Remote Desktop Services ( RDS ), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allows users to controlling a remote computer or a virtual machine through a network connection. RDS is a thin client implementation of Microsoft, where Windows software, and all desktop computers running RDS, can be accessed by remote client machines that support Remote Desktop Protocol (RDP). With RDS, only the software user interface is transferred to the client system. All input from the client system is transmitted to the server, where the software execution occurs. This is different from the application streaming system, such as Microsoft App-V, where computer programs are streamed to the client on demand and run on client machines.
RemoteFX is added to RDS as part of Windows Server 2008 R2 Service Pack 1.
Video Remote Desktop Services
Ikhtisar
RDS was first released as "Terminal Server" in "Windows NT Server 4.0 Terminal Server Edition" stand-alone operating system including SP3 and built in improvements. Starting with Windows 2000, it is an optional role and a mainstay of Windows NT family of operating systems and enhanced with every version of Windows. Renamed to "Remote Desktop Services" occurred with Windows Server 2008 R2 in 2009.
Windows includes three client components that use RDS:
- Windows Remote Assistance
- Remote Desktop Connection (RDC)
- Quick User Redirection
The first two are individual utilities that allow the user to remotely control the computer over the network. In the case of Remote Assistance, remote users must accept the invitation and the control is cooperative. However, in the case of RDC, the remote user opens a new session on the remote computer and has every power granted by user account privileges and restrictions. Fast User Switching allows users to switch between user accounts on a local computer without leaving the software and exit. Fast User Switching is part of Winlogon and uses RDS to complete the redirection feature. Third-party developers have also created client software for RDS. For example, rdesktop supports Unix platforms.
Although RDS is shipped with most editions of all versions of Windows NT since Windows 2000, the functionality is different in each version. Windows XP Home Edition does not accept RDC connections at all, providing RDS for Fast User Switching and Remote Assistance only. Other client versions of Windows only allow a maximum of one remote user to connect to the system at the cost of a user who has logged in to the disconnected console. Windows Server allows two users to connect at the same time. This licensing scheme, called "Remote Desktop for Administration", facilitates unattended or headless computer administration. Only by obtaining additional licenses (apart from Windows) can a computer running multiple Windows Server services multiple users at once and reach the virtual desktop infrastructure.
For organizations, RDS allows IT departments to install applications on a central server instead of multiple computers. Remote users can log in and use the app over the network. This kind of centralization can make maintenance and troubleshooting easier. RDS and Windows authentication systems prevent unauthorized users from accessing applications or data.
Microsoft has a long-term agreement with Citrix to facilitate technology sharing and patent licensing between Microsoft Terminal Services and Citrix XenApp (formerly Citrix MetaFrame and Citrix Presentation Server). In this setting, Citrix has access to the key source code for the Windows platform, enabling developers to improve the security and performance of the Terminal Services platform. At the end of December 2004, the two companies announced a five-year extension of this arrangement to shut down Windows Vista.
Maps Remote Desktop Services
Architecture
The RDS server component is Terminal Server ( termdd.sys
), which listens on the TCP port 3389. When the Remote Desktop Protocol (RDP) client connects to this port, it is indicated by SessionID that is unique and associated with newly researched console sessions (Session 0, keyboard, mouse, and character mode UI only). The login subsystem (winlogon.exe) and the GDI graphics subsystem are then started, which handles the job of authenticating users and displaying the GUI. This executable is loaded in a new session, not a console session. When creating a new session, graphical device drivers and keyboard/mouse are replaced with RDP-specific drivers: RdpDD.sys
and RdpWD.sys
. The RdpDD.sys
is the device driver and captures the UI rendering the calls into a format that is transmitted via RDP. RdpWD.sys
acts as a keyboard and mouse driver; it accepts keyboard and mouse input via a TCP connection and presents it as keyboard or mouse input. It also allows the creation of a virtual channel , which enables other devices, such as disks, audio, printers, and COM ports to be switched, that is, the channel acts instead of this device. Channels connected to the client through a TCP connection; when the channel is accessed for data, the client is notified of the request, which is then transferred through a TCP connection to the application. All these procedures are performed by terminal servers and clients, with RDP mediating the correct transfers, and fully transparent for the application. RDP communication is encrypted using 128-bit RC4 encryption. Windows Server 2003 and so on, can use the appropriate FIPS 140 encryption scheme.
Once the client starts the connection and gets information about the service stack terminal's success on the server, it will enhance the device as well as the keyboard/mouse driver. UI data received via RDP is decoded and displayed as UI, while keyboard and mouse input to Window hosting UI is intercepted by the driver, and sent via RDP to the server. It also creates other virtual channels and sets up redirects. RDP communication can be encrypted; using low, medium or high encryption. With low encryption, user input (data out) is encrypted using a weak cipher (40-bit RC4). With medium encryption, UI packets (incoming data) are encrypted using this weak cipher as well. The "High (Non-Export)" encryption settings use 128-bit RC4 encryption and "High encryption (Export)" using 40-bit RC4 encryption.
Terminal Server
Terminal Server is the server component of the Terminal service. It handles the job of authenticating the client, as well as making the app available remotely. It is also entrusted with the task of limiting clients according to the level of access they have. Terminal Server respects the software restriction policy that is configured, thus limiting the availability of certain software to specific groups of users. The remote session information is stored in a special directory, called Session Directory stored on the server. Session directory is used to store state information about a session, and can be used to resume an interrupted session. The terminal server must also manage this directory. Terminal servers can be used in groups as well.
In Windows Server 2008, it has been significantly overhauled. When logged in, if a user signs in to a local system using a Windows Server Domain account, the credentials from the same sign-on can be used to authenticate remote sessions. However, this requires Windows Server 2008 to be the server OS terminal, while the client OS is limited to Windows Server 2008, Windows Vista and Windows 7. In addition, the terminal server can be configured to allow connection to individual programs, rather than the entire desktop, using a feature named RemoteApp. Terminal Services Web Access (TS Web Access) allows RemoteApp sessions to be used from a web browser. This includes the Web Access Control Web TS component that stores the list of RemoteApps used on the server and keeps the list up-to-date. Terminal Server can also integrate with Windows System Resource Manager to curb the use of resources from remote applications.
Terminal Server is managed by the Terminal Server Manager Microsoft Management Console snap-in. This can be used to configure login requirements, as well as to enforce a single instance of remote sessions. It can also be configured by using Group Policy or Windows Management Instrumentation. However, this is not available in Windows client OS versions, where the server is pre-configured to allow only one session and enforce user account privileges on a remote session, without any adjustments.
Remote Desktop Gateway
The Remote Desktop Gateway service component, also known as RD Gateway , can tunnel RDP sessions using HTTPS channels. This enhances RDS security by encapsulating sessions with Transport Layer Security (TLS) It also allows the option to use Internet Explorer as an RDP client. The official MS RDP client for Mac OS X supports RD Gateway on version 8. It is also available for iOS and Android.
This feature was introduced in Windows Server 2008 and Windows Home Server products.
Role
- Remote Desktop Gateway
- Enables legitimate users to connect to virtual desktops, Remote Application programs, and session-based desktops over private or Internet networks.
- Remote Desktop Connection Broker
- Allows users to reconnect to existing virtual desktops, RemoteApp programs, and session-based desktop. This even enables the distribution of loads on RD Session Host servers in session collections or across virtual desktops collected in collected virtual desktop collections, and provides access to virtual desktops in virtual desktop collections.
- Remote Desktop Session Host
- Allows the server to host the RemoteApp program as a session-based desktop. Users can connect to the RD Session Host server in the session collection to run the program, save the file, and use the resources on the server. Users can access the Remote Desktop Session Host server using the Remote Desktop Connection client or by using the RemoteApp program.
- Host Remote Desktop Virtualization
- Allows users to connect to a virtual desktop by using RemoteApp and Desktop Connection.
- Remote Desktop Web Access
- Allows users to access RemoteApp and Desktop Connection via the Start Menu or through a web browser. RemoteApp and Desktop Connection provide users with special view of RemoteApp programs, session-based desktop, and virtual desktops.
- Remote Desktop Licensing
- Enables the server to manage the RDS Client access client (RDS CALs) required for each device or user to connect to the Remote Desktop Session Host server. RDS CAL is managed using the Remote Desktop Licensing Manager application.
RemoteApp
RemoteApp (or TS RemoteApp ) is a special RDS mode, available in Windows Server 2008 R2 and later, where remote session configuration is integrated into the client operating system. The RDP 6.1 client sends with Windows XP SP3, KB952155 for Windows XP SP2, Windows Vista SP1, and Windows Server 2008 users. The UI for RemoteApp is displayed in a window above the local desktop, and is managed like any other window for local applications. The end result is that remote apps behave mostly like local apps. Tasks create remote sessions, as well as redirect local resources to remote applications, transparent to end users. Some applications can be started in one RemoteApp session, each with their own windows.
RemoteApp can be packaged either as a .rdp
file or distributed via the .msi
Windows Installer package. When packaged as a .rdp
file (containing RemoteApp server address, authentication scheme to be used, and other settings), RemoteApp can be launched by double clicking the file. This will call the Remote Desktop Connection client, which will connect to the server and render the UI. RemoteApp can also be packaged in a Windows Installer database, install that can register RemoteApp in the Start menu as well as create shortcuts to launch it. RemoteApp can also be registered as a handler for file types or URIs. Opening a file registered with RemoteApp will first call Remote Desktop Connection, which will connect to the terminal server and then open the file. Any apps that can be accessed via Remote Desktop can be presented as RemoteApp.
Windows 7 includes built-in support for RemoteApp publishing, but it must be manually enabled in the registry, since there is no RemoteApp management console in the Microsoft Windows client version.
Client software
Remote Desktop Connection
Remote Desktop Connection (RDC, also called Remote Desktop , formerly Microsoft Terminal Services Client , mstsc or < b> tsclient ) is the client application for RDS. It allows users to log in remotely into a network computer running a terminal service server. RDC presents a desktop interface (or GUI app) from a remote system, as if it were accessed locally. In addition to the username/regular password for authorization for remote sessions, RDC also supports the use of smart cards for authorization. With RDC 6.0, remote session resolutions can be set separately from the settings on the remote computer.
With version 6.0, if the Desktop Experience component is plugged into the remote server, remote application user interface elements (e.g., Application window boundaries, Maximize, Minimize and Close buttons etc.) will take the same local app view. In this scenario, the remote application will use the Aero theme if the user connects to the server from a Windows Vista machine running Aero. The latest version of the protocol also supports UI rendering in full 32-bit colors, as well as resource redirects for printers, COM ports, disk drives, mice and keyboards. With resource redirects, remote applications can use local computer resources. Audio is also diverted, so any voice generated by remote applications is played back on the client system. In addition, remote sessions can also reach multiple monitors on the client system, regardless of the multi-monitor settings on the server. RDC can also be used to connect to Windows Media Center (WMC) remote sessions; however, since WMC does not stream videos using RDP, only apps can be viewed in this way, not any media.
RDC prioritizes UI data as well as keyboard and mouse input, compared to print jobs or file transfers. thus making the app more responsive. It switches plug and play devices like cameras, portable music players, and scanners, so input from these devices can also be used by remote applications. RDC can also be used to connect to computers that are exposed through Windows Home Server RDP Gateway over the Internet. Finally, RDC can be used to reboot the remote computer with Ctrl Alt End key combination.
Windows Desktop Sharing
Windows Vista and beyond, Terminal Services also includes a multi-party desktop sharing capability known as Windows Desktop Sharing . Unlike Terminal Services, which creates a new user session for each RDP connection, Windows Desktop Sharing can host remote sessions in the context of the currently logged-in user without creating a new session, and make the Desktop, or part of it, available over RDP. Windows Desktop Sharing can be used to share an entire desktop, region, or specific application. Windows Desktop Sharing can also be used to share multi-monitor desktops. When sharing applications individually (not the entire desktop), windows is managed (whether they are minimized or maximized) independently on the server and client side.
Its functionality is only provided through the public API, which any application can use to provide screen sharing functionality. The Windows Desktop Sharing API exposes two objects: RDPSession
for the sharing session and RDPViewer
for the viewer. Some viewer objects can be used for a single Session object. The viewer can be a passive audience, which can only watch apps like screencast, or an interactive viewer, which can interact in real time with remote applications. The RDPSession
object contains all shared apps, represented as Application
objects, each with a Window
object representing the window on their screen. Filters per app capture Windows applications and package them as Window
objects. A viewer must authenticate himself before they can connect to sharing sessions. This is done by generating Invites
using RDPSession
. It contains authentication tickets and passwords. This object is serialized and sent to viewers, who need to present Invites
when connecting.
The Windows Desktop Sharing API is used by Windows Meeting Space and Windows Remote Assistance to provide application sharing functionality among network peers.
See also
- Windows MultiPoint Server
- Microsoft NetMeeting, a discontinued Microsoft product also provides the Shared-desktop feature, within the same timeframe as Windows NT Terminal Services Edition
- Virtual Network Computing
References
External links
- Official website
Source of the article : Wikipedia