1. Shai Tirosh Windows Server Regional Director artNET Experts

2. RemoteAPP and TS Web Session Broker Easy Print TS Gateway Tips…

3. Terminal Server Remote programs integrated with local computer Centrally configure a terminal server with the Terminal Server Configuration console Remote programs integrated with local computer Centrally configure a terminal server with the Terminal Server Configuration console RemoteApp console used to make application available Also used to make programs available via TS Web Access Programs look like they are running locally Only supported by Remote Desktop client 6.0, or newer Remote Desktop client required

4. Remote Programs … Look and feel like local apps… Access to local resources with redirection… A vector of attack against the client.. Solution: RDPSign Cryptographically signing RDP file Publisher certificate identifies origin New security UI to help decide trust GP’s to control trust decisions left to users W ho will get your password?...

6. Terminal Services Remote Programs available from a Web browser Default Web page or SharePoint Services

8. Terminal Server Windows Server 2008 11 22 33 44 55 66 112233445566 Remote User Connects via Terminal Services TS: Server 1 contacts the Session Broker to determine where the user should login Session Broker tells Server 1 that this user has no session & Server 2 has less load Server 1 tells the client via RDP to redirect to Server 2 The Client is redirected to Server 2 Session Created on Server 2 for the client Session Broker

9. Printer independent print “driver” Renders using XPS and sends to the client for local driver invokation Remote Desktop Connection (RDC) 6.1 Microsoft.NET Framework 3.0 Service Pack 1 Group Policy Control over client default being mapped only

10. Terminal Server 11 2233 44 User opens Microsoft Word running via Terminal Services The document prints to the local printer TS Easy Print utilizes the client side print drivers, and the full print UI appears User wants to print the document to a locally attached printer 11 22 33 44

11. Available in RDP 6.1 Remote Desktop Connection Display improvements, including: Custom display resolutions (1680x1050 or 1920x1200) Monitor spanning (up to 4 in a row) Desktop Experience Font smoothing Display data prioritization

12. Server Side Configuration Client Side Configuration (Group Policy) Client must be VISTA with SP1 Client must be VISTA with SP1

13. Remote Desktop Connection 6.0 Eliminates need for VPN Terminal Services Gateway and Network Policy Server

14. Perimeter Network Internet Corp LAN Hotel External Firewall Internal Firewall Home Business Partner/ Client Site Internet Terminal Services Gateway Server Tunnels RDP over RPC/HTTPS Strips off RPC/HTTPS Terminal Server Passes RDP/SSL traffic to TS Other RDP Hosts Terminal Server Network Policy Server Active Directory DC

15. SSL Certificate for the TS Gateway IIS 7.0 Network Policy Server TS CAP (Client Authorization Policy) States who and what machine can access TS RAP (Resource Authorization Policy) States what resource they can access Associated with the above

16. Terminal Server Remote Desktop Protocol Client Computer

17. Most Important: Display, Mouse, Keyboard Less Important: Printing and File Copy Default is 70:30 Change is per Server HKLM\SYSTEM\CurrentControlSet\Services\TermDD FlowControlDisable (dword: 0 = control bandwidth, 1= fifo) FlowControlDisplayBandwidth (dword: 0-255) FlowControlChannelBandwidth (dword: 0-255)

18. X86 and x64 TS User Capacity Scaling 2003 x64 4 cores 2003 x64 8 cores 2003 x86 4 cores 2000 x86 4 cores ~ x2 ~ x4 ~ x6 Based on Initial Internal Testing

19. APP-V (a.k.a. SoftGrid) allows any application to run along- side any other on a terminal server, eliminating the need for silos and increasing utilization, resulting fewer deployed servers Instantly deploy applications to Citrix/Terminal Servers Eliminate installs, regression testing & downtime Eliminate applications that conflict on the same server, including multiple versions of same application Enable applications that were not designed to run in multi-user mode

20. Controls how CPU and memory resources are allocated to: Applications Services Processes Built in feature in ws2008 (std + ent) Available to download for ws2003 ent. Only

21. Set one of the following predefined policies as managing policy: Equal_Per_Session Equal_Per_User Use “Accounting” to analyze resources usage per processes and users Create custom resource allocation policies

23. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.