With the release of Windows
Server 2008 R2, Terminal Services has been renamed Remote Desktop
Services. If you have experience administering Terminal server in
previous operating systems, you should be aware of the new Windows
Server 2008 R2 names of various Terminal Server technologies. Table 1 lists the old versus new name for common Remote Desktop Services and admin tools.
Table 1. Common Remote Desktop Services and Admin Tools
| Windows Server 2008 and Prior Name | Windows Server 2008 R2 Name |
|---|
| Terminal Services | Remote Desktop Services |
| Terminal Services Manager | Remote Desktop Services Manager |
| Terminal Server | Remote Desktop Session Host |
| Terminal Services Configuration | Remote Desktop Session Host Configuration |
| Terminal Services Licensing | Remote Desktop Licensing |
| Terminal Services Licensing Manager | Remote Desktop Licensing Manager |
| Terminal Services Gateway | Remote Desktop Gateway |
| Terminal Services Gateway Manager | Remote Desktop Gateway Manager |
| Terminal Services Session Broker | Remote Desktop Connection Broker |
| Terminal Services RemoteApp Manager | RemoteApp Manager |
| Terminal Services Web Access | Remote Desktop Web Access |
Along with a new name,
Microsoft has also added several new features to further enhance Remote
Desktop Services. In this section, we will explore some of the feature
changes to the various components of Remote Desktop Services.
Remote Desktop Session Host
The Remote Desktop Session
Host role includes several new features to provide a better
administrative experience as well as increased security for Remote
Desktop Services deployments. Changes to Remote Desktop Session Host
include:
Client Experience Configuration
—You can now centrally manage Remote Desktop audio/video redirection
and Windows Aero interface options for Remote Desktop clients. These
client experience features can be configured when adding the Remote
Desktop Session host role.
Roaming User Profile Cache Management
—Larger Remote Desktop Services deployments may have hundreds or even
thousands of users logging into Remote Desktop Servers. It is common to
see cached copies of profiles using a lot of storage space on Remote
Desktop Servers. To help control the disk space usage of cached
profiles, a GPO can be applied to Remote Desktop Servers placing a quota
on the amount
of disk space that can be used by cached profiles. If the quota is
reached, the server will delete the profiles of users with the oldest
last logon until the profile cache falls below the quota.
Remote Desktop IP Virtualization
—Remote Desktop IP Virtualization allows administrators to create a
pool of IP addresses allowing each remote desktop session to have a
unique IP address. This feature is useful for applications that may
require each instance to have a unique IP or when troubleshooting and
you need to track the IP of a particular session on a remote desktop
server.
Enhanced CPU Scheduling
—Remote Desktop Services now includes a processor scheduling feature
known as Fair Share Scheduling. This feature distributes CPU resources
evenly across each Remote Desktop Session ensuring that one user session
does not impact the performance of another user session. This
scheduling is done automatically by the remote desktop server and does
not require configuration.
Remote Desktop Virtualization Host
The Remote Desktop
Virtualization Host is a new role included with Windows Server 2008 R2
Remote Desktop Services and provides a fully featured Virtual Desktop
Infrastructure (VDI) solution for Windows. Remote Desktop Virtualization
Host services allow administrators to set up pools of Hyper-V VMs that
can be logged onto by users. Users can be assigned unique machines or
assigned the next available machine in the pool. This gives users fully
featured desktop computers accessible via a remote connection.
RemoteApp and desktop connection
Windows Server 2008 R2
further extends the features of RemoteApp to VDI-based virtual desktops.
Windows Server 2008 R1 allows administrators to use RemoteApp to make
access to Terminal Services-based applications seamless to end users.
Users can launch an application shortcut from their local computer or
terminal, and that application appears to launch locally instead of
displaying a remote desktop session to the terminal server.
Windows Server 2008
R2, in conjunction with Windows 7, publishes available RemoteApp
applications and Desktop Virtualization Host-based VMs to the Start Menu
of Windows 7 clients. This allows end users to easily access
applications and virtual desktops they have access to by simply opening
them from the Start Menu on their local computer.
Remote Desktop Connection Broker
The
Remote Desktop Connection Broker in Windows Server 2008 R2 now extends
the broker capabilities to virtual desktops in a Remote Desktop
Virtualization Host. As with previous versions of the sessions broker,
the Remote Desktop Connection Broker provides load balancing and ensures
that users reconnect to existing sessions after a disconnect. The
Remote Desktop Connection Broker connects users to the new RemoteApp and
Desktop Connection feature.
Remote Desktop Gateway
The Remote Desktop
Gateway feature includes several new enhancements over the previous
Terminal Services Gateway. The new Remote Desktop Gateway includes the
following new features:
Gateway level idle and session timeouts
Logon and system messages
Pluggable authentication
Network Access Protection (NAP) remediation
Gateway level idle and session timeouts
This feature allows
administrators to configure idle and session timeouts on the gateway
itself. By setting these timeouts, administrators can ensure that unused
sessions are disconnected and active users are forced to periodically
reconnect.
Logon and system messages
Administrators can now
configure special message windows to be displayed to users when
connecting to a Remote Desktop Services Gateway. System messages can be
used to provide active users with important notifications such as
information regarding system outages. The Logon message can be used to
provide users with important notifications every time they logon. These
can be useful to advertise new applications or services available via
the gateway.
Pluggable authentication
Pluggable authentication
allows developers to write custom authentication modules for Remote
Desktop Gateways. This can be used to further enhance Remote Desktop
Gateway services by providing such features as Two-Token authentication.
Network Access Protection Remediation
NAP Remediation
features allow computers connecting via a Remote Desktop Gateway
remediate any noncompliant security settings prior to connecting
to the network. This ensures that even computers connecting via Remote
Desktop Gateways comply with corporate NAP policies.
Remote Desktop Web Access
Remote Desktop Web
Access was first introduced in Windows Server 2008 R1 as Terminal Server
Web Access providing users with a portal to view and connect to
available RemoteApp-based applications within a Web browser. The new
Remote Desktop Web Access feature includes the following enhancements
over Terminal Service Web Access:
Security trimmed RemoteApp filtering
Forms-based authentication (FBA)
Public and private computer options
Single sign-on
Security trimmed RemoteApp filtering
Windows Server 2008 R1
Terminal Services Web Access displays any RemoteApp Web applications
available on the system to all end users. This allows users to see
RemoteApps even if they do not have access to them. Windows Server 2008
R2 Remote Desktop Web Access now security trims the interface so that
users only see RemoteApp shortcuts they have access to.
Forms-based authentication
Remote Desktop Web access
now offers the ability to provide FBA. This provides a more
user-friendly logon page that users may be used to from other
applications such as Outlook Web Access (OWA) in Microsoft Exchange.
Public and private computer options
Users can now specify what
type of computer they are connecting from when logging into Remote
Desktop Web Access. This provides more strict security settings when
logging in from a public computer such as a kiosk.
Single sign-on
When using Terminal Server Web
Access in Windows Server 2008 R1, users were prompted twice to logon to
RemoteApps via the Web interface. They would be prompted once to access
the Web access server and a second time when launching the application.
Remote Desktop Web Access provides single sign-on so that users only
need to initially logon to the Web access site. Credentials are then
passed to the RemoteApp automatically.
Remote Desktop client experience
Several
new features have been added to further enhance the Remote Desktop
experience for Windows 7 client computers. Windows 7 clients connecting
to a Windows Server 2008 R2 server gain these additional features:
Multiple Monitor Support
—Remote Desktop Services now support multiple monitors for Windows 7
clients. This allows RemoteApps to take advantage of multiple monitors
in the same manner as if they were running as applications on the local
computer.
A/V Playback
—Remote Desktop Services now redirects Windows Media Player-based A/V
content to the client computer where it is played locally using that
client computer’s memory and CPU to view the content locally.
Windows 7 Aero —Remote Desktop Sessions support Windows 7 Aero features when the connecting client is a Windows 7 computer.
Remote Desktop Services PowerShell module and Best Practices Analyzer
Remote Desktop Services
now comes with more management features and options, including a
PowerShell module and BPA. Using PowerShell, administrators can perform
most Remote Desktop Services administration via a PowerShell command
prompt.
The
BPA helps administrators verify whether their Remote Desktop Services
configuration is following best practices and that there are no
misconfigurations that could negatively impact the deployment.
