Using the Terminal Services Configuration Tool
In order for clients to establish Terminal Services sessions on a server, listener connections have to be configured on the particular server. A listener connection can be configured for only RDP (Remote Data Protocol) over TCP/IP. One listener connection can be configured for a network interface card (NIC) in the Terminal Services computer. The Terminal Services Configuration tool creates new listener connections to change configuration settings on existing listener connections and to configure server policy settings. While it is recommended to configure Terminal Services connections through Group Policy, the Terminal Services Configuration tool enables users to configure settings separately for multiple connections on one computer. The Terminal Services Configuration tool can be used to configure connections for ICA (Independent Computing Architecture) clients using IPX, SPX, NetBIOS, TCP/IP, or Asynchronous.
Configuring Terminal Services Server Settings with Terminal Services Configuration
The Terminal Services Configuration tool can be used to change settings for all connections to a particular server. The tool is automatically installed when Terminal Services is first installed.
To open the Terminal Services Configuration tool:
- Click Start, Administrative Tools, and Terminal ServicesConfiguration
The Server Settings node in Terminal Services Configuration manages server settings, which in turn affects sessions running on the Terminal Services server.
To configure server settings:
- Open the Terminal ServicesConfiguration tool.
- Click the Server Settings node in the left pane of the Terminal Services Configuration window.
- The Results pane lists the server configuration settings that can be set.
- Right click the server setting to be modified and select Properties from the shortcut menu.
- Change the setting.
The server settings displayed in the Results pane of the Terminal Services Configuration window when the Server Settings node is selected are listed below:
- Delete Temporary Folders On Exit: If this setting is enabled, all temporary folders created on the server are deleted when the user logs off. This setting is enabled by default.
- Use Temporary Folders Per Session: If the setting is enabled, each session has its own temporary folders.This setting is enabled by default.
- Licensing: Users can choose between Per User and Per Device licensing.
- Active Desktop: Enabling this setting allows connections to use Active Desktop at the expense of bandwidth.
- Permission Capability: Users can choose between Full Security or Relaxed Security. Full Security is the default setting.
- Restrict Each User To One Session: Enabling this setting limits users to one session on the Terminal Services server.
- Session Directory: Enabling this setting results in Session Directory managing the sessions within the cluster. This setting is disabled by default.
Modifying Terminal Services Connection Properties with Terminal Services Configuration
The Terminal Services Configuration tool can be used to modify the properties of existing connections. The Microsoft Remote Data Protocol (RDP) 5.2 is the only protocol that installed by default. Before changing the connections’ properties, it is important to bear in mind that each property setting that is configured affects each user that connects with the particular connection.
To change an existing connection’s connection properties settings:
- Click Start, Administrative Tools, and Terminal Services Configuration
- Click the Connections node in the left pane of the Terminal Services Configuration window.
- The Results pane lists all existing connections.
- The default connection is namedRDPTcp.
- To change the properties of any of the listed connections in the Results pane, right click the connection, then click Properties on the shortcut menu.
- The Properties dialog box of the connection selected opens. The Properties dialog box contains the following tab:
To change an existing connection’s connection properties settings:
- Click Start, Administrative Tools, and Terminal Services Configuration
- Click the Connections node in the left pane of the Terminal Services Configuration window.
- The Results pane lists all existing connections.
- The default connection is namedRDPTcp.
- To change the properties of any of the listed connections in the Results pane, right click the connection then click Properties on the shortcut menu.
- The Properties dialog box of the connection selected opens. The Properties dialog box contains the following tab:
To change an existing connection’s connection properties settings:
- Click Start, Administrative Tools, and Terminal Services Configuration
- Click the Connections node in the left pane of the Terminal Services Configuration window.
- The Results pane lists all existing connections.
- The default connection is namedRDPTcp.
- To change the properties of any of the listed connections in the Results pane, right click the connection then click Properties on the shortcut menu.
- The Properties dialog box of the connection selected opens. The Properties dialog box contains the following tab:
-
- General tab, Logon Settings tab, Sessions tab, Environment tab, Remote Control tab, Client Settings tab, Network Adapter tab, and Permissions tab.
The settings that can be changed on the General tab are listed below. The tab identifies the connection type (RDP-Tcp) and the RDP version number and enables the encryption level that will be required for the connection to Terminal Services to be changed.
- Comment box: A short note can be entered in this box.
- Encryption Level: The settings that can be configured are listed below:
- Low: The standard encryption key is used to encrypt data from the client to the server. If a client cannot support 56-bit encryption, it will not be able to establish a connection.
- Client Compatible: This is the default setting. Data is encrypted with the maximum level of encryption that the client supports.
- High: Data is encrypted in both directions with the maximum encryption key. Clients that do not support 128-bit encryption will not be able to connect.
- FIPS Compliant: Data is encrypted in both directions through the Federal Information Processing Standard (FIPS) encryption algorithms.
- Use Standard Windows Authentication checkbox: The checkbox can be enabled to ensure that Windows authentication used for Terminal Services connections.
The settings that can be changed on the Logon Settings tab are listed below:
- Use Client-Provided Logon Information: Select this option to ensure that the server accepts the credentials that the client provided. This means that the client essentially determines the logon security user.
- Always Use The Following Logon Information: Choose this option if one desires to specify the logon information that should be used for all users. This basically allows all users to log on to the server automatically, no credentials need to be provided. When this option is selected, enter the appropriate information in:
- User Name text box
- Domain text box
- Password and Confirm password text boxes
- Always Prompt For Password: If this option is selected, the user will be prompted to provide a valid password.
The settings that can be changed on the Sessions tab are listed below:
- Override User Settings checkbox: When selected, user settings are overridden and the options listed below are available:
- End a disconnected session: Users can set the time for which a disconnected session can continue running on the Terminal Services computer.
- Active session limit: Users can set the time for which active sessions can remain connected to the Terminal Services computer.
- Idle session limit: Users can set the time for which an idle session can stay connected to Terminal Services computer.
- Override User Settings checkbox: When enabled, the two options listed below become available and relate to when the session limit is reached or the connection is broken:
- Disconnect from session
- End session
- Override User Settings checkbox: When enabled, the Allow Reconnection setting can be configured as:
- From any client
- From previous client
The settings that can be changed on the Environment tab are listed below:
- Program path and file name: Indicates the program path and executable file that would be run when connection is established.
- Start in: If the program needs working directory, enter it here.
The settings that can be changed on the Remote Control tab are listed below:
- Use remote control with default user settings option: This is the default option. The settings for remote control are configured in the user account’s properties.
- Do not allow remote control option: All remote control to sessions are disabled or blocked.
- Use remote control with the following settings: Allows users to specify the remote control settings that should be used for all users connecting to the Terminal Services server through the connection:
- Require user’s permission checkbox: Enable this checkbox if displaying a message that requests remote control to the user is desired.
- To specify the level of control allowed over the session, select the View the session option or the Interact with the session option.
The settings that can be changed on the Client Settings tab are listed below:
- Use connection settings from user settings checkbox: When enabled, users can choose the options listed below:
- Connect client drives at logon
- Connect client printers at logon
- Default to main client printer
- Limit Maximum Color Depth checkbox: When enabled, the maximum color depth that clients use can be selected. The Default setting is 16-bit.
- Users can also choose to disable the following options using the checkboxes listed below:
- Drive Mapping – client drives are not mapped to the session
- Windows Printer Mapping – connections to Windows printers are blocked
- LPT Port Mapping – the mapping of client LPT ports is blocked.
- COM Port Mapping – mappings to COM ports is blocked
- Clipboard Mapping – clipboard mapping is blocked
- Audio Mapping – audio information is blocked
The settings that can be changed on the Network Adapter tab are listed below:
- Network Adapter drop-down box: Contains the available network adapters that can connect to TerminalServices.
- Unlimited connections: This option means that no limit exists for the number of connections allowed with this network adapter.
- Maximum connections: Sets the maximum number of connections allowed with this network adapter.
The access permissions that can be set for the connection on the Permissions tab are listed below:
- Full Control: This permission allows the tasks listed below to be performed. The permissions is usually enabled for Administrators and the System:
- Modify connection settings
- Log on to a session
- Connect to an existing session
- Log off another user from a session
- Disconnect another user from a session
- Take control of the session
- Send a message to a user or session
- Query for information on the session
- User Access: This permission allows the tasks listed below to be performed:
- Log on to a session
- Connect to an existing session
- Send a message to another user
- Query for information on the session
- Guest Access: This permission allows the tasks listed below to be performed:
- Log on to a session
Service: This permission allows the tasks listed below to be performed:
- Send a message to another user
- Query for information on the session
Comments - 4 Responses to “Using the Terminal Services Configuration Tool”
Sorry but comments are closed at this time.