Installing and configuring a Terminal Server with windows 2008:
Microsoft first introduced Terminal server with its Windows NT operating system. Terminal server today has come a very long way since Windows NT.
In windows 2000 the terminal server had to be installed from the control panel Add remove programs and ADD / Remove windows components. It offered you two options:
- Installing Terminal services for remote admin mode.
- Terminal server in application server mode.
This was later modified with windows 2003 & its subsequent R2 release with the Remote Tab under My computer properties, so that you do not need to install the terminal server for remote admin mode.
With Windows server 2008 and 2008 R2 a lot of additional features were added and improved with windows 2008 R2. This discussion only deals with Terminal server in windows server 2008 and not the remote desktop role with windows server 2008 R2.
To install the terminal server role.
Open the server Manager console, click on ADD roles.
Under the list of server roles, select Terminal services.
Under Role services, choose the role services that need to be installed.
If installing the session broker, you need to have multiple Terminal servers to build a session broker farm.
I have had a lot of questions whether the TS gateway should be implemented in a DMZ. It is not advisable, Though you may install it in DMZ. The gateway is a member of the domain which means additional ports need to be opened on the domain member, rather you may install the gateway in your internal network and open Port 443 on the firewalls.
Choose network level authentication if you have all clients supporting network level authentication. Example windows Vista/ XP sp3 etc with the RDP 6.0 & above.
Under terminal server licensing either configure the licensing option or configure later.
Choose who can access the terminal server, you may add members to this group later.
Choose the scope of licensing server:
- whether its scope is in the same domain
- Or the entire Forest.
If you choose the domain then Terminal servers in child domain or other domains in the same forest will not be serviced by the License server.
If you have a certificate you may use it to secure the gateway or configure it later.
Configure the CAP / RAP for the Gateway server later.
The Installation is complete. We need to now configure the Terminal server & application for Remote access.
Note: If you plan to Install Microsoft Office on the Terminal server. Make sure that the product of MS office is VL and can be installed on TS.
Configuring the windows 2008 Terminal services:
The Setup for the Lab:
In this case the test Lab that is being used has the following servers.
- windows 2003 Active Directory ( domain controller)
- Terminal server running windows server 2008.
We will introduce 2 windows 2008 servers, for session broker Farm setup.