March 1, 2011, 5:14 p.m.
posted by jin
Terminal Services is Microsoft's answer to thin client technology. In many ways, it mirrors environments that relied on server-based computing and the use of terminals for data input. While a common computer paradigm for many operating systems like UNIX, Terminal Services provides an approach that centers on Microsoft's server. Unlike Microsoft's traditional desktop orientation, where application and data processing occur on the local computer, with Terminal Services these activities are passed to the server. The local system acts merely to display the data and the keyboard/mouse serve as input devices for transmission to the server.
Terminal Services has undergone significant changes with each major Windows NT server family release. In its Windows 2000 incarnation, for example, Terminal Services expanded its reach as not only an applications-serving vehicle but also as a powerful administrative tool. In Windows Server 2003, the advance continues by transforming Terminal Services across the broader Internet while still enhancing functionality and essential services like security management.
Terminal Services in Windows Server 2003 introduces the Remote Desktop Users group, a new mechanism for granting users remote access to a computer for administration or application sharing. Remote Desktop Users is a built-in group and is administered via policy. Placing a user or group into Remote Desktop Users gives that user the ability to remotely connect to a computer. The user does not also need to be given local logon privileges, as in earlier versions of Terminal Services. The Permissions tab in Terminal Services Configuration can still be used to add users, as it was in Windows 2000. However, users must be granted the Remote Interactive Logon right to be able create a remote Terminal Services connection. This logon right is given to any user or group using the Security policy editor by simply adding that user or group to the Remote Desktop Users group.
There is an important difference between Windows 2000 and Windows Server 2003 installations. When installing Terminal Services for Windows 2000, you are prompted to select application-server functions or administrative support. Both function sets can be installed sequentially on one server. However, a server can perform only applications or administrative functions at one time. Windows Server 2003 still distinguishes between application and administrative services, but installation and management are now consolidated.
To prevent Terminal Services being licensed to unauthorized users, Windows Server 2003 adds a new security group. This optional setting restricts the servers to which a Terminal Server License Server will offer licenses or communicate about licensing discovery. To assign a License Server Security Group: Computer Configuration Administrative Templates Windows Components Terminal Services Licensing License Server Security Group.