by May 11, 2002 0 comments

Windows has traditionally been a single-user OS. Only a single user can log on and work at a time. If another person wishes to use the same system, the first user has to close all open programs and log off, before the second user can use the computer. Even the relatively advanced and more powerful versions like Win NT and 2000 did not have any way for two users to be logged on simultaneously. 

However, when Windows NT Terminal Services became available, it let users connect to a single computer and use its resources using thin-client technology. Thin-clients allow remote computers to connect to a server and function as if logged in on that machine itself. 

Win XP is the first Windows OS to have terminal services built-in and used for various useful tasks. Windows 2000 Server does have an option for Terminal Services, but only as an optional install and is a standalone service.

The Remote tab on the System control panel lets you enable or disable both Remote desktop and Remote assistance, as well as make other settings for themWin XP uses Terminal Services in three major features–Remote desktop connection, Remote assistance and FUS (Fast User Switching). 

Remote desktop connection
This allows a remote user to connect to the local computer over a network. To set up Remote desktop for a Win XP computer, you have to:

  • Login as administrator or a user in the administrator’s group
  • Go to the System Applet in Control Panel
  • Select the Remote tab
  • Turn the ‘Allow users to connect remotely to this computer’ on
  • Click the ‘Select Remote Users…’ 
  • Use the new dialog box to add or remove users who are allowed to connect remotely

To set up another computer to connect to this computer, insert the Win XP CD-ROM on that machine and select the ‘Perform Additional Tasks’ in the application that pops up. Here, use the ‘Set up Remote Desktop Connection’ option. Your computer must be running Win 9x/Me/NT/2000 for this software to be installed.

Once the program is installed, run it and type in the name or IP address of the remote computer. You may need to set options like show wallpaper or colors to also be visible in the connection. You can easily set these by selecting the type of connection you are using–LAN or modem. If you login successfully, the desktop of the Win XP computer is shown, and you can then perform all tasks you wish on this computer. 

The Logon loader program allows you to browse alternate downloaded Login screens and apply them if you like them. This one shows a logon screen that resembles the login screen on computer terminals on the TV’s Star Trek Starship EnterpriseSo what can you do with Remote desktop? Imagine being able to connect to your home computer from work and work computer from home and access your desktop and running applications exactly the way you left them. You could resume downloading your MP3 collection at home through your cable modem from work, or complete your important business presentation at your office desktop from home. While this may sound quite exciting, it raises some important questions about its actual usability. Most home users in India only have a dial-up connection to the Net, which makes it nearly impossible for office to home connectivity, given the dynamic IP address assignment, and slow connect speeds. Even for the fortunate few having cable modem connections, it may not work as most cable Internet providers do not provide a static IP address, but use NAT. In this case, ask your cable modem operator whether he allows inbound NAT too, which is required for this to work. 

On corporate networks, firewalls would restrict inbound connections to machines within the network. In this scenario, you’d need to contact your system administrator and request inbound access depending on how the network at your place is setup. Once this is done, you can use your dial-up connection from home to connect to your office machine. Another scenario in which a home-to-office connection is possible is if your office network allows VPNs. Then simply make a VPN connection to your office and then use Remote desktop through the VPN to connect to your office desktop.

Remote assistance
Remote assistance works the same way as Remote desktop, with a few differences. Remote desktop is available only for users having a local system account, and are members of the Admin or Remote desktop users group. Remote assistance, on the other hand, does not have a list of users that can connect to it. Invitations have to be explicitly sent to these people by users on the local system. These invitations must be accepted and executed by the receiving party to be able to connect to the system. The inviter can even specify additional options like the amount of remote access that is given, and the period of time for which the invitation is valid. The invitation can be sent over the LAN or as an e-mail in XML format that opens the Remote assistance program on the remote user’s machine. Connecting to the local system is exactly the same as in the Remote desktop method. 

Where would you use such a feature? Suppose there’s a technical problem with your computer that you are unable to solve. You could send an invitation to someone on your technical support or even to a friend. They can connect from their computer and guide you in solving the problem or even solve it for you if they have the rights to do so. In a corporate setup, this makes for much more efficient troubleshooting as the support personnel do not have to run around the building solving small problems. Instead, they can rectify problems sitting at their own machines and connecting remotely to the users’ machines.

Fast user switching
The most intuitive feature that is enabled using Terminal Services is FUS. This allows multiple users to login to the same machine and keep each ones settings and running programs intact. FUS is enabled or disabled from the ‘Change the way users log on or off’ User Accounts applet in the Control Panel. FUS has a couple of other requirements–the machine must not be part of a domain and must have more than 64 MB RAM. 

A Remote desktop connection over a LAN. The client is running on a Win 2000 machine and connects to a Win XP notebook computerA lot of things happen when a Win XP machine with the above criteria boots up. First, a part of the Windows OS called WinLogon starts what’s called a Secure Desktop. This doesn’t allow any other program to run except the WinLogon graphical login interface (LogonUI.EXE), and lists the users that are registered on the system and allows the current user to enter the password. Once this is done, this information is used by the WinLogon service to authenticate the user. The MS Graphical Identification and Authentication program (MSGINA.DLL) returns the authentication token and profile information. WinLogon then checks the list of users who are currently logged on. If this user is not on the list, a new Terminal Service thread is created (although it is not explicitly stated as Terminal Services anywhere). The profile information from WinLogon is then transferred to this thread, which is then responsible for creating the desktop, user shell, etc.

This user can start new programs, connect to the Net, etc. He can also use the Switch user function to return to the Welcome screen. Here, the above process can repeat in case someone else wants to login. The current user’s settings as well as applications continue to run. The desktop is switched to the new user but the old one continues to run and be active, but is hidden from view. 

When a user finally logs off, the thread associated with his login is cleaned up and freed. Other logged in users can continue to use the system. 

Thus Terminal services is an integral part of Win XP right from the point where you login to allowing you and others to remotely manage your computer. So make sure you enable and use the features that it provides for greater efficiency and productivity. 

Vinod Unny is a Technology Consultant at Enterprise InfoTech

Jazz it up

Tired of the same old boring login screen that you see  everyday?

Want a little more jazz when logging into work early in the morning? You can change the welcome screen to almost anything you want with a simple process. Using a program like Logon Loader, you can select among many downloadable alternate login interfaces and apply them. You can immediately see the result of this action by either logging off or switching users to reach the welcome screen. 

This task is accomplished by replacing the default LogonUI.EXE file with one that contains different bitmaps for the various parts of the welcome screen. There are a lot of login screens available for download on the Web from themes ranging from your favorite pop icon to beautifully rendered vistas.

If you have an artistic and technical inclination, you can even roll your own logons yourself. However, the detailed description of this process is beyond the scope of this article. 

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.