Terminal Services for Microsoft Windows Server 2003: Advanced Technical Design Guide (Advanced Technical Design Guide series)

The primary reason that anyone uses Terminal Server is to provide simple end-user access to Windows applications. By "methods of end user access," we're talking about how your users actually launch their applications on your Terminal Servers. Do they have icons for Terminal Server applications in their Windows Start Menu or on their Windows desktop? Do they launch applications through the web? Are they running complete remote desktops or only specific applications?

Why is the method of access important?

By spending some time up front to consider how your users will access their applications, you can build an environment for them that's easy to use. This will make your life easier as a Terminal Server administrator.

How you configure user access will directly affect several aspects of your users' experience, including:

• What users can do with their applications

• How easily users can get access to and use their applications

• How easy the system is to administer

• How quickly the users can access the system and switch between applications

• How secure the system is

• Total cost of ownership

What are the user access method options?

Ultimately, all users will access your Terminal Servers via some form of RDP client software from a hardware device that supports that software. Once a user is connected, his experience is controlled by the server—it doesn't really matter how he connected or what kind of client device he has. All of the user access method options really what steps the users must take to establish their connections.

From the management standpoint, the various user connection options fall into two general categories:

1. Options that require configuration on client devices, such as the traditional Remote Desktop Connection client.

2. Options that do not require configuration on client devices, such as deploying applications via RDP files and web portals.

Regardless of the access methods you choose, your users will need some form of client software loaded onto their client device. Some access methods require that you manually configure or update the client configuration on every single client while others allow you to make configuration changes one time at the server, with clients receiving the new settings automatically.

Let's look closer at each of the following methods of end user access:

• Placing icons on your users' desktops and in their Start Menus.

• Creating websites or web portals with links that launch applications.

• Installing and configuring the full Remote Desktop Connection client software on each client workstation.

Option 1. Standard Remote Desktop Connection Client

Using the standard Remote Desktop Connection (RDC) client, users can choose the servers they wish to connect to and even configure peripheral device mappings. These connections can be saved to the clients' local machine so they can be reused. The RDC client comes installed on every Windows XP workstation, meaning you have very little to install on the client side.

To your users, though, this would be like accessing an application to launch another application, and could be very confusing. In addition, few users are savvy enough to use the client properly. This method of connection will most likely prompt calls to the helpdesk for assistance with configuring or reconfiguring the client.

Advantages of Remote Desktop Client

• Users have more control over the client.

• Connection settings can be saved by the user for later use.

• Client software already is installed on Windows XP clients.

Disadvantages of Remote Desktop Client

• Users have more control over the client.

• Any application configuration changes must be done manually.

• Shortcuts to remote RDC connection application might have icons that look different from "normal" icons

Option 2. Web Page / Web Portal

Another option is to provide users with web access to applications using the Terminal Services Advanced Client (TSAC). These web pages can be configured to automatically install the RDP client software onto the user's client device if it's not installed when users visit the site.

Several third-party products such as Citrix MetaFrame, Tarantella Canaveral iQ, and Jetro CockpIT offer advanced Terminal Server application web portals that can be configured to provide the user with a login screen when he first accesses the site. After successful authentication, the list of applications is custom-built for the user based on his credentials. This application list consists of hyperlinks and icons for each application. Clicking one of these application hyperlinks launches a session fully integrated into the user's desktop experience.

See Chapter 10 for details on creating web application portals for your Terminal Server environments, and refer to the appendix for a complete list of third-party products and their features.

Advantages of Connecting via a Web Page

• Access to applications can be from any machine, without preconfiguring client software.

• Since many organizations already use web pages and intranets for important information and announcements, Terminal Server applications can be configured as part of a user's home page or corporate portal.

• Because application configuration is done at the web server, you can easily change parameters or options. The client device would use the changes the next time it accesses the web site. There is no need to manually configure every client.

• One web page can contain links to applications from multiple servers or server clusters.

Disadvantages of Connecting via a Web Page

• Visiting a web page for applications may be an added step for your users.

• This introduces a single point of failure. If the web server goes down, users lose access to their applications.

• You'll have to maintain the web server in addition to all of your Terminal Servers.

The advanced web portal technology requires the use of third-party products.

Option 3. Centrally-stored Links to RDP files

You can also choose to install the Remote Desktop Client on all desktops and then store RDP connection files in a central location. Shortcuts to these RDP connection files can then be placed in the users' Start menu (either manually or using an Active directory GPO). This method allows you to centrally manage users' connections with very little desktop configuration. More information on the Remote Desktop Connection client and RDP files is available in Chapter 10.

Advantages of Storing Central RDP Files

• Connections can be configured and managed centrally.

Disadvantages of Storing Central RDP Files

• Client upgrades will have to be done manually at the client or via a software distribution package.

• Users will have to enter their credentials each time they launch an application, since the Central RPD files cannot maintain user information

Remember to Focus on Applications

When determining how your users will launch their Terminal Server applications, it's important to remember that your users only care about their applications. The ideal environment will allow them to access their applications in an easy and intuitive manner, and to remain productive.