon Through Terminal Services, which is necessary to connect via a Terminal Services or RDC client. Exam Alert: Remote Desktop Users Group Do not confuse the Log on Locally right with the rights granted by adding a user to the Remote Desktop Users group. The Log on Locally right allows users to log on to the server at the console, thereby allowing them direct access to the server. Adding a user to the Remote Desktop Users group allows a user to log on to the server over the network using the Terminal Services interface. The amount of access that members of the Remote Desktop users group have to the server can be strictly controlled by the administrator. Knowing the differences between these two functions is important in the field and for the exam. In addition to the settings available from the property pages of the RDP-TCP connection are the configuration options listed under the Server Settings folder. These settings are as follows:
Managing Windows Server 2003 Terminal Services via Group PolicyAlthough Windows Server 2003 Terminal Services can be managed using the Terminal Services Connection MMC, if you have multiple Terminal Services servers, this can become a nightmare. Fortunately, Microsoft has included some additions to Group Policy in Windows Server 2003 to support Terminal Services configuration. These policies can be found under the Computer Configuration section of Group Policy, as shown in Figure 11.16. Figure 11.16. You can configure settings for multiple Terminal Services servers via the Group Policy MMC's Terminal Services folder.The options available include not only the options from the Terminal Services Manager and the Terminal Services Connection MMC, but also various user interface options applicable in the Terminal Services environment. This simplifies Terminal Services configuration by putting the majority of configuration options in a centralized location. You should create an Organizational Unit (OU) to hold all your Windows Server 2003 Terminal Services servers, and then configure the Computer Configuration settings in the Group Policy object, instead of configuring each individual server. Group Policies override the settings configured with the Terminal Services Configuration tool. Note: Only for Windows Server 2003 Group Policy can be used to manage only Windows Server 2003 Terminal Services servers. Windows 2000 and Windows NT Terminal Services are not supported.
Terminal Services Session DirectoryEven though you can support quite a few user sessions per processor using Windows Server 2003 Terminal Services, there will always be certain applications that are CPU hogs or that need to be available to a large number of users. You can set up multiple Windows Server 2003 Terminal Services machines and assign groups of users to each one, but this doesn't provide any redundancy. In addition, what if one server has 200 users and is starting to slow down under the load, while another server is loafing along with only 10? You can use a process called load balancing to spread the application load across two or more servers. This prevents one server from becoming overloaded while another is loafing. This also provides redundancy for your applications because the failure of a single server does not prevent your users from completing their work. Windows Server 2003 Network Load Balancing is a feature included in all the Microsoft Windows Server 2003 operating systems. The Network Load Balancing (NLB) feature is used to enhance the scalability and availability of mission-critical, TCP/IP-based services such as web, Terminal Services, virtual private networking, and streaming media servers. NLB requires no additional hardware or software components. NLB works by distributing IP traffic across multiple Windows Server 2003 servers. Load balancing works on the principle that if a server is busy or unavailable, a client connection is routed to the next available server. Unlike clustering, load balancing does not require that you have identical servers. It also does not require any special disk units or other hardware, so it is an economical configuration. However, you are required to install identical applications in exactly the same manner on each server that is to be balanced. To the client, it looks like a single server is handling requests because the client sees a single virtual IP address and hostname. NLB is also capable of detecting host server failures and automatically redistributing traffic to the surviving servers. NLB can support up to 32 servers in a balanced configuration. When you set up an NLB configuration, you can either allow the load to be equally distributed among the servers or specify the load percentages for individual servers. By specifying individual load percentages, you can use dissimilar servers in your balanced configuration. Incoming client requests are distributed among the servers according to this configuration. All the servers in the balanced configuration exchange heartbeat messages, so they know when a server enters or leaves the configuration. When a server is added or leaves the configuration by either configuration change or failure, the other servers automatically adjust and redistribute the workload. In the current version of Windows Server 2003 Network Load Balancing, the load balance is a static percentage and does not change in response to the actual load of the server, as determined by CPU or memory usage. Most server failures are detected within 5 seconds, and the recovery and redistribution of the workload are accomplished within 10 seconds. However, the RDC client loses its connection and must reconnect. As long as IP affinity, which automatically redirects a client session to the last server it was connected to, is turned on in NLB, this isn't a problem. Because NLB uses the IP address of the client when routing, it can reconnect to a disconnected session. However, in those situations where the user has moved to another computer or received a different IP address via DHCP, the user receives a new session chosen at random from the group of servers. To solve this dilemma, Microsoft has included the Terminal Services Session Directory Service as a new feature in the Windows Server 2003 Enterprise and Datacenter editions. The Session Directory Service creates a database on a server that contains a record of the current sessions being hosted by a load-balanced cluster of Windows Server 2003 Terminal Services servers. The session directory database indexes the sessions using the username instead of the IP address. This allows disconnected sessions to be reconnected by using the username to look up the location of a disconnected session when the user is trying to log on to the Terminal Services server again. After it is determined which server is hosting the session that the user was disconnected from, his logon is routed to that server. The Session Directory (SD) doesn't have to be on a server that has Terminal Services installed. In large Windows Server 2003 Terminal Services installations, it's recommended that SD be hosted on a separate high-availability server. The Session Directory Service is not enabled by default. To enable it, use the procedure outlined in Step by Step 11.4.
After the Session Directory Service is started, you will have to add the Windows Server 2003 Terminal Services servers that you want to use with the service to an OU. After the servers are added to this OU, you will need to use Group Policy to enable SD for the Terminal Services servers in this OU. To enable SD for a group of servers, use the procedure outlined in Step by Step 11.5.
Although it is a best practice to use Group Policy to manage your Terminal Services Session Directory, you can add the servers that are running Terminal Services that you want included in the farm to the Session Directory Computers local group on the server that is designated as the SD server. |