New Terminal Services Features in Longhorn Server (LHS) Beta 3
Microsoft as added an impressive list of new features to Windows Terminal Services in LHS Beta 3. In this article I'll describe each feature and the problems it addresses. Since this is based on Longhorn Server Beta 3 (build 6001), features in this article are subject to change when LHS is released to manufacturing (RTM).
End User Features
- TS Easy Print – A new XPS Based Universal Printer introduced in LHS Beta 3, for XP SP2, Vista and Longhorn Clients with .Net Framework 3.0 SP1 and Remote Desktop Client 6.1. In previous versions there had to be a Printer Driver Match between the Terminal Server and Remote Desktop Client device for client printers to successfully auto-create. In 2003 SP1 a Group Policy Setting was added to enable a Terminal Server Fallback Printer Driver (PCL or Postscript), but this added only the functionality of this least-common-denominator driver. With the XPS Based TS Easy Print functionality, printing functions are proxied to the client’s local printer driver, so an application can print using the full functionality of the client’s local printer driver.
- Per-Session Default Printer – This feature ensures that different sessions logged on with the same user name retain session specific default printers. In previous versions, if two users were logged onto a Terminal Server with the same name, users changing of their default printer would affect all sessions logged on with the same credentials. This could cause application problems, or even a print-out being sent to the incorrect user’s printer.
- Plug and Play Device Redirection (for Media Players and Digital Cameras) – This feature allows for connection of Windows-based Multimedia Devices based on the Media Transfer Protocol (MTP) or Cameras based on the Picture Transfer Protocol (PTP).
- Microsoft Point of Service for .NET Device Redirection – Installing this service on a Longhorn Terminal Server allows Microsoft POS Applications to interact with a locally connected Microsoft POS for .NET device
- Single Sign-On / Credentials Pass-thru – This feature allows Vista or Longhorn Server domain member clients to log on to Remote Desktop Applications using their domain credentials (password or smart-card token) without being prompted for these credentials by the RemoteApp.
- Enhanced Remote Desktop Display – The 6.x Remote Desktop Clients now support 32 bit color depth, Font Smoothing (ClearType) & Multiple Monitor Spanning up to 4096 x 2048 pixels. This is particularly helpful for computers that ship with a wide-screen (16:9) display larger than 1600x1200 pixels, and applications that require 32 bit color depth, i.e. Medical Imaging (PACS).
- Terminal Services RemoteApp – This feature provides Seamless Windows & Session Sharing functionality to users with Remote Desktop Client 6.x, connecting to a Longhorn Terminal Server. Seamless Windows means that a end user launches a Remote Desktop Application without the explorer.exe shell, or Remote Desktop Client Window Border, so the application looks and acts like a local application. Session sharing means that multiple seamless application launched against the same Terminal Server will connect to the same Terminal Server Session. This is particularly important to reduce Terminal Server Resources, and when applications need to share data
- Terminal Services Session Broker – Formerly known as Terminal Services Session Directory, available only for session reconnect of RDP Clients to 2003 Enterprise Terminal Servers, this service has added support for Windows Server Longhorn Standard Edition and now supports Session Load Balancing. Load Balancing Windows Terminal Servers used to require a 3rd Party Add-on like Citrix Presentation Server, or a somewhat complicated and not very effective Windows Load Balancing Service Configuration. With the new Terminal Services Session Broker, Longhorn Terminal Servers can be effectively load balanced based on:
- Terminal Server Session Count
- Terminal Server Weight
Session Broker provides protection against the “black hole effect”, where a new Terminal Server joining a Farm would start processing all new logon requests, because it has the lowest Session Count. Session Broker prevents this “black hole effect” by limiting each Terminal Server to 8 concurrent logon requests (by default). If a Terminal Server is currently processing 8 logon requests, it would be considered loaded, and new logon requests would be directed to another Terminal Server in the Farm, even if that other server has more total sessions.
Finally, Session Broker offers a “Drain Mode” which can be enabled to redirect new logon requests to another Terminal Server, so the Terminal Server can be rebooted, powered off, or have software installed once the last current session logs off. One could permanently place a Farm Terminal Server in Drain Mode, so this machine would perform a function equivalent to that of a Citrix Zone Data Collector. This machine would not host any RemoteApps, but would be used to redirect logon requests to other Farm Servers in a large Terminal Server Farm.
- Terminal Services Web Access (TS Web Access) - IIS Portal for Delivering RemoteApp Connection information to a client with the Remote Desktop 6.x Client. Unlike the TSWeb provided with XP Pro and Server 2003, this new version allows users to launch multiple, individual RemoteApps in the same session, that look and act like local applications. The LHS TS Web Access works with the standard Remote Desktop 6.x Client, whereas the previous versions required an additional ActiveX component download (the RDP 6.x client ships with the required ActiveX Control).
- Terminal Services Gateway (TS Gateway) – This service provides for RDP over HTTPS, so remote users can securely connect to LHS Terminal Servers on the Private Network using only TCP Port 443. Previously users needed to be able to directly connect to Terminal Servers on TCP Port 3389. This was impractical, because to be able to connect to multiple terminal servers, the administrator either needed one Public IP Address for each Terminal Server on the private network, or they would have to change the default listening port from 3389 to another number, i.e. 3390, 3391… This was difficult to manage, as end users needed to know which port number to use for each Terminal Server. This didn’t always work, because a user may be trying to connect from a secure network where traffic on ports other than 80 or 443 is not allowed. This was not the most secure connection mechanism, as remote users were being allowed to connect directly from a device on an untrusted network, to a Terminal Server on the private network.
With the new TS Gateway, a LHS Server running this service would be deployed in a DMZ, and would proxy RDP connections on behalf of the Terminal Servers on the private network. Often, the TS Web Access would also be deployed in the DMZ.
The TS Gateway in LHS Beta 3 has been enhanced to handle approximately twice as many concurrent sessions as it did in Beta 2 (600 vs. 300).
- Redirect only the default client printer – This is a Group Policy Setting which can be enabled if the administrator does not want any printers other than the client’s default to auto-create.
- Windows System Resource Manager (WSRM) – WSRM was previously only available in Windows Server 2003 Enterprise and Data Center Editions. This tool allows administrators to manage per application, process, and service Memory and CPU Utilization.
- Terminal Services Licensing Service (TSLS) – The TSLS in LHS has been enhanced to allow reporting on Per-User TSCAL Usage, diagnosis of licensing configuration issues and revocation of issued Per-Device TSCALs
- WMI – Longhorn Server offers WMI Classes for Terminal Server Configuration, Licensing, Gateway and Session Broker.
- Bandwidth Allocation – The default Bandwidth Allocation has been changed to dedicate 70% of the available bandwidth to RDP Video Data, and 30% for all other RDP Data, i.e. redirected Client Print Jobs, Audio, File Transfer, Clipboard and COM Port Traffic. This was introduced to help prevent a large print job, or other redirection traffic from saturating the Terminal Server’s Network Connection.
In LHS, these settings are controlled in the registry at the following location:
This DWORD Value of 1 to 255 determines how much of the available bandwidth is allocated to non-display RDP Virtual Channel Data:
This DWORD Value of 1 to 255 determines how much of the available bandwidth is allocated to Display RDP Virtual Channel Data:
This DWORD Value of 1 or 0 determines if RDP Bandwidth Usage is calculated before or after compression:
- Server Authentication – This feature verifies the identity of the Terminal Server Host before the connection is established. This enhanced security feature is only supported by Vista Remote Desktop Clients.
Longhorn Server Beta 3 provides an impressive set of core functionality with features like Seamless Windows RemoteApps, TS Gateway, Session Broker Load Balancer and TS Easy Print Universal Printer Driver. The feature set isn’t enough to make most Citrix customers “jump ship”, but it definitely will be enough to satisfy customers with less complex requirements that used to have to purchase 3rd party utilities just to load balance, provide secure remote access to Windows Terminal Servers or provide a stable, feature-rich printing experience.