by June 30, 2004 0 comments



There are several ways that clients can boot off a Windows 2000/2003 Terminal server. One is to have your existing Windows users access it from your LAN. Another method, which we covered last month (Remote Booting
PCQLinux 2004, page 128) is using diskless nodes. A third method is that clients can access the Terminal server through a Web browser. We’ll talk about how it can be set up in this article. This setup is useful if you have a lot of mobile users, who need to access their desktops from a different geographical location. It can also be useful for network administrators who want to be able to manage and troubleshoot their networks remotely. 

Direct
Hit!
Applies
to:
System administrators
USP:
Access your network from a Web browser
Links:
www.microsoft.com/windows
xp/downloads/tools/rdwebconn.mspx 

The first thing required for this setup is the MS IIS Web server and Terminal services to be up and running. Then install the software called Tswebsetup.exe, which you’ll find in the Windows SP1 CD under VALUEADD\ECP folder. If you don’t have this CD, then you can download the file from http://microsoft.com/ windowsxp/downloads/tools/rdwebconn.mspx. The software is the Web-based Windows Terminal server plug-in for IIS. Once the installation is done, you’ll need to reboot the Win 2000 machine. This makes the Terminal server available through a Web browser. You can access it by going to http://<your domain name or IP
address/TSWeb>. 

A Terminal
services’ client running through a Web browser

While the basic service is easy to set up and use, there are other issues to resolve while trying to deploy it, two key issues being bandwidth and security. Even though Terminal services are not very bandwidth intensive, plan out how much is needed for the clients to connect properly. In case of security, if anybody manages to log in to the server as administrator then he would have your entire network at his mercy. So, this should be placed in the DMZ of your firewall, along with the rest of your Web and e-mail servers. Then, open port number 3389 on your firewall, as that’s what this service uses. 

Next, the Terminal services also have some security features, which need to be enabled. Go to
Start>Programs>Administrative Tools and open ‘Terminal Service Configuration’. From the left panel of the management console that opens, select connections. In the right pane of the window, you’ll find RDP-TCP (the protocol used to connect Terminal services). Right click and select its properties, and you’ll be able to define the encryption level of the communication between the remote clients and the Terminal server. You can choose high (128-bit), medium (56-bit) or low (40-bit) encryption levels. You can even restrict the number of client sessions from the RDP-TCP property sheet. Select ‘Network Adaptor’ and set maximum connections as per your requirement.

Sanjay Majumder

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

<