Terminal Services has been a part of the Windows server OS since NT 4.0, but its history as a technology goes back further to the late 80s when Ed Iacobucci founded Citrix. Ed had been working with IBM trying to develop a multi- user version of OS/2, but IBM wasn't much interested so Ed left to start his own company (good move). In the early 90s Microsoft came out with Windows NT 3.51, their first really solid 32-bit Windows server platform, but Microsoft too wasn't much interested in developing a multi- user version of their OS at the time, so in 1994 Microsoft granted Citrix access to their NT source code so Citrix could develop this technology as a third-party vendor. Soon afterward Citrix released their revolutionary WinFrame product, and its immediate success soon led Microsoft to shift gears an! d in 1997 Microsoft licensed Citrix technology so they could incorporate it into NT 4.0. The result was the release in 1998 of Hydra, Microsoft's code name for Windows NT 4.0 Terminal Server Edition. Hydra of course has since been superceded by the built- in Terminal Services feature of Windows 2000 Server and more recently in Windows Server 2003. And there we are today. But why all the fuss? What good is Terminal Services technology anyway?
The Terminal Services Advantage From the operations side of running a business, there are really only two things that are important: time and money. The great thing about Terminal Services is that it can save you both. From a time-saving perspective, Terminal Services lets administrators install, configure, manage and maintain applications centrally on a few servers. This is usually much faster and easier to do than deploying applications on hundreds or thousands of desktop machines at different sites across an enterprise. And by making the job of the administrator easier, companies also save money on IT support costs for their information systems infrastructure. Furthermore, centrallydeployed applications are usually easier to maintain (for example, patching and upgrading) and simpler to troubleshoot when things go wrong. As a result, downtime is reduced, users are more productive, and business booms along. Another cost-saving perspective is that since in a terminal server environment all application logic runs on the server, the processing and storage requirements for client machines are minimal. This means you can save money by keeping in service older desktop computers running legacy versions of Windows, and focus your limited IT budget on a few high-powered systems to run as your terminal servers. Or you can toss your old desktop PCs and buy thin clients like Windows-Based Terminals (WBTs) instead, such as those from Neoware, Wyse, and other vendors. The options are almost limitless since terminal servers let you run almost any DOS, Win32, or Web-based application from almost any client platform as we'll see in a moment. So what are the options for running terminal servers in today's enterprise environment? There are two major players in the landscape, Microsoft and Citrix, and we'll start by looking at Microsoft's latest offering, the built- in Terminal Services component of Windows Server 2003.
Windows Terminal Services First off, let's take note that Terminal Services in Windows Server 2003 is light- years ahead of its predecessor in Windows 2000 Server. Key enhancements over that older platform include the following: •
•
•
•
Remote administration mode no longer requires the installation of additional components, you just select a checkbox on the Remote tab of the System tool in Control Panel and presto, up to two users can simultaneously connect to your server to remotely administer it. Not only that, you can even connect to the actual console session on the remote server, something you couldn't do in Windows 2000. Remote Desktop Protocol (RDP) has been enhanced to improve display and device redirection and enhance security through powerful encryption algorithms, making Terminal Services so secure you don't need a VPN tunnel when you're connecting to it over a public network like the Internet. The optional Session Directory component now lets you scale Terminal Services upwards to meet the demands of even large enterprises by letting you build a loadbalanced terminal server farm that lets users reconnect to the same terminal server they were connected to should they somehow become disconnected. This maintaining of session state lets you run mission-critical business applications on terminal server farms. And perhaps best of all, Terminal Services can now be configured, managed and lockeddown using dozens of Group Policy settings new to Windows Server 2003, allowing administrators to take advantage of the flexibility and power of Group Policy to simplify the configuration and management of Windows Terminal servers.
So it would seem that if you want to deploy terminal servers in the enterprise that Windows Server 2003 is a no-brainer as far as choice is concerned, right? After all, it's got the horsepower, it's got the scalability, it's even got the clients for different Windows platforms ranging from Windows 95 to Windows XP to Windows CE on Pocket PC devices. There is even a client for the Macintosh platform, and also an ActiveX client that runs within the Internet Explorer web browser so you can connect to Terminal Services over the Internet. For more details on Windows Terminal Services and how to set it up and configure it, you can take a look at the articles Windows 2003 Terminal Services (Part 1) and Windows 2003 Terminal Services (Part 2), both! by Andrew Z. Tabona right here on WindowsNetworking.com Anyway, even from our brief discussion here it might seem that Windows Server 2003 Terminal Services has got everything, and it's all you need, right? Not so fast!
Citrix Access Infrastructure Citrix, the company that actually developed the underlying technology behind Windows Terminal Services, wisely chose not to rest on its laurels but to continue refining and enhancing their product line until today they have a compelling suite of applications called Citrix MetaFrame Access Suite. This package consists of a handful of key products that run on Windows Server 2003 and go beyond what Windows Terminal Services itself can do. Here's the lineup: •
Citrix MetaFrame XP Presentation Server. This is Citrix's own version of Terminal Services and lets you connect any client device to any application running on the
•
•
•
presentation server (terminal server). And by "any" I really mean any. While Microsoft clients for Terminal Services are currently limited to Windows and Mac platforms, Citrix clients are available for Windows, Mac, various flavors of UNIX, and even EPOC handheld devices. Not only that, there's even a UNIX version of Presentation Server so you can run UNIX and Java applications on a terminal server while accessing them from Windows clients. This flexibility is key in large enterprises where the operating system environment is a heterogeneous mixture of Windows and UNIX, and if you want anyone to run any application from anywhere in your enterprise then Presentation Server is definitely something you should look at. Citrix MetaFrame Secure Access Server. This add-on to Presentation Server provides for role-based control over who can access applications and documents running on Presentation Server. With its built- in standards-based encryption, you can provide access anywhere even over the Internet without the need of additional security such as deploying a VPN. Citrix MetaFrame Password Manager. This add-on provides single sign on (SSO) authentication so your Presentation Server users only need a single password to gain access to a wide range of services and resources on Windows and UNIX servers. Citrix MetaFrame Conferencing Manager. This add-on allows sharing of Presentation Server application sessions so workers can collaborate using the same applications and work on documents together. It's also a great tool for conducting online training in your enterprise.
What gives Presentation Server a lot of its power is its ICA (Independent Computing Architecture) protocol, the presentation protocol used on the Citrix platform for transmitting keystrokes, mouse movements, and screen updates between thin clients and the presentation server. ICA is the Citrix counterpart of Microsoft's Remote Desktop Protocol (RDP) used by Terminal Services, and it's illuminating to compare the ir capabilities: Client Support Windows 95/98/NT/2000/XP Windows for Workgroups 3.11 Windows 3.1 DOS Windows CE Macintosh UNIX Linux Java Web browser
ICA X X X X X X X X X X
RDP X X
X
X
Conclusion So do you need the Citrix MetaFrame Access Suite, or will Windows Server 2003 Terminal Services be enough? Time and money--weigh the benefits of each solution and consider the costs, then decide. Don't just jump on the bandwagon by thinking you can deploy a terminal server, keep your old desktop PCs, save desktop licensing costs and walk away a winner. Both Terminal Services and Presentation Server have their own licensing requirements and they're complex, so you really need to do your research to see which one gives you the most bang for
your buck (or whether you'll even be saving any money at all moving your business from a client/server to a terminal server computing environment). Another factor to consider is that the hardware you use to run a terminal server on generally has to be top quality and pretty beefy, and such machines come with their own hefty price tag as well. In fact, sizing the underlying hardware you need to meet your current and pr! ojected requirements is one of the key steps in planning a move to Terminal Services, and Microsoft has provided a helpful whitepaper that can help your planning in this regard. Once all is said and done, Terminal Services (or Presentation Server) may be just for you or it may not. But it's just a tool anyway to help you get the real job done, namely, whatever business your company is in.
Setting up a DHCP server in Windows 2003 "Dynamic Host Configuration Protocol (DHCP) is an IP standard designed to reduce the complexity of administering IP address configurations." - Microsoft's definition. A DHCP server would be set up with the appropriate settings for a given network. Such settings would include a set of fundamental parameters such as the gateway, DNS, subnet masks, and a range of IP addresses. Using DHCP on a network means administrators don't need to configure these settings individually for each client on the network. The DHCP would automatically distribute them to the clients itself. The DHCP server assigns a client an IP address taken from a predefined scope for a given amount of time. If an IP address is required for longer than the lease has been set for, the client must request an extension before the lease expires. If the client has not requested an extension on the lease time, the IP address will be considered free and can be assigned to another client. If the user wishes to change IP address then they can do so by typing "ipconfig /release", followed by "ipconfig /renew" in the command prompt. This will remove the current IP address and request a new one. Reservations can be defined on the DHCP server to allow certain clients to have their own IP address (this will be discussed a little later on). Addresses can be reserved for a MAC address or a host name so these clients will have a fixed IP address that is configured automatically. Most Internet Service Providers use DHCP to assign new IP addresses to client computer s when a customer connects to the internet - this simplifies things at user level.
The above diagram diplays a simple structure consisting of a DHCP server and a number of client computers on a network. The DHCP Server itself contains an IP Address Database which holds all the IP addresses available for distribution. If the client (a member of the network with a Windows 2000 Professional/XP operating system, for example) has "obtain an IP address automatically" enabled in TCP/IP settings, then it is able to receive an IP address from the DHCP server.
Setting up a DHCP Server This will serve as a step-by-step guide on how to setup a DHCP server. Installing the DHCP server is made quite easy in Windows 2003. By using the "Manage your server" wizard, you are able to enter the details you require and have the wizard set the basics for you. Open to "Manage your server" wizard, select the DHCP server option for the list of server roles and press Next. You will be asked to enter the name and description of your scope. Scope: A scope is a collection of IP addresses for computers on a subnet that use DHCP.
The next window will ask you to define the range of addresses that the scope will distribute across the network and the subnet mask for the IP address. Enter the appropriate details and click next.
You are shown a window in which you must add any exclusions to the range of IP addresses you specified in the previous window. If for example, the IP address 10.0.0.150 is that of the company router then you won't want the DHCP server to be able to distribute that address as well. In this example I have excluded a range of IP addresses, 10.0.0.100 to 10.0.0.110, and a single address, 10.0.0.150. In this case, eleven IP's will be reserved and not distributed amongst the network clients.
It is now time to set the lease duration for how long a client can use an IP address assigned to it from this scope. It is recommended to add longer leases for a fixed network (in the office for example) and shorter leases for remote connections or laptop computers. In this example I have set a lease duration of twelve hours since the network clients would be a fixed desktop computer in a local office and the usual working time is eight hours.
You are given a choice of whethe r or not you wish to configure the DHCP options for the scope now or later. If you choose Yes then the upcoming screenshots will be of use to you. Choosing No will allow you to configure these options at a later stage.
The router, or gateway, IP address may be entered in next. The client computers will then know which router to use.
In the following window, the DNS and domain name settings can be entered. The DNS server IP address will be distributed by the DHCP server and given to the client .
If you have WINS setup then here is where to enter the IP Address of the WINS server. You can just input the server name into the appropriate box and press "Resolve" to allow it to find the IP address itself.
The last step is to activate the scope - just press next when you see the window below. The DHCP server will not work unless you do this.
The DHCP server has now been installed with the basic settings in place. The next stage is to configure it to the needs of your network structure.
Configuring a DHCP server Hereunder is a simple explanation of how to configure a DHCP server. The address pool displays a list of IP ranges assigned for distribution and IP address exclusions. You are able to add an exclusion by right clicking the address pool text on the left hand side of the mmc window and selecting "new exclusion range". This will bring up a window (as seen below) which will allow you to enter an address range to be added. Entering only the start IP will add a single IP address.
DHCP servers permit you to reserve an IP address for a client. This means that the specific network client will have the same IP for as long as you wanted it to. To do this you will have to know the physical address (MAC) of each network card. Enter the reservation name, desired IP address, MAC address and description - choose whether you want to support DHCP or BOOTP and press add. The new reservation will be added to the list. As an example, I have reserved an IP address (10.0.0.115) for a client computer called Andrew.
If you right click scope options and press "configure options" you will be taken to a window in which you can configure more servers and their parameters. These settings will be distributed by the DHCP server along with the IP address. Server options act as a default for all the scopes in the DHCP server. However, scope options take preference over server options. In my opinion, the DHCP server in Windows 2003 is excellent! It has been improved from the Windows 2000 version and is classified as essential for large networks. Imagine ha ving to configure each and every client manually - it would take up a lot of time and require far more troubleshooting if a problem was to arise. Before touching any settings related to DHCP, it is best to make a plan of your network and think about the range of IPs to use for the computers.