www.it-ebooks.info PUBLISHED BY M crosoft Press A D v s on of M crosoft Corporat on One M crosoft Way Redmond, Wash ngton 98052-6399 Copyr ght © 2010 by Chr sta Anderson A r ghts reserved No part of the contents of th s book may be reproduced or transm tted n any form or by any means w thout the wr tten perm ss on of the pub sher L brary of Congress Contro Number 2010934986 Pr nted and bound n the Un ted States of Amer ca M crosoft Press books are ava ab e through bookse ers and d str butors wor dw de For further nfor­ at on m about nternat ona ed t ons, contact your oca M crosoft Corporat on off ce or contact M crosoft Press Internat ona d rect y at fax (425) 936-7329 V s t our Web s te at www m crosoft com/mspress Send comments to ms nput@m crosoft com M crosoft and the trademarks sted at http //www m crosoft com/about/ ega /en/us/Inte ectua Property/ Trademarks/EN-US aspx are trademarks of the M crosoft group of compan es A other marks are property of the r respect ve owners The examp e compan es, organ zat ons, products, doma n names, e-ma addresses, ogos, peop e, p aces, and events dep cted here n are fict t ous No assoc at on w th any rea company, organ zat on, product, doma n name, e-ma address, ogo, person, p ace, or event s ntended or shou d be nferred Th s book expresses the author’s v ews and op n ons The nformat on conta ned n th s book s prov ded w thout any express, statutory, or mp ed warrant es Ne ther the authors, M crosoft Corporat on, nor ts rese ers, or d str butors w be he d ab e for any damages caused or a eged to be caused e ther d rect y or nd rect y by th s book Acquisitions Editor: Mart n De Re Developmental Editor: Karen Sza Project Editor: Va er e Woo ey and Megan Sm th-Creed Editorial Production: Custom Ed tor a Product ons, Inc Technical Reviewer: A ex Jusch n; Techn ca Rev ew serv ces prov ded by Content Master, a member of CM Group, Ltd Cover: Cover Des gn Tom Draper Des gn; I ustrat on Todd Daman Body Part No X17-21601 www.it-ebooks.info I dedicate this book to my family, who has always been supportive, always pushes me to my very best I can do, and always has a “Go team!” waiting when I really need one —Chr sta I dedicate this book to Elizabeth Nelson Lyda and Michael B Smith for taking me under your wing back in the day, and for always believing in me You were great mentors and are great friends —Kr st n www.it-ebooks.info www.it-ebooks.info Contents at a Glance Acknowledgments Introduction xv xvii CHAPTER Introducing Remote Desktop Services CHAPTER Key Architectural Concepts for Remote Desktop Services 39 CHAPTER Deploying a Single Remote Desktop Session Host Server 117 CHAPTER Deploying a Single Remote Desktop Virtualization Host Server 175 CHAPTER Managing User Data in a Remote Desktop Services Deployment 225 CHAPTER Customizing the User Experience 291 CHAPTER Molding and Securing the User Environment 363 CHAPTER Securing Remote Desktop Protocol Connections 401 CHAPTER Multi-Server Deployments 423 CHAPTER 10 Making Remote Desktop Services Available from the Internet 507 CHAPTER 11 Managing Remote Desktop Sessions 589 CHAPTER 12 Licensing Remote Desktop Services 643 Index 677 www.it-ebooks.info www.it-ebooks.info Contents Acknowledgments Introduction Chapter xv xvii Introducing Remote Desktop Services Where D d RDS Come From? C tr x Mu t W n W ndows NT, Term na Server Ed t on W ndows 2000 Server W ndows Server 2003 W ndows Server 2008 W ndows Server 2008 R2 and RDS The Evo v ng Remote C ent Access Exper ence What Can You Do w th RDS? mproved Secur ty for Remote Users Prov s on ng New Users Rap d y Enab ng Remote Work Br ng ng W ndows to PC Unfr end y Env ronments 10 Bus ness Cont nu ty and D saster Recovery 11 Support ng Green Comput ng 11 mproved Command L ne Support 12 RDS for W ndows Server 2008 R2: New Features 12 The Chang ng Character of RD Sess on Host Usage 13 New RDS Techno ogy n W ndows Server 2008 R2 19 RDS Ro es n W ndows Server 2008 R2 24 How Other Serv ces Support RDS 32 The C ent Connect on 33 Host ng VMs 34 Authent cat ng Servers w th Cert ficates 34 Enab ng WAN Access and D sp ay ng Remote Resources 34 Updat ng User and Computer Sett ngs 35 Funct ona ty for RDS Scr pters and Deve opers 35 Summary 35 Add t ona Resources 36 What you think of this book? We want to hear from you! M crosoft s nterested n hear ng your feedback so we can cont nua y mprove our books and earn ng resources for you To part c pate n a br ef on ne survey, p ease v s t: microsoft.com/learning/booksurvey vii www.it-ebooks.info Chapter Key Architectural Concepts for Remote Desktop Services 39 Know Your App cat on De very System 40 RD Sess on Host Servers 40 RD V rtua zat on Host Servers 40 Re evant W ndows Server 2008 R2 nterna s 41 W ndows Server 2008 R2 s 64 B t On y 41 How Does an RD Sess on Host Server Do e Out Processor Cyc es? 43 How Do RD Sess on Host Servers Use Memory More Effic ent y? 45 How Does D sk Affect App cat on De very? 56 How Does V rtua zat on Affect Resource Usage? 59 Determ n ng System Requ rements for RD Sess on Host Servers 66 Des gn ng a L ve Test 69 Execut ng the Tests 70 Us ng the RD Load S mu at on Too 77 An A ternat ve to Fu Test ng: Extrapo at on 91 Other S z ng Quest ons 95 Support ng C ent Use Profi es 99 C ent Hardware: PC or Th n C ent? 99 What s the Best L cense Mode ? 100 What App cat ons Can Run on an RD Sess on Host Server? 101 What Vers on of Remote Desktop Connect on Do Need? 109 What Ro e Serv ces Do Need to Support My Bus ness? 114 Summary 114 Add t ona Resources 115 Chapter Deploying a Single Remote Desktop Session Host Server 117 How RD Sess on Host Servers Work 117 Serv ces Support ng RD Sess on Host 117 Creat ng and Support ng a Sess on 119 nsta ng an RD Sess on Host Server 134 nsta ng an RD Sess on Host Server Us ng the Adm n strat ve Too s nterface 134 nsta ng an RD Sess on Host Server from the Command L ne 142 Essent a RD Sess on Host Configurat on 144 A ocat ng Processor T me 145 Enab ng P ug and P ay Red rect on w th the Desktop Exper ence 150 Adjust ng Server Sett ngs w th Remote Desktop Configurat on 150 nsta ng App cat ons on an RD Sess on Host Server 164 Wh ch App cat ons W Work? 165 Stor ng App cat on Spec fic Data 168 Avo d ng Overwr t ng User Profi e Data 170 Popu at ng the Shadow Key 171 viii Contents www.it-ebooks.info Summary 174 Add t ona Resources 174 Chapter Deploying a Single Remote Desktop Virtualization Host Server 175 What s VD ? 175 How M crosoft VD Works 178 The Centra Ro e of the RD Connect on Broker 179 D scover ng a VM 181 Broker ng a Connect on 182 Orchestrat ng a VM 184 Connect ng to a VM Poo 185 Connect ng to a D sconnected Sess on 186 Ro ng Back a VM 186 Connect ng to a Persona Desktop 187 nsta ng Support ng Ro es for VD 188 nsta ng the RD V rtua zat on Host 190 nsta ng RD V rtua zat on Host Ro e Serv ce v a W ndows PowerShe 192 nsta ng RD Connect on Broker 193 Configur ng RD Web Access 195 Configur ng the RD Connect on Broker Server 197 Sett ng Up VMs 203 Creat ng Poo s 209 Ass gn ng Persona Desktops 212 Configur ng Persona and Poo ed VM Propert es 216 Us ng RemoteApp for Hyper V for App cat on Compat b ty 218 Configur ng RemoteApp on Hyper V 220 Can You Use RemoteApp for Hyper V Without RDS? 222 Summary 224 Add t ona Resources 224 Chapter Managing User Data in a Remote Desktop Services Deployment 225 How Profi es Work 226 Types of Profi es 227 How Profi es Are Created 228 Profi e Contents Externa to the Reg stry 233 Stor ng Profi es 239 Prov d ng a Cons stent Env ronment 241 Des gn Gu de nes for User Profi es 242 Ba ance F ex b ty and Lockdown 243 Use Fo der Red rect on 244 Compartmenta ze When Necessary 244 Prevent Users from Los ng F es on the Desktop 245 Up oad Profi e Reg stry Sett ngs n the Background 246 Contents www.it-ebooks.info ix Speed Up Logons 246 Dep oy ng Roam ng Profi es w th Remote Desktop Serv ces 248 Creat ng a New Roam ng Profi e 248 Convert ng an Ex st ng Loca Profi e to a Roam ng Profi e 254 Custom z ng a Defau t Profi e 255 Us ng Group Po cy to Manage Roam ng Profi es 257 Us ng Group Po cy to Define the Roam ng Profi e Share 267 Speed ng Up Logons 268 Centra z ng Persona Data w th Fo der Red rect on 275 Shar ng Persona Fo ders Between Loca and Remote Env ronments 278 Shar ng Fo ders Between W ndows Server 2003 and W ndows Server 2008 R2 Roam ng Profi es 279 Sett ng Standards w th Mandatory Profi es 281 Convert ng Ex st ng Roam ng Profi es to Mandatory Profi es 283 Creat ng a S ng e Mandatory Profi e 284 Creat ng a Safe Read On y Desktop 286 Decrease Logon T mes w th Loca Mandatory Profi es 286 Profi e and Fo der Red rect on Troub eshoot ng T ps 287 Summary 288 Add t ona Resources 289 CHAPTER Customizing the User Experience 291 How Remot ng Works 291 What Defines the Remote C ent Exper ence? 293 The Foundat on of RDP: V rtua Channe s and PDUs 296 Bas c Graph cs Remot ng 299 Advanced Graph cs Remot ng 305 Mov ng the C ent Exper ence to the Remote Sess on 307 Wh ch C ent Dev ces Can You Add to the Remote Sess on? 307 Pros and Cons of Red rect ng Resources 313 Dev ce and F e System Red rect on 314 P ay ng Aud o 326 How the RDC Vers on Affects the User Exper ence or Doesn t 330 Pr nt ng w th RDP 334 Pr nt ng to a D rect y Connected Pr nter 335 Pr nt ng v a Red rected Pr nters 337 Pr nt ng from Remote Desktop Serv ces 344 When You Cannot Use RD Easy Pr nt 350 Contro ng Pr nter Red rect on 354 Troub eshoot ng Pr nt ng ssues 358 Summary 359 Add t ona Resources 360 Chapter Molding and Securing the User Environment 363 Lock ng Down the Server 364 x Contents www.it-ebooks.info Performance Monitor secur ty and, 282 sett ng standards, 281 MDOP (M crosoft Desktop Opt m zat on Pack), 647 memory ch d part t ons and, 61–62 RD Sess on Host requ rements, 67 shar ng, 54–56 thrash ng and, 54 v rtua address space, 45–46 memory manager, 48, 54 M crosoft RemoteFX, 301 M crosoft Term na Serv ces See Term na Serv ces M crosoft W ndows Insta er, 13 mon tor spann ng, 21 mon tor ng app cat ons, 603–604 connect ons w th RD Gateway, 534–537 sess ons, 605–610 MPPC (M crosoft Po nt-to-Po nt Compress on), 304 MSI fi es, d str but ng, 476–477 MTP (Med a Transfer Protoco ), 325 mu t med a, 22, 328–329 mu t -mon tor remot ng, 21, 292, 428–431 mu t p e user profi es, 241 N NAP (Network Access Protect on) funct ona ty, 31 RD Gateway and, 554–573 troub eshoot ng, 575–576 NATs (Network Address Trans ators), 30 network defau t profi es, 256 network requ rements, 68 network shares, roam ng profi es, 248 NIST (Nat ona Inst tute of Standards and Techno ogy), 409 NLA (Network Leve Authent cat on) authent cat ng c ent dent ty, 415–416 configur ng, 418 DoS and, 136 enab ng Remote Desktop, 204 ogon process and, 124 NLB (Network Load Ba anc ng) choos ng affin ty sett ngs, 540 d str but ng connect ons, 432 funct ona ty, 441–445 RD Gateway support, 537–541 RR DNS compar son, 433 NLB Manager, 441 non-paged poo , 53 NPS (Network Po cy Server), 509, 545–553 NSCodec, 303 NTDLL d , 169 NTUSER DAT fi e, 226, 239 NTUSER MAN fi e, 226 O orchestrat on, 179, 184 orphaned sess ons, 608–610 OUs (organ zat ona un ts), 259 outsourc ng, 19 P PAEs (Phys ca Address Extens ons), 41 page fi es, 52–53 page tab es, 49 parent part t ons, 61 PDUs (protoco data un ts), 299 performance app cat on ssues, 167 d sk, 56–59 tun ng for RDP, 304 VM cons derat ons, 65 Performance Mon tor best pract ces, 72 co ect ng data, 71–75 configur ng, 88 rev ew ng data, 75–77 rev ew ng report, 90 start ng, 88 stopp ng, 90 681 www.it-ebooks.info peripheral media tak ng base ne capture, 88 per phera med a, restr ct ng access, 372 perm ss ons configur ng, 206–208 RD Web Access, 496 roam ng profi es, 248 phys ca memory, 45, 48–52 PIDs, 43 p acement, defined, 179 P ug and P ay, 150, 322–325 poo ed desktops, 14 poo ed VMs configur ng propert es, 216–218 connect ng to, 185–186, 215 creat ng, 209–211 dep oy ng, 212 fo der red rect on and, 237 organ z ng nto OUs, 259 ro ng back, 208, 243 troub eshoot ng connect ons, 223 user profi es and, 251 Pr nter Dr ver Iso at on feature, 356–358 pr nt ng from RDS, 344–350 mapp ng dr ver names, 352–354 pr nter red rect on, 321, 337–344, 354–358, 366 restr ct ng dr ver nsta at on, 368 to d rect y connected pr nters, 335–337 troub eshoot ng ssues, 358–359 processes defined, 43 dent fy ng, 129 mage names and, 43 key system, 125 st ng on servers, 636 mon tor ng and term nat ng, 602–605 PIDs and, 43 support ng W ndows env ronment, 128 processor cyc es/t me a ocat ng, 145–162 ch d part t ons and, 61 HTTPS-HTTP br dg ng, 527 overv ew, 43–44 RD Sess on Host and, 68 profi e cach ng manag ng, 270–275 profi e b oat and, 269 roam ng profi es and, 247 speed ng up ogons and, 231, 246 profi es See user profi es PTE (page tab e entry), 49 PTP (P cture Transfer Protoco ), 325 pub c computers, 10, 17 pub sh ng nfrastructure cons derat ons, 178 v a RemoteApp Manager, 454–475 Q query process command, 636 query sess on command, 632 quest, defined, 179 R RADIUS errors, 573 RAID d sks, 58–59 RD CAPs choos ng NPS store, 525 creat ng, 516–518 stor ng, 509, 545–553 RD Connect on Broker centra ro e, 179 configur ng, 197–203 funct ona ty, 18, 27–29, 182–184 mport ng VM farms, 602 nsta ng, 193–194 RD Sess on Host and, 440–447 RD Web Access and, 485 RDS support, 24 rout ng speed, 438 server farms and, 433–439 s z ng cons derat ons, 96 RD Gateway aud t ng events, 526 bypass ng for nterna connect ons, 533 682 www.it-ebooks.info RD Virtualization Host configur ng sett ngs, 458, 521–537 forc ng RDC connect ons, 494 funct ona ty, 16, 29–31, 507–512 IIS requ rements, 34 nsta ng, 512–521 ma nta n ng dent ca sett ngs, 543–554 messag ng support, 528–530 mon tor ng connect ons, 534–537 NAP support, 554–573 NLB support, 537–541 p ac ng, 576–585 RDS support, 24 requ rements, 510–512 server farms and, 510, 530–532 s z ng cons derat ons, 96 sp t SSL connect ons, 542 SSL br dg ng and, 526 troub eshoot ng connect ons, 573–576 tun ng propert es, 522–530 RD Gateway Manager, 31, 516, 534 RD Load S mu at on Too (RDLST) configur ng test parameters, 81–87 creat ng test accounts, 80 creat ng USER ACTIVITY scr pt, 81 funct ona ty, 77–79 nsta ng agents, 79 Performance Mon tor and, 88, 90–91 s mu at ons and, 88–161 start ng agents, 81 tak ng base ne capture, 88 RD RAPs assoc at ng w th computer groups, 531–532 configur ng store, 553–554 creat ng, 519–520 troub eshoot ng, 574 RD Sess on Host See also VDI (V rtua Desktop Infrastructure) 64-b t cons derat ons, 41–42 app cat on de very and, 40 app cat on support, 101–109 best pract ces, 25 cach ng Group Po cy, 269 cert ficate cons derat ons, 34 c os ng server back doors, 369–375 Configure Later opt on, 138 configur ng, 144–164, 458 configur ng Performance Mon tor, 88 configur ng secur ty sett ngs, 417 creat ng sess ons, 119–134 dep oyment cons derat ons, 424, 439 determ n ng system requ rements, 66–99 enab ng Remote Contro , 614–615 extrapo at on as test ng a ternat ve, 91–93 funct ona ty, 24–25 gett ng server names, 634 mproved funct ona ty, 13 nsta ng app cat ons, 164–174 nsta ng servers, 134–144 jo n ng servers to farms, 447–454 keep ng ava ab e, 393–394 st processes on servers, 636 ock ng down servers, 377 management too s, 590–600 manag ng profi e cache, 270–275 manag ng servers, 599–600, 624–629 memory cons derat ons, 45–56 merger/outsourc ng support, 19 poo ed desktops and, 14 processor cyc es, 43–44 RD Connect on Broker and, 440–447 RD Web Access and, 484 RDS L cens ng and, 662–663 RDS support, 24 restart ng servers, 624–629 roam ng profi es, 250 serv ces support ng, 117–119 shutt ng down servers, 624–629 user exper ence, 332–334 RD V rtua zat on Host See also VDI (V rtua Desktop Infrastructure) 64-b t cons derat ons, 42 app cat on de very and, 40 configur ng RDP perm ss ons, 206–208 funct ona ty, 25–26 Hyper-V and, 34, 59 nsta ng, 190–192 nsta ng v a W ndows PowerShe , 192 RDS support, 24 683 www.it-ebooks.info RD Web Access s z ng cons derat ons, 95–96 RD Web Access chang ng d sp ay, 492 configur ng, 195–197, 482–488 custom z ng, 488–495 desktop connect ons, 502–505 funct ona ty, 26–27 IIS requ rements, 26, 34 nsta ng ro e serv ce, 481–482 p ac ng, 576–578 RDS support, 24 RemoteApp and Desktop Connect ons feature, 502–505 RemoteApp support, 465, 502–505 secur ty and, 17 s z ng cons derat ons, 96 sources for, 478–481 troub eshoot ng perm ss ons, 496 VDI support, 176 webs te usage, 497–502 RDC (Remote Desktop Connect on) c ent connect on, 33–34 configur ng opt ons, 488–489 connect ng for adm n strat on purposes, 598 custom z ng sett ngs, 491 forc ng connect ons, 494 funct ona ty, 33 user exper ence and, 293–296, 330–334 vers on cons derat ons, 109–113, 330–334 RDP (Remote Desktop Protoco ) c ent connect on, 33–34 compress ng data, 302–303 configur ng perm ss ons, 206–208 creat ng firewa except ons, 205 defin ng c ent user exper ence, 293–296 enab ng, 204–205 encrypt on support, 409–410 FAQs, 306 funct ona ty, 33 graph cs remot ng, 299–305 h gh-fide ty over, 18 network requ rements, 68 new features, 292 pr nt ng cons derat ons, 334–359 protoco data un ts, 299 RD Gateway support, 30 tun ng performance, 304 v rtua channe s, 296–299 W ndows 2000 and, RDP fi es connect ng users v a, 13 creat ng, 215 d str but ng, 475 ed t ng, 221 sett ng cons derat ons, 464 shar ng, 182 s gn ng, 459–464, 472–474 unknown pub shers and, 490 RDPs gn exe too , 472–474 RDS (Remote Desktop Serv ces) app y ng management too s, 631–641 dep oy ng roam ng profi es, 248–288 evo v ng remote c ent access, 6–7 funct ona ty, 7–12 egacy pr nt ng mode , 338–342 new features, 12–32 or g ns, 2–7 pr nt ng from, 344–350 RDC support, 119 ro e support ng, 32–35 UserMode Port Red rector, 118 RDS App cat on Ana yzer, 102–106 RDS L cens ng act vat ng server, 653–655 act vat ng w th W ndows PowerShe , 655–656 add ng servers to AD DS, 660 ass gn ng RDS CALs, 648–651 back ng up servers, 665–667 configur ng sett ngs, 157–160 creat ng redundancy, 665–667 d agnost cs too , 673–675 funct ona ty, 31–32, 644–645 nsta ng server, 652 manag ng usage, 667–672 m grat ng CALs, 663–664 mode cons derat ons, 100–101, 644 prevent ng upgrades, 673 RD Sess on Host and, 662–663 684 www.it-ebooks.info roaming profiles RDS support, 24 rebu d ng server database, 665 report ng usage, 667–672 server connect on methods, 653 sett ng up nfrastructure, 651–663 spec fy ng servers, 159–160 track ng and enforc ng, 648 Recyc e B n, 237 refresh nterva , 262 reg ster command, 597 reg stry, system See system reg stry reg stry reflect on, 170 reg stry v rtua zat on, 107 regu atory comp ance, 19 Remote Contro too , 394–398, 610–619 Remote Desktop Connect on Manager, 212, 216 Remote Desktop IP V rtua zat on feature, 13 Remote Desktop Protoco See RDP (Remote Desktop Protoco ) Remote Desktop Serv ces See RDS (Remote Desktop Serv ces) Remote Desktop Serv ces Manager funct ona ty, 591–593 organ z ng servers, 600–602 send ng user messages, 622 Status d a og box, 594 Remote Desktop Sess on Host Configurat on too check ng configurat on, 162–164 configur ng connect on secur ty, 417–420 configur ng IP v rtua zat on, 155–157 genera sess on sett ngs, 153–155 jo n ng servers to farms, 447–450 cens ng sett ngs, 157–160 open ng, 150–153 protoco -spec fic sett ngs, 160–162 Remote Contro sett ngs, 611 restr ct ng red rect on, 367 Remote Desktop Users group, 178, 204–205 Remote Serv ce Management, 205 remote sess ons add ng c ent dev ces, 307–313 enumerat ng pr nters, 338–341 pr nt ng from, 341–342 RemoteApp and Desktop Connect ons feature, 20, 34, 502–505 RemoteApp Manager add ng app cat ons to a ow st, 455–457 Common RDP Sett ngs tab, 464 configur ng dep oyment sett ngs, 457–464 configur ng t meouts, 471–472 Custom RDP Sett ngs tab, 464 d str but ng MSI fi es, 476–477 d str but ng RDP fi es, 475 ed t ng propert es, 464–469 ma nta n ng a ow sts, 469–470 sett ng s gnature po c es, 474 s gn ng RDP fi es, 472–474 RemoteApp techno ogy A as property, 466 configur ng dep oyment sett ngs, 457–464 connect v ty exper ence, 331–332 de ver ng programs, 478–505 d fferent at ng sess ons, 631 d str but ng programs, 475–477 funct on, 424–425 funct ona ty, 15–16 Hyper-V support, 218–222 ntegrat ng, 17, 20 ock ng down servers, 364 mu t p e mon tors and, 428–431 nam ng connect ons, 453–454 poo ed desktops and, 15 RD Web Access and, 500–502 sess on t meouts, 471–472 RemoteFX (M crosoft), 301 report ng cense usage, 667–672 resource usage concurrent, 167 red rect on pros and cons, 313–314, 365–367 v rtua zat on and, 59–65 RFC 2118, 304 roam ng profi es ba ance flex b ty and ockdown, 243 cach ng, 246–247 centra z ng persona data, 275–278 configur ng paths for VMs, 268 convert ng to, 254 685 www.it-ebooks.info rolling back VMs convert ng to mandatory profi es, 283 creat ng, 248–253 custom z ng, 255–257 defined, 228 defin ng w th Group Po cy, 267–268 manag ng w th Group Po cy, 257–266 manag ng w thout adm n access, 253 read-on y desktops and, 286 sett ng standards, 281–283 shar ng fo ders, 279–280 speed ng up ogons, 268–275 ro ng back VMs, 186–187, 208, 243 RPCs (remote procedure ca s), 205 RR DNS (round rob n DNS), 432–433, 440, 530 RSAT (Remote Server Adm n strat on Too s), 593, 599–600 S SA (Software Assurance), 646 SCCM (System Center Configurat on Manager), 647 SCOM (System Center Operat ons Manager), 647 SCVMM (System Center V rtua Mach ne Manager), 647 secur ty See also authent cat on app cat on execut on and, 376–378 core techno og es, 402–408 fi ter ng GPOs, 266 nformat on, ock ng down servers, 364–376 mandatory profi es and, 282 RD Gateway and, 31 RD Sess on Host and, 393–394, 417–420 RD Web Access and, 17 RDP encrypt on, 409–410 RDS support, 8–9 read-on y Start menu and, 391–392 remote contro of sess ons, 394–398 Se fSSL exe too , 413–414 SendKeys method, 81 Ser a and Para e Port V rtua Channe Extens on, 320 server farms cach ng Group Po cy, 269 connect on broker ng and, 433–439 creat ng test cert ficates, 411–414 dep oyment cons derat ons, 431–432 d str but ng n t a connect ons, 432–433 ma nta n ng a ow sts, 469–470 ma nta n ng dent ca sett ngs, 543–554 organ z ng n OUs, 259 RD Gateway and, 525, 530–532 RD Web Access and, 484 RDS support, 18 s ng e s gn-ons, 22, 416 Server Manager, 190, 193, 305 Serv ces and Contro er App cat on, 119 Sess on Manager, 119 sess ons adjust ng genera sett ngs, 153–154 bas c graph cs remot ng and, 299 c os ng orphaned, 608–610 commun cat ng w th servers, 130–131 configur ng t me m ts, 222, 471–472 connect ng to d sconnected, 186 creat ng, 121–124 creat ng base env ronments, 127–128 d fferent at ng, 631 d sconnect ng, 609 enab ng user ogons, 126–127 fo der red rect on and, 244 dent fy ng processes, 129 key processes oaded at boot t me, 119–121 manag ng, 590, 631–641 mon tor ng and end ng, 605–610 overv ew d agram, 132–134 RDP FAQs, 307 reg stry data and, 231 remote contro of, 394–398, 610–619 ro e of serv ces n, 124–126 send ng updates when act ve, 305 server ma ntenance and, 619–629 sett ng sess on count, 154 sett ng t me m ts, 394 shadow ng, 615–619 speed ng up ogons, 246 686 www.it-ebooks.info thin clients structure cons derat ons, 128–129 sw tch ng between, 606–607 system support, 119 term nat ng, 609–610 Set-Item cmd et, 453 SHA-1 (Secure Hash ng A gor thm), 409 shadow keys defined, 168 d sab ng reg stry wr tes, 171 ed t ng t mestamps, 170 popu at ng, 171–174 remov ng sect ons, 171 shadow ng sess ons funct ona ty, 615–617 troub eshoot ng, 617–619 shared fo ders, 278–280 shared memory, 54–56 SIDs (secur ty dent fiers), 231 s mu at ons, 88–90 s ng e s gn-ons for server farms, 22, 416 s z ng cons derat ons RD V rtua zat on Host, 95–96 server s z ng, 93–95 user profi es, 236, 246, 270 SRPs (Software Restr ct on Po c es), 378–381 SSL (Secure Sockets Layer), 17, 402, 542 SSL br dg ng, 526 SSL cert ficates, 524 SSL offload ng and term nat on, 527 Start menu connect ng to RemoteApp, 504 ntegrat ng RemoteApps nto, 20 read-on y, 391–392 restr ct ng access, 369–371 stat c v rtua channe s, 296–299 Status of Te ework Report to the Congress, stor ng app cat on data, 168 oca profi es, 243 RD CAPs, 509, 545–553 user profi es, 56, 237–241 str pe sets w th par ty, 59 swap fi es, 52–53 Sysprep command, 256 system arch tecture app cat on de very systems, 40–41 c ent use profi es, 99–114 determ n ng system requ rements, 66–99 pass ng data, 128–131 W ndows Server nterna s, 41–65 system cache, 57 system processes, 125 system reg stry env ronment changes and, 229 prevent ng access, 368–369 reg stry reflect on, 170 reg stry v rtua zat on, 107 se ect ve y d sab ng wr tes, 171 up oad ng sett ngs n background, 246 user profi es and, 229–232 system requ rements des gn ng ve test, 69–70 execut ng tests, 70–77 extrapo at ng, 91–93 overv ew, 66 RD Load S mu at on Too , 77–91 s z ng cons derat ons, 93–99 T Task Manager, remov ng access, 373 te ecommut ng, 9–10, 16–17 Term na Serv ces evo ut on of, 1, 3–4 mapp ng to RDS, pr nter dr vers and, 23 v rtua z ng, 34 term nat ng app cat ons, 604–605, 640–641 sess ons, 609–610 tests des gn ng, 69–70 execut ng, 70–77 extrapo at on as a ternat ve, 91–93 NAP w th RD Gateway, 571–573 RD Load S mu at on Too , 77–91 th n c ents, 10, 99–100 687 www.it-ebooks.info thrashing c ent hardware, 99–100 compartmenta z ng, 244 contents externa to reg stry, 233–239 creat ng, 228–233 creat ng mandatory, 284–286 custom z ng, 255–257 decreas ng ogon t mes, 286–287 defined, 226 des gn gu de nes, 242–248 fo der red rect on and, 243 fo ders assoc ated w th, 233–236 funct ona ty, 226 Last Wr te W ns prob em, 241 cense mode s, 100–101 mu t p e, 241 nam ng fo ders, 249 overwr t ng data, 170–171, 241 prov d ng cons stent env ronment, 241 read-on y desktops and, 286 reg stry and, 229–232 sett ng standards, 281–283 shar ng fo ders, 278–280 s ze cons derat ons, 236, 246, 270 stor ng, 56, 237–241 troub eshoot ng t ps, 287 types of, 227–228 v rtua mach nes and, 237, 251 thrash ng, 54 threads, processes and, 43 t me zone red rect on, 325 t meouts, sess on, 222, 471–472 t mestamps, ed t ng for shadow keys, 170 TLS (Transport Layer Secur ty), 402–405 Tr p e Data Encrypt on Standard (3DES), 409 troub eshoot ng oca profi es, 243 poo ed VM connect ons, 223 pr nt ng ssues, 358–359 RD Web Access perm ss ons, 496 shadow ng sess ons, 617–619 user profi es, 287 TS Gateway (Term na Serv ces Gateway), 16 TSAppCompat component, 173 tsshutdn command, 597 U UDP (User Datagram Protoco ), 326 Unattend xm fi e, 255 user accounts configur ng roam ng profi es, 250 creat ng test accounts, 80 enab ng Remote Contro , 611 USER ACTIVITY scr pt, 81 user exper ence add ng to remote sess ons, 307–313 defin ng for c ents, 293–296 dev ce and fi e system red rect on, 314–325 graph cs remot ng and, 299–305 p ay ng aud o, 326–330 pr nt ng w th RDP, 334–359 RDC vers on and, 330–334 RDP support, 296–299 red rect ng resources, 313–314 User Profi e H ve C eanup Serv ce, 247 user profi es See also roam ng profi es app cat on support, 101–109 cach ng, 231, 269–275 caut ons de et ng, 247 change cons derat ons, 232–233 V VDA cens ng, 646 VDI (V rtua Desktop Infrastructure) ass gn ng persona desktops, 212–214 configur ng propert es, 216–218 configur ng RD Connect on Broker, 197–203 configur ng RD Web Access, 195–197 creat ng poo s, 209–211 funct ona ty, 4–5, 175–212 nsta ng RD Connect on Broker, 193–194 nsta ng RD V rtua zat on Host, 190–192 nsta ng support ng ro es, 188 cens ng cons derat ons, 646–647 M crosoft supported, 178–188 sett ng up VMs, 203–209 688 www.it-ebooks.info XPS printers VDI L cens ng, 646–648 VECD cense, 646 v rtua address space, 45–46 v rtua channe s defined, 34, 295–296 dynam c, 34, 296, 298 F e System V rtua Channe Extens on, 318 Ser a and Para e Port V rtua Channe Extens on, 320 stat c, 296–299 V rtua Desktop Infrastructure See VDI (V rtua Desktop Infrastructure) v rtua mach nes See VMs (v rtua mach nes) v rtua memory defined, 45 funct ona ty, 52–53 mapp ng to phys ca memory, 48–52 v rtua zat on hyperv sor support, 60 IP, 13, 155–157 profi e storage and, 237–239 RDS support, 97–99 reg stry, 107 resource usage and, 59–65 VMs (v rtua mach nes) See also poo ed VMs; VDI (V rtua Desktop Infrastructure) ass gn ng persona desktops, 212–214 configur ng propert es, 216–218 configur ng roam ng profi e paths, 268 de ver ng, 478–505 dep oy ng, 212 fo der red rect on and, 244 h bernat ng, 28 host ng, 34 manag ng, 590 orchestrat ng, 184 organ z ng, 600–602 performance cons derat ons, 65 RD V rtua zat on Host and, 40 RDS support, 14–15, 97–99 resource usage and, 25 ro ng back, 186–187, 208, 243 sett ng up, 203 user profi es and, 237, 251 W WebSSO, 488 W n32k sys dr ver, 132 W ndows 2000 Server, W ndows Automat c Updates, 369 W ndows Exp orer, 273 W ndows Insta er, 13 W ndows PowerShe act vat ng RDS L cens ng, 655–656 configur ng RD Gateway, 543–545 ed t ng propert es, 469 nsta ng RD Gateway, 515 nsta ng RD V rtua zat on Host, 192 jo n ng servers to farms, 452–453 W ndows Server 2003, W ndows Server 2008 64-b t cons derat ons, 41, 169 nterna s overv ew, 41–65 mapp ng TS names, RDS and, 4–5 recommended nsta at on opt ons, 164 W ndows Startup Manager, 119 W ndows System Resource Manager See WSRM (W ndows System Resource Manager) WMI (W ndows Management Instrumentat on), 12 WMIC too , 208 WSRM (W ndows System Resource Manager) a ocat ng processor t me, 145 configur ng, 146–149 funct ona ty, 21 nsta ng, 146 WTS API, 184 X XP Mode feature, 219 XPS pr nters, 335 689 www.it-ebooks.info www.it-ebooks.info About the Authors KRISTIN GRIFFIN was born n Ca forn a and grew up a m tary brat, part of a ov ng and happy fam y She has worked with Term na Serv ces/Remote Desktop Serv ces s nce W ndows 2000 and has mp emented RDS for a d verse set of customers, nc ud ng d str butors, aw offices, and commerc a contract ng firms Former y a sen or IT consu tant for a V rg n a-based Internet and app cat on serv ce prov der, she s now a Seatt e-based ndependent consu tant and author Kr st n was honored to rece ve the M crosoft MVP award for Remote Desktop Serv ces beg nn ng n 2009 You can find her answer ng quest ons on the M crosoft RDS Technet Forum (http://social.technet.microsoft.com/Forums/en /winserverTS/threads) She a so keeps a b og concentrated on RDS t ps, setup, and troub eshoot ng adv ce at b og kr st n gr ffin com In her spare t me Kr st n enjoys photography, computer graph cs, camp ng, trave ng, sta ned g ass, woodwork ng, and buy ng more too s from the hardware store Most of a she enjoys be ng w th her fam y She takes her German shepherd dog w th her wherever she goes A former m tary brat, CHRISTA ANDE RSON ved n var ous p aces n the western Un ted States unt a v s t to V rg n a ended n a 20-year stay on the East Coast She returned to Seatt e n 2007, where she enjoys the arts and outdoors n a c ty w th a ot of both Chr sta’s nterest n trave and env ronmenta ssues contr buted to her enthus asm for presentat on remot ng, beg nn ng w th C tr x W nFrame n the m dd e 1990s A former Term na Serv ces MVP and free ance techn ca author and speaker for over a decade, she s now a program manager on the Remote Desktop V rtua zat on team at M crosoft She prom ses to ta k about someth ng other than the book now www.it-ebooks.info www.it-ebooks.info System Requirements To use th s book’s compan on CD-ROM, you need a computer equ pped w th the fo ow ng m n mum configurat on ■ M crosoft W ndows Server 2008 R2, W ndows Server 2008, W ndows 7, W ndows V sta, W ndows Server 2003, or W ndows XP ■ An appropr ate processor depend ng on the m n mum requ rements of the operat ng system) ■ At east GB of system memory (depend ng on the m n mum requ rements of the operat ng system) ■ A hard d sk part t on w th at east GB of ava ab e space ■ Appropr ate v deo output dev ce ■ Keyboard ■ Mouse or other po nt ng dev ce ■ Opt ca dr ve capab e of read ng CD-ROMs Some tems on the compan on med a have spec fic requ rements The companon CD-ROM conta ns numerous nks to scr pts, too s, Know edge Base art c es, and other nformat on To v ew these nks, you w need a Web browser and Internet access The compan on CD-ROM a so nc udes scr pts that are wr tten n VBScr pt (w th a vbs fi e extens on), W ndows PowerShe (w th a ps1 fi e extens on) and a few batch fi es The W ndows PowerShe scr pts requ re that you have W ndows PowerShe nsta ed To run these scr pts, your system must meet the fo ow ng add t ona requ rements W ndows Server 2008 R2 and W ndows nc ude W ndows PowerShe For W ndows XP SP3, W ndows V sta SP1, and W ndows Server 2003 you must down oad and nsta W ndows PowerShe The W ndows PowerShe down oad s ocated at http://support.microsoft.com /kb/968929 ■ Scr pts ntended for execut on on the oca server that depend on spec fic counters and nterfaces w not execute correct y un ess the appropr ate Remote Desktop Serv ces ro e serv ce s nsta ed (For examp e, a scr pt that quer es RD Gateway nterfaces w not return resu ts un ess the RD Gateway ro e serv ce s nsta ed ) The scr pts on the CD are not s gned To run them on your computer, we recommend sett ng the W ndows PowerShe Execut on Po cy to “RemoteS gned ” To th s, start W ndows PowerShe and type Set-ExecutionPolicy RemoteSigned www.it-ebooks.info Th s sett ng w a ow you to run the scr pts on the CD, and t s more secure than sett ng th s po cy to”Unrestr cted NOTE  For more information on using the Set-ExecutionPolicy cmdlet see: http://www.microsoft.com/technet/scriptcenter/topics/msh/cmdlets/set execution policy.mspx When you run a W ndows PowerShe scr pt, you need to prov de the fu path to the scr pt To use the VBScr pt scr pts and batch fi es, doub e-c ck them, or execute them d rect y from a command prompt F na y, the CD conta ns a few fi es created n V s o 2010, so you w need to have the V s o 2010 v ewer to v ew these fi es It a so conta ns a few PDF fi es so you w need a PDF reader to v ew these fi es www.it-ebooks.info What you think of this book? We want to hear from you! To participate in a brief online survey, please visit: microsoft.com/learning/booksurvey — Tell us how well this book meets your needs­ what works effectively, and what we can better Your feedback will help us continually improve our books and learning resources for you Thank you in advance for your input! Stay in touch! To subscribe to the Microsoft Press® Book Connection Newsletter—for news on upcoming books, events, and special offers—please visit: microsoft.com/learning/books/newsletter SurvPage_corp.indd www.it-ebooks.info 8/14/09 4:40 AM ... http://www.microsoft.com/windowsserver2008/en/us/rds-partners.aspx for a list of companies that make products complementing or expanding on Remote Desktop Services in Windows Server 2008 R2 What’s New in Remote Desktop. .. ng e se now xv www.it-ebooks.info www.it-ebooks.info Introduction W e come to the Windows Server 2008 R2 Remote Desktop Services Resource Kit! Th s s a deta ed techn ca resource for p ann ng,... What’s New in Remote Desktop Services in Windows Server 2008 R2? Remote Desktop Serv ces n W ndows Server 2008 R2 took a ot of the mprovements added n W ndows Server 2008 and added the features

Ngày đăng: 17/02/2014, 08:20