Microsoft Terminal Services Features

The Terminal Services component of the Windows® 2000 Server operating system delivers the Windows 2000 Professional desktop and the latest Windows-based applications to a wide variety of desktops, including those that normally would not be able to run Windows. Through terminal emulation, Terminal Services allows the same set of applications to run on diverse types of desktop hardware. For organizations wanting to more flexibly deploy applications and control desktop management costs, a Terminal Services architecture offers an important enhancement to the traditional two or three tier client-server architecture based on servers and full scale personal computers.

Key Features

Terminal Services Architecture
Bridging Technology, Application Deployment, Remote Administration
Ease of Use
Manageability
Security

Terminal Services Architecture

Terminal Services extends the model of distributed computing by allowing PCs to operate in a server-based computing environment. With Terminal Services running on a Windows 2000-based server, all client application execution, data processing, and data storage occur on the server. Applications and user desktops are transmitted over the network and displayed via terminal emulation software. Similarly, print streams, keyboard input, and mouse clicks are also transmitted over the network between the server and the terminal emulation software. Each user logs on and sees only their individual session, which is managed transparently by the server operating system and is independent of any other client session.

Bridging Technology, Application Deployment, Remote Administration

Terminal Services client software is available for different client hardware devices, including PCs, Windows-based terminals, and even non-Windows-based devices such as a Macintosh or UNIX workstation. (Non-Windows-based platforms require additional third party software such as Citrix MetaFrame.) By letting users access a Windows 2000 desktop running on Windows 2000 Server, Terminal Services provides a bridging technology for customers moving to a Windows 2000 Professional Desktop environment. Frequently updated or hard to install line-of-business applications can be installed centrally on a Windows 2000 Server, and the Terminal Services client software can be used to access just the application, rather than the entire desktop. This is useful for any desktop, including the latest operating systems such as Windows 2000 Professional, especially when it is desirable, for performance reasons, to locate the application execution logic as close as possible to the backend data. Terminal Services also has a separate remote administration mode that can be used to remotely administer any Windows 2000-based server, including domain controllers, member servers and BackOffice®.

Terminal Services Architecture

Terminal Services extends the model of distributed computing by allowing PCs to operate as both thin and fat clients simultaneously. At the hardware level, a thin client is a device that relies on a server for applications and data, and performs little or no application processing. Thus a thin client (often called a terminal) requires relatively small amounts of RAM and local disk storage capacity. A typical PC (also called a fat-client) usually has more RAM and a larger disk drive so it can handle all of an application's code and data locally.

Centralizes Computing Resources

Terminal Services allows centralized management of some or all computing resources for each client connected to the server and provides each user with their own working environment. Additional Terminal Services advantages include:

Bringing Windows 2000 to desktops faster. Terminal Services acts as a convenient bridging tool for earlier desktops migrating to Windows 2000 Professional. It allows the Windows 2000 desktop experience to be delivered "virtually" to non-PC desktops and PCs that need hardware upgrades before they can run a full Windows 2000 operating system locally. Terminal Services clients are available for many different desktop platforms including MS-DOS®, Windows-based PCs, Macintosh, UNIX and others. (Connectivity to MS-DOS, Macintosh, and UNIX-based machines requires a third party add-on such as Citrix MetaFrame).
Centralized deployment of applications. Terminal Services provides centralized deployment and management of 32-bit Windows-based applications to Windows-based terminals, remote users, or local PC desktops. Terminal Services ensures that all clients can access current versions of an application because the software is installed once on a server, rather than every desktop throughout the company. This model reduces the costs and challenge of updating desktop machines, especially for remotely located desktops or branch office environments. In addition, Terminal Services features such as 'Remote Control' can simplify application support.
Remote administration. Terminal Services provides remote administration for the Windows 2000 Server family. This gives system administrators a powerful method of remotely administering each member of the Windows 2000 Server family from any client device over a LAN, WAN, or dial-up connection.

Ease of Use

Feature	Description
Automated Local Printer Support	Windows 2000 Server Terminal Services can add and automatically reconnect printers attached to Terminal Services clients.
Clipboard Redirection	This feature lets users cut and paste between applications running on the local machine and those running on the Terminal Server.
Performance Enhancements	Many improvements to caching, including persistent caching, packet utilization, frame size, and other enhancements, now provide significant performance improvements in Terminal Services.
Roaming Disconnect Support	This feature lets users disconnect from a session without logging off. Users can let a session remain active while disconnected and then reconnect to the existing session from another machine or at a later time. The Windows 2000 Server security model requires logon to reconnect, so sessions remain secure at all times.
Multiple Logon Support	This feature lets a user have multiple simultaneous logon sessions from one or more desktops. Users can log on to multiple computers running Windows 2000 Server using the same logon name, or they can log on to a single server multiple times (again using the same logon name) to do several tasks or run multiple unique desktop sessions.

Manageability

Feature	Description
Remote Administration mode	Remote administration mode allows Terminal Services to be enabled on any computer running Windows 2000 Server for graphical remote administration. Enabling this mode leaves server performance and application compatibility unaffected and allows up to two concurrent remote sessions.
Remote Control	This feature lets helpdesk staff view or control another Terminal Services session. Keyboard input, mouse movements, and display graphics are shared between two Terminal Services sessions, giving the support person the ability to diagnose and resolve configuration problems, as well as train the user remotely. This feature is especially useful for organizations with branch offices.
Integration with Windows 2000 Server Features	Terminal Services supports and extends all Windows 2000 Server features, such as Active Directory^TM services and the Microsoft Management Console.
Network Load Balancing	Network load balancing, available in Windows 2000 Advanced Server and Datacenter Server, lets Terminal Services clients connect to a pool of servers running Terminal Services, eliminating a single point of failure.
Windows-based Terminals Based on Windows CE and Embedded NT 4.0	Based on custom implementations of the Windows CE and Embedded NT operating systems and the Remote Desktop Protocol (RDP), Windows-based terminals are now available from major terminal partners (such as Wyse Technology, Network Computing Devices, Boundless Corporation, and Neoware Systems). Windows 2000 Server enhances these devices to include such features as remote control and local printing.
Client Connection Manager	This tool lets administrators and end users set up pre-defined connections to one or several different servers for a single application or full desktop access. Client Connection Manager creates an icon on the client desktop for single-click connectivity to one or more computers running Terminal Services. This way, administrators who want to provide a single line-of-business application across the computing environment can create a connection, export it, and distribute that connection along with the Terminal Services Client software to the PC desktops (for example, Win32® - and Win16-based systems). The connection is automatically made available when the client software is installed.
License Manager	The Terminal Services License Manager helps system administrators and purchasing offices track the clients and associated licenses connecting to the Terminal Services.
Distributed File System (Dfs) Support	Support for Dfs lets users connect to a Dfs share and allows administrators to host Dfs shares from a Terminal Server.
System Policies Components Allow Desktop Lockdown	Terminal Services-based clients have additional components on the Windows desktop and Start menu: Disconnect, Logoff, and Windows 2000 Server Security. Administrators can disable these components in cases where this level of flexibility isn't needed.
Terminal Services Manager	Administrators can use the Terminal Services Manager tool to query and manage Terminal Services sessions, users, and processes on computers running Windows 2000.
Terminal Services Configuration	Terminal Services Configuration is used to manage connection protocol settings and server settings, including permissions, encryption strength, and the licensing mode.
Integration with Windows 2000 Server User Management	Administrators create user accounts for Terminal Services users in the same way they create accounts for Windows 2000 Server users. This lets existing PC users access their accounts from terminal and terminal emulation desktops. Extra fields exist for specifying Terminal Services specific information, such as the Terminal Services Profile Path and Home Directory.
Integration with Windows 2000 Server Performance Monitor	Integration with Windows 2000 Server Performance Monitor allows system administrators to easily monitor Terminal Services system performance, including tracking processor use, memory allocation, and paged memory usage and swapping per user session.
Messaging Support	Administrators can alert users to system shutdowns and upgrades or to new application postings.
Configurable Inactivity Timeout	Administrators can configure when to time out sessions due to inactivity, reducing server workload.

Security

Feature	Description
RDP Encryption	The built-in RDP encryption feature lets administrators encrypt all or some of the RDP data transmitted between the Windows 2000 Server and Terminal Services Clients (including all Windows-based Terminals) at three different levels (low, medium, or high), depending on security needs. The default encryption level is medium, which provides bi-directional encryption between the server and the client using RSA Security's RC4 encryption algorithm, using a 56-bit key (or a 40-bit key, if using a Terminal Server 4.0 client). Terminal Services also supports 128-bit bi-directional encryption, which is available if you install the Windows 2000 High Encryption Pack.
Limit Logon Attempts and Connection Time	Administrators can limit the number of user logon attempts to prevent hackers from attacking a server, as well as the connection time of any individual user or groups of users.
Manage User Security	Administrators can set up security restrictions for individual users or an entire server. This includes limiting the ability to redirect to local devices.

Key Features

Contents

Terminal Services Architecture

Bridging Technology, Application Deployment, Remote Administration

Terminal Services Architecture

Centralizes Computing Resources

Ease of Use

Manageability

Security