2-12 Chapter 2 Administering Microsoft Windows Server 2003 Lesson 3: Managing Servers with Remote Desktop for Administration
The Windows 2000 Server family introduced a tightly integrated suite of tools and technologies that enabled Terminal Services for both remote administration and application sharing. The evolution has continued: Terminal Services is now an integral, default component of the Windows Server 2003 family, and Remote Desktop has been improved and positioned as an out-of-the-box capability, so that with one click, a Windows Server 2003 computer will allow two concurrent connections for remote administration. By adding the Terminal Server component and configuring appropriate licensing, an administrator can further extend the technologies to allow multiple users to run applications on the server. In this lesson, you will learn how to enable Remote Desktop for Administration. After this lesson, you will be able to ■ Configure a server to enable Remote Desktop for Administration ■ Assign users to the appropriate group to allow them to administer servers remotely ■ Connect to a server using Remote Desktop for Administration Connection Estimated lesson time: 15 minutes
Enabling and Configuring Remote Desktop for Administration
The Terminal Services service enables Remote Desktop, Remote Assistance, and Terminal Server for application sharing. The service is installed by default on Windows Server 2003, configured in Remote Desktop for remote administration mode. Remote Desktop mode allows only two concurrent remote connections, and does not include the application sharing components of Terminal Server. Therefore, Remote Desktop operates with very little overhead on the system, and with no additional licensing requirements. Note Because Terminal Services and its dependent Remote Desktop capability are default components of Windows Server 2003, every server has the capability to provide remote connections to its console. The term “terminal server” now therefore refers specifically to a Windows Server 2003 computer that provides application sharing to multiple users through addition of the Terminal Server component. Other components—Terminal Server and the Terminal Server Licensing service—must be added using Add Or Remove Programs. However, all of the administrative tools required to configure and support client connections and to manage Terminal Server
Lesson 3 Managing Servers with Remote Desktop for Administration 2-13 are installed by default on every Windows Server 2003 computer. Each of the tools and their functions are described in Table 2-3.
Table 2-3 Default Components of Terminal Server and Remote Desktop
Installed Software Purpose
Terminal Services Configuration
Terminal Services Manager
Remote Desktop Client Installation Files
Terminal Services Licensing
Setting properties on the Terminal Server, including session, net-work, client desktop, and client remote control settings
Sending messages to connected Terminal Server clients, disconnecting or logging off sessions, and establishing remote control or shad-owing of sessions
Installation of the Windows Server 2003 or Windows XP Remote Desktop Client application. The 32-bit Remote Desktop client soft-ware is installed in %Systemroot%\System32\Clients\Tsclient\Win32 of the Terminal Server.
Configuraiton of licenses for client connections to a terminal server. This tool is not applicable for environments which utilize only Remote Desktop for Administration.
To enable Remote Desktop connections on a Windows Server 2003 computer, open the System properties from Control Panel. On the Remote tab, select Allow Users To Connect Remotely To This Computer. Note If the Terminal Server is a Domain Controller, you must also configure the Group Pol-icy on the Domain Controller to allow connection through Terminal Services to the Remote Desktop Users group. By default, Non-Domain Controller servers will allow Terminal Services connections by this group.
Remote Desktop Connection
Remote Desktop Connection is the client-side software used to connect to a server in the context of either Remote Desktop or Terminal Server modes. There is no functional difference from the client perspective between the two server configurations.
On Windows XP and Windows Server 2003 computers, Remote Desktop Connection is installed by default, though it is not easy to find in its default location in the All Programs\Accessories\Communications program group on the Start menu.
For other platforms, Remote Desktop Connection can be installed from the Windows Server 2003 CD or from the client installation folder (%Systemroot%\System32\Clients \Tsclient\Win32) on any Windows Server 2003 computer. The .msi-based Remote Desktop Connection installation package can be distributed to Windows 2000 systems using Group Policy or SMS.
2-14 Chapter 2 Administering Microsoft Windows Server 2003 Tip It is recommended to update previous versions of the Terminal Services client to the latest version of Remote Desktop Connection to provide the most efficient, secure and stable environment possible, through improvements such as a revised user interface, 128-bit encryption and alternate port selection. Figure 2-5 shows the Remote Desktop client configured to connect to Server01 in the contoso.com domain. Figure 2-5 Remote Desktop client
Configuring the Remote Desktop Client
You can control many aspects of the Remote Desktop connection from both the client and server sides. Table 2-4 lists configuration settings and their use.
Table 2-4 Remote Desktop Settings
General Options for the selection of the computer to which connection should be made, the setting of static log on credentials, and the saving of settings for this connection.
Display Controls the size of the Remote Desktop client window, color depth, and whether control-bar functions are available in full-screen mode.
Local Resources Options to bring sound events to your local computer, in addition to standard mouse, keyboard, and screen output. How the Windows key combinations are to be interpreted by the remote computer (for example, ALT+TAB), and whether local disk, printer, and serial port connections should be available to the remote session.
Lesson 3 Managing Servers with Remote Desktop for Administration 2-15 Table 2-4 Remote Desktop Settings (Continued) Setting Function
Programs Set the path and target folder for any program you want to start, once the connection is made.
Experience Categories of display functions can be enabled or disabled based on available bandwith between the remote and local computers. Items include showing desktop background, showing the contents of the window while dragging, menu and window animation, themes, and whether bitmap caching should be enabled (this transmits only the changes in the screen rather than repainting the entire screen on each refresh period).
Logon Settings Static credentials can be set for the connection rather than using those provided by the client.
Sessions Settings for ending a disconnected session, session limits and idle time-out, and reconnection allowance can be made here to override the client settings.
Environment Overrides the settings from the user’s profile for this connection for starting a program upon connection. Path and target settings set here over-ride those set by the Remote Desktop Connection.
Permissions Allows for additional permissions to be set on this connection.
Remote Control Specifies whether remote control of a Remote Desktop Connection session is possible, and if it is, whether the user must grant permission at the initiation of the remote control session. Additional settings can restrict the remote control session to viewing only, or allow full interactivity with the Remote Desktop client session.
Client Settings Override settings from the client configuration, control color depth, and disable various communication (I/O) ports.
Network Adapters Specifies which network cards on the server will accept Remote Desktop for Administration connections.
General Set the encryption level and authentication mechanism for connections to the server.
Terminal Services Troubleshooting
When using Remote Desktop for Administration, you are creating a connection to a server’s console. There are several potential causes of failed connections or problematic sessions:
■ Network failures Errors in standard TCP/IP networking can cause a Remote Desktop connection to fail or be interrupted. If DNS is not functioning, a client may not be able to locate the server by name. If routing is not functioning, or the Terminal Services port (by default, port 3389) misconfigured on either the client or the server, the connection will not be established.
2-16 Chapter 2 Administering Microsoft Windows Server 2003 ■ Credentials Users must belong to the Administrators or Remote Desktop Users group to successfully connect to the server using Remote Desktop for Administration.
■ Policy Domain controllers will only allow connections via Remote Desktop to administrators. You must configure the domain controller security policy to allow connections for all other remote user connections.
■ Too many concurrent connections If sessions have been disconnected with-out being logged off, the server may consider its concurrent connection limit reached even though there are not two human users connected at the time. An administrator might, for example, close a remote session without logging off. If two more administrators attempt to connect to the server, only one will be allowed to connect before the limit of two concurrent connections is reached. See Also For more on Terminal Services and the latest developments in Remote Desktop client functionality, see http://www.microsoft.com/technet/treeview/default.asp?url=/technet /prodtechnol/windowsserver2003/proddocs standard/sag_Server_Trouble_Topnode.asp.
Practice: Installing Terminal Services and Running Remote Administration
In this practice, you will configure Server01 to enable Remote Desktop for Administration connections. You will then optimize Server01 to ensure availablity of the connection when the connection is not in use, and you will limit the number of simultaneous connections to one. You then run a remote administration session from Server02 (or another remote computer).
If you are limited to one computer for this practice, you can use the Remote Desktop client to connect to Terminal Services on the same computer. Adjust references to a remote computer in this practice to that of the local computer.
Exercise 1: Configure the Server for Remote Desktop
In this exercise, you will enable Remote Desktop connections, change the number of simultaneous connections allowed to the server, and configure the disconnection settings for the connection. ! Exam Tip Watch for group membership if access is denied when establishing a Remote Desktop for Administration connection. In earlier versions of Terminal Server, you had to be a member of the Administrators group to connect to the server, although special permissions could be established manually. Having only two remote connections to the Terminal Server is a fixed limit, and cannot be increased.
Lesson 3 Managing Servers with Remote Desktop for Administration 2-17 1. Logon to Server01 as Administrator.
2. Open the System properties from Control Panel.
3. On the Remote tab, enable Remote Desktop. Close System Properties.
4. Open the Terminal Services Configuration console from the Administrative Tools folder.
5. In the tscc (Terminal Services Configuration\Connections) MMC, right-click the RDP-tcp connection in the details pane, and then click Properties.
6. On the Network Adapter tab, change the Maximum Connections to 1.
7. On the Sessions tab, select both of the Override User Settings check boxes, and make setting changes so that any user session that is disconnected, by any means, or for any reason, will be closed in 15 minutes, that has no Active session time limit, and that will be disconnected after 15 minutes of inactivity.
❑ End a disconnected session: 15 minutes
❑ Active session limit: never
❑ Idle session limit: 15 minutes
❑ When session limit is reached or connection is broken: Disconnect from session
This configuration will ensure that only one person at a time can be connected to the Terminal Server, that any disconnected session will be closed in 15 minutes, and that an idle session will be disconnected in 15 minutes. These settings are useful so as to not have a session that is disconnected or idle making the Remote Desktop for Administration connection unavailable.
Exercise 2: Connect to the Server with the Remote Desktop Client
1. On Server02 (or another remote computer, or from Server01 itself if a remote computer is not available), open Remote Desktop Connection (from the Accessories, Communications program group) and connect to and log to Server01.
2. On Server01, open the tscc (Terminal Services Configuration\Connections) MMC. You should see the remote session connected to Server01.
3. Leave the session idle for 15 minutes, or close the Remote Desktop client without logging off the Terminal Server session, and the session should be disconnected automatically in 15 minutes.
You have now logged on to Server01 remotely, and can perform any tasks on the Server01 computer that you could accomplish while logged on interactively at the console.
2-18 Chapter 2 Administering Microsoft Windows Server 2003 Lesson Review
The following questions are intended to reinforce key information presented in this lesson. If you are unable to answer a question, review the lesson materials and try the question again. You can find answers to the questions in the “Questions and Answers” section at the end of this chapter.
1. How many simultaneous connections are possible to a Terminal Server running in Remote Administration mode? Why?
2. What would be the best way to give administrators the ability to administer a server remotely through Terminal Services?
a. Don’t do anything; they already have access because they are administrators.
b. Remove the Administrators from the permission list on the Terminal Server connection, and put their administrator account in the Remote Desktop for Administration Group.
c. Create a separate, lower-authorization user account for Administrators to use daily, and place that account in the Remote Desktop for Administration Group.
3. What tool is used to enable Remote Desktop on a server?
a. Terminal Services Manager
b. Terminal Services Configuration
c. System properties in Control Panel
d. Terminal Services Licensing
Administrators and members of the Remote Desktop Users group have the ability to connect to a server using Remote Desktop Connection. Terminal Services are installed on Windows Server 2003 by default, and allow up to two Remote Desktop for Administration connections simultaneously. The Remote Desktop Connection client, a default component of Windows XP and Windows Server 2003, can be installed on any 32-bit Windows platform from the Windows Server 2003 installation CD or (after sharing the directory) from any Windows Server 2003 computer. Configuration of Remote Desktop for Administration connections is accomplished through settings on the client (Remote Desktop Connection) and server (Terminal Server Configuration). Key settings for the connections can be overridden by the server.
See also：Remote Desktop Comparison Chart
注册－收款工具那么多，为何选择Payoneer？ ｜ 为何申请Payoneer万事达预付卡+欧美日收款银行账号？
Payoneer有卡账户和无卡账户的区别 ｜ Payoneer个人账户注册申请教程 ｜ P卡公司帐户注册教程
Payoneer欧元帐户（虚拟卡） ｜ Payoneer英镑帐户 ｜ Payoneer日元帐户 ｜ 订购实体卡（P卡）
Payoneer卡年费啥时候扣？ ｜ Payoneer卡休眠和激活 ｜ P卡到期后如何更换？ ｜ 如何注销P卡？
官方－Payoneer秉承公正、公开、透明服务 ｜ Payoneer官方最新政策汇总 ｜ 官方客服联系方式
Payoneer官方费用表 ｜ 如何减少Payoneer的手续费？ ｜ 点此免除入账费 ｜ 点此降低提现费
跨境收款服务商拷问篇——Payoneer ｜ Payoneer客户答疑手册（FAQ） ｜ Payoneer手机App
收款－跨境电商/外贸收款方式对比 ｜ Payoneer可以错名收款吗？
Amazon亚马逊卖家设置Payoneer卡收款教程 ｜ Payoneer支持从美国电商平台Newegg收款
CJ联盟设置Payoneer卡收款 ｜ ClickBank联盟设置Payoneer收款 ｜ Amazon联盟设置P卡收款
Payoneer如何从东南亚电商平台Lazada收款 ｜ 如何在Lazada开店？
Payoneer如何从拉美电商平台Linio收款？ ｜ Payoneer绑定非洲电商平台Jumia收款
Payoneer如何从跨境移动电商Wish收款？ ｜ Wish模式正在改变电商格局
Payoneer支持从法国乐天Priceminister收款 ｜ 法国电商平台CDiscount对接Payoneer收款
Payoneer可接受个人与公司信用卡付款（请求付款） ｜ 关于Payoneer卡充值
从PayPal提现到Payoneer卡教程及手续费用 ｜ PayPal无法绑定并转账到Payoneer卡？
提现－从Payoneer卡提现到国内银行账户 ｜ Payoneer无法从Dating联盟收款并限制提现方式
用P卡在中国银行ATM机取款4000元 ｜ 用Payoneer卡在中国建设银行ATM机取款500元