Logo
programming4us
programming4us
programming4us
programming4us
 Home
programming4us
 XP
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server
programming4us
 Windows Phone
 
Windows Server

Windows Server 2008 : Planning for Terminal Services and Application Virtualization - Terminal Services Roles (part 1)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
5/31/2011 4:04:40 PM

1. Reviewing Terminal Services' Roles


These are the components:

Terminal Server

Enables a Windows Server 2008–based computer to host Windows-based applications through Terminal Services.


Terminal Services Web Access

Lets users use RemoteApp programs and Remote Desktop connections through the Internet


Terminal Services Gateway

Allows users to connect to internal servers running remote applications via an Internet device that can run Remote Desktop connections


Terminal Services Licensing

Maintains client access licenses for users of devices


Terminal Services Session Broker

Provides load balancing for Terminal Services in an enterprise

2. Terminal Services Server Load

One of the most convenient and useful features of Terminal Services is that it puts an extraordinarily light load on the server. As of this writing, Microsoft has not released a prescribed load for applying Terminal Services throughout a given enterprise. However, two tried and true methods for determining server load have existed since the release of Terminal Services and (for that matter) have been in release since most computers were first functioning. Those two methods are experimentation and extrapolation. For particulars on using Roboserver and Roboclient, check Microsoft.com; the Enterprise Administrator exam will not test you on the particulars, so I will not discuss them here as to ease the burden of information.

When using experimentation, you take an existing server, give it a full test load of various applications, and place it under heavy use with various users requesting different applications at once. The information you derive from this experiment lets you determine where your Terminal Services server needs to be placed and what kind of hardware it will require. To aid in this process, when Microsoft released the Windows Server Deployment Kit, it included two useful tools: Roboserver (Robosrv.exe) and Roboclient (Robocli.exe). Using these tools, an administrator can place a heavy server load without having to go through the process of creating a custom load from scratch.

With extrapolation, you examine a previously existing instance of Terminal Services and plan accordingly based on the overall deployment needs of your organization. For example, if you have a currently running server with 10 users that is at maximum capacity (which, by the way, is pretty unlikely), you would extrapolate from that existing load that an organization that has 1000 users will require 100 servers to reach capacity.

In both methods, you are primarily concerned with the following:

  • Network load

  • Processor overhead

  • Memory use

  • Disk usage

If any one of these server requirements becomes a bottleneck, you will have to adjust your server deployment method and hardware accordingly.

3. Terminal Services Licensing

One of the most important managerial processes in a complex network is making sure you have the right number of licenses—distributed in the right way, at the right time—in your Windows Server 2008 infrastructure. When using Terminal Services, users are required to have Terminal Services client access licenses (TS CALs). Client access licenses are licenses designated to a specific server that enable the authorization of applications through Terminal Services. By default, client access licenses are available free of charge for 120 days. This means that when first installing Terminal Services, you will not have to authorize every single account.

Without Terminal Services, a maximum of two Remote Desktop users may log on to a Windows Server.

3.1. Licensing Types

One of the new features of Windows Server 2008 is a scheme of licensing that was unavailable in Windows Server 2003 or any previous iteration of Terminal Services on the Windows platform. Now, administrators can implement their licenses either per user or per device.


Per device

When using per-device licensing, a device is issued a temporary license the first time it connects. Afterward, when connecting for the second time, the device is issued a permanent CAL.


Per user

When using the new per-user service, Active Directory is queried to see whether an individual user has a CAL. If that user has such a license, the user is allowed to access any device or application requiring Terminal Services in the entire network. Note, however, that this is not enforced by Terminal Services Licensing. Therefore, it is fairly easy to accidentally violate Microsoft's terms of agreement when using this method, which can be bad for your business.

3.2. Licensing Scope

Within Windows Server 2008, administrators have the option of deciding how they want to implement their licensing authentication based on the overall design of their network. One of the options available to administrators pertains to the licensing scope. Licensing scope refers to which users are able to access which server based on their location within the network infrastructure. Within Windows Server 2008, there are three different scope levels:

  • Workgroup

  • Domain

  • Forest

Scope levels allow computers on the same domain, workgroup, or forest to authenticate to their individual licensing server based on their location. Thus, at the workgroup level, computers in the same workgroup will be able to access the licensing server; at the domain level, computers within the same domain can access it, and so forth. In the internal documentation of Windows Server 2008, Microsoft recommends setting the default licensing server scope to Forest because licensing is a fairly lightweight service and because it is helpful to have a centralized place that all computers can access.

Another important point to note about Terminal Services Licensing is that any computer that has Terminal Services Licensing installed will be exempt from scope-level authentication because the computer can validate itself.

Forest-level scope is always recommended, but it requires that a machine be a member of a forest. Similarly, workgroup-level scope is available only if a machine is part of a workgroup.

3.3. Licensing Process for Terminal Services

Just like Dynamic Host Control Protocol (DHCP), the licensing process for Terminal Services uses a unique and definite series of steps to configure itself based on its preferred priority of available information:

  1. Computers in your network will check Group Policy and the Terminal Services configuration tool to see whether there is an available license server integrated within the network. If so, they will prefer that server over any other because of the nature of Group Policy.

  2. A machine will check to see whether it itself is the licensing server and, if so, authenticate itself.

  3. The server will check whether Active Directory has had a licensing server integrated with it. Using Active Directory's discovery methods, it will then choose that licensing server.

  4. If no other server is available, the host will do the next logical thing and query the domain controller.

  5. If no licensing service is found there, the domain controller will return a negative response, and the host will then stand by until otherwise notified.

3.4. Licensing Server Placement

Finally! We're now getting down to something a bit more interesting—server placement. The placement of a Terminal Services server takes a lot of thought. This is what most of your job as an administrator is going to be about. (It is also heavily tested on the exam.) Luckily for you, Microsoft has outlined a set of steps for placing a licensing server that you can follow to ensure the best possible results for your enterprise:

  1. Determine the demand on the licensing server.

    This step involves taking a critical look at your server (or servers) and realizing how much of a load each of them is going to be enduring. Unfortunately, as of this writing, Microsoft has yet to release a predefined set of server requirements based on server load. However, the good news is that Terminal Services Licensing isn't a very demanding role, and thus it probably won't take too much of a load.

    However, if you are running an extremely busy network infrastructure, you can suffice by monitoring the performance of your various components and using capacity tools like Robosrv.exe and Roboclient.exe to find the best solution for your licensing server needs.

  2. Determine the number of servers required.

    Once you've established how many users each server can support, you can divide the total number of users by the number of maximum-supported users and find the number of users you require.

  3. Decide whether the server(s) that host TS Licensing can be shared. Essentially, a server can be shared either between farms or between services. This means if you have multiple farms, you can choose to use one or multiple licensing servers to lessen the burden of the role on other servers and keep them concentrated on the role they're already using. Additionally, you need to decide whether you want your licensing server to be dedicated or instead to host additional Terminal Services servers.

  4. Determine where to place the TS Licensing role in the network. Ideally, the best place to put your licensing server is on a LAN where every computer can easily and quickly access it. However, if your organization is separated by a WAN, you will need to install multiple licensing services at each point of the WAN to alleviate the burden of communicating this information across distances.

  5. Determine the fault tolerance requirements of TS Licensing. A good practice to use whenever you'd like to establish fault tolerance for TS Licensing is to acquire two servers, divide the licenses between each of those servers, and then publish each in Active Directory. This greatly reduces the chances of services being unavailable in case of a failure.

3.5. Terminal Services License Monitoring

When using TS Licensing per-user mode, administrators can monitor licenses that are being propagated through a network via a particular license server. This allows administrators to check for EULA compliance as well as proper usage of particular licenses throughout the enterprise. Windows Server 2008 can also produce a per-user license usage report via the TS Licensing Manager, which is useful if an administrator suspects that some licenses are being used improperly throughout their enterprise.

3.6. Terminal Services Licensing Services Events

A couple of issues tend to come up when using Terminal Services Licensing. You'll want to know the following two event IDs when administering a licensing server:


Event ID 28: "TS Licensing Service is unable to report status to the Service Control Manager"

This event sounds a lot more complicated than it really is. All event ID 28 means is that Terminal Services is unable to connect to the Service Control Manager. More often than not, the best solution for this is to reboot the server and make certain that the TS Licensing role has started.


Event ID 37: "TS Licensing Cannot Start. The following error occurred: %1!s!3"

Fun with cryptic errors! Normally, this event occurs when certain groups are given incorrect permissions. You can resolve this problem by making sure the correct permissions are established. If all else fails and the security is set correctly, rebooting will most likely fix the issue.
Other -----------------
- Exchange Server 2010 : Backup and Recover Exchange Data (part 4) - Recovering Single Items & Using Exchange Native Data Protection
- Exchange Server 2010 : Backup and Recover Exchange Data (part 3) - Database Portability & Recovering a Mailbox within the Deleted Mailbox Retention Period
- Exchange Server 2010 : Backup and Recover Exchange Data (part 2) - Creating an Exchange Server Disaster Recovery Plan
- Exchange Server 2010 : Backup and Recover Exchange Data (part 1) - Using Windows Server Backup
- Planning for Forestwide and Domainwide Upgrades with Server 2008 : Planning for Upgrades in an Existing Forest
- Planning for Forestwide and Domainwide Upgrades with Server 2008 : Cross-forest Authentication
- Exchange Server 2010 : High Availability for Other Exchange Roles (part 2) - Practice: DAGs and Public Folder Replication
- Exchange Server 2010 : High Availability for Other Exchange Roles (part 1)
- Exchange Server 2010 : Highly Available Public Folders
- Exchange Server 2010 : Managing Database Availability Groups (part 2) - Mailbox Database Copies
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server