Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Terminal Services

Status
Not open for further replies.
kryptor

kryptor

Programmer
Sep 19, 2004
65
GB
Hi all,

I am in the process of looking at renewing our server and client hardware.

I am looking to move all client machines from Windows XP to Windows 7 as long as the hardware is supported, if not then we are looking at purchasing newer equipment which will come with the license anyway.

As part of this I am looking to consolidate our 3 servers into one server. By this I mean running something like Virtual Servers all on one piece of hardware. I also have 2 remote offices that between them have around 60 users, (not all users are logged in at the same time though).

What I am hoping to achieve is to have our head office authenticate all the logons via a VPN, redirect printers back to relevant offices and use folder re-direction to host all profile info centrally at head office.

The intention I had if I go with the TS option is to have the PCs in outer offices as standalones and then logon to a RDP session for the staff and client users back to the head office.

In theory I can see what I want to do and can see it working, however does anyone have any suggestions that may make my life easier with regards to domain logons etc.

Regards,
Dave

If at 1st you don't succeed then I guess your i the right place to ask why! :p
 
Sort by date Sort by votes
Could you clarify..
Why would you need VPN if you utilize Terminal services, along with Gateway services (or RD gateway). With a gateway you have the security of SSL, there would be no problem authenticating/security either as a Workgroup or AD network, local or remote printers/drives could be used. As to virtualization of a terminal server, never done it, as Terminal server utilizes a good deal of resources for itself and for security concerns, all my clients utitilize a stand alone machine for TS and the Gateway services, why not everyone use an RDP session? I gave up on slow, traffic burdened, VPN years ago. Love it compared to VPN access.



........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Hi technome,

Thanks for the response. I have dablled with the RDP sessions previously with our remote office and it worked well. The only thing I am not too sure on without the use of the VPN is the printers. Al of our printers are networkde we have no locals.

The idea of the VPN would be so that I can redirect the printers at logon by using GPO. If there is any other way of doing it then any suggestions are more than welcome. I am not the most up to speed person with regards to Term Services but since we are looking to invest money in the system then I thought this would be a good way to go making everything easier to manage.

The other thing I am looking at is that the machines in outer offices will need to have only an OS but boot into an RDP session. Is this at all possible, or would I need to start RDP each time a staff/client user wishes to login?

Thanks
Dave

If at 1st you don't succeed then I guess your i the right place to ask why! :p
 
Upvote 0 Downvote
With Remote services, your only transfering keyboard/nouse/ video updates, very little traffic. If you have a decent TS server with sufficent ram, depending how many users are on at the same time, the sessions are often faster than being on a local (fast) wks; again all drives/printers , local or remote are accessible, if you allow it.
For RDP you only need the RDP client and basic OS installed, you could set it up to automatically bring up the rdp session, you will still need to have users login to the RDP session on the RDP login screen (with the gateway installed); if it did not have this inforced by the OS/gateway, this would be a major security issue, as in stolen laptops or machines. Personally I would never go back to VPN. Min requirements for a server hosting both RD Gateway and TS on the same machine, fairly fast CPU, 64 bit OS to allow use of >4Gig ram, ram depending upon how many users are on at one time, personal a starting point for me is 8 Gig ram, raid 1 at minimum, fair sized disk size with enough allowance for profile growth.




........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Thanks for coming back to me on this one.

I see you say that local printers are available if allowed. However due to the setup of our offices we have certain printers that we desire only staff to print to and others for our clients to print to, when I say clients I am referring to our customers who attend the training centres for IT training. This would mean I would need to setup the printers locally mapped to an IP on every workstation - am I correct?

I was hoping to achieve this by running either a logon script or a GPO deploy printer setting to force staff/clients to only the needed printer resources.

Mapped drives would not really be an issue as I know these would be set to run over the RDP session anyway.

When we look to upgrade all OS' or PC's I will more than likely be looking to Ghost the setup for our remote offices anyway which will help speed things up and I suppose I could include printer settings as part of this deployment. But as I say I need to be able to select certain printers for certain machines.

I am fairly confident with the RDP setup it is just the printer issue I don't thikn I can get my head around.

Is there any other suggestion that may make my life easier with this?

Thanks
Dave

If at 1st you don't succeed then I guess your i the right place to ask why! :p
 
Upvote 0 Downvote
This would mean I would need to setup the printers locally mapped to an IP on every workstation - am I correct?"

Have not needed to delagate rights to printer very often, but you could create groups, with the right to use particular printers, you would not need to locally mapped printers to IP, if they are previously setup on the network, they are available. I would not recommend using the 'all in one" cheapy printers, they always cause problems. As with any printer driver, possibly you may not have all features, under all circumstances, I had no complaints so far. As to GPO use, I do not use them extensively to control printers, as in small businesses I do not need them to a great degree, so GPO use is up to you.
Be aware, if you use the TS/Gateway setup, there is a learning curve, and it will take time to get it working as you want, so if you are presently using VPN, keep it in place for awhile. TS Gateway, can be a bit threating to setup until you get past the SSL part, and TS Gateway has a bug which MS has not fixed whereby changes which allow access are not immediately accepted (tricky) (snagged me, wasted a few days). You might count on a service call to the TS team at MS, approx $240, with a general question, like "how do I get this to work", early in the process. If you call DO NOT ask a specific question, or you will not get support start to finish. It is worth the $240, if you have not done it before. You should use the RD Gateway part as this provides real encrypted security, standard RPD with port 3389 does not.



........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Thanks for the info technome, I shall look into this a little more and then when we are ready I think I will take the dive and go down the TS route :)

I'll keep in mind the MS questions and if needs be then give them a call and ask.....but only if I need to. Google is everyones friend (normally has the answers to everything if worded correctly - or even on here most people have an answer that helps!!)

If I have any questions would you mind if I fire them your way?

Thanks
Dave

If at 1st you don't succeed then I guess your i the right place to ask why! :p
 
Upvote 0 Downvote
"Google is everyones friend (normally has the answers to everything if worded correctly - or even on here most people have an answer that helps!!)"
Yes, Google is your friend as are forums, but Terminal server/Gateway is not the most utilized, so the finer details (like the bugs) do not show up on searches, thats why a call to MS is something to keep in mind.
If you go with TS/Gateway, you will need a day of research on Google.

Fire away with questions

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Thanks technome for the help. Ill be sure to fire any questions on here if im stuck with anything.

Dave

If at 1st you don't succeed then I guess your i the right place to ask why! :p
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
257
Aquiles Vidal
Aquiles Vidal
DrB0b
  • Locked
  • Question
Terminal Server issues doing anything network related after RDPing into
Replies
3
Views
132
DrB0b
DrB0b
UnpluggedFE
  • Locked
  • Question
Terminal Server Farm Desktop Shortcuts
Replies
1
Views
75
gbaughma
gbaughma
AndyH1
  • Locked
  • Question
Login and Reporting Services and sessions issue
Replies
0
Views
54
AndyH1
AndyH1
dduuhh
  • Locked
  • Question
Server 2012 R2 Terminal Server
Replies
0
Views
53
dduuhh
dduuhh

Part and Inventory Search

Sponsor

Back
Top