An Overview on the Terminal Services Configuration Tool
In order for clients to establish Terminal Services sessions to on a server, listener connections have to be configured on the particular server. A listener connection can be configured for only RDP (Remote Data Protocol) over TCP/IP. One listener connection can be configured for a network interface card (NIC) in the Terminal Services computer. The Terminal Services Configuration tool is used create new listener connections, to change configuration settings on existing listener connections, and to configure server policy settings. While it is recommended to configure Terminal Services connections through Group Policy, the Terminal Services Configuration tool enables you to configure settings separately for multiple connections on the one computer. You can use the Terminal Services Configuration tool to configure connections for ICA (Independent Computing Architecture) clients using IPX, SPX, NetBIOS, TCP/IP or Asynchronous.
Configuring Terminal Services Server Settings using Terminal Services Configuration
You can use the Terminal Services Configuration tool to change settings for all connections to a particular server. The tool is automatically installed when you first install Terminal Services.
To open the Terminal Services Configuration tool,
Click Start, Administrative Tools, and click Terminal ServicesConfiguration
The Server Settings node in Terminal Services Configuration is used to manage server settings, which in turn affect sessions running on the Terminal Services server.
To configure server settings,
Open the Terminal ServicesConfiguration tool.
Click the Server Settings node in the left pane of the Terminal Services Configuration window.
The Results pane lists the server configuration settings which you can set.
Right-click the server setting which you want to modify, and select Properties from the shortcut menu.
Proceed to change the setting.
The server settings displayed in the Results pane of the Terminal Services Configuration window when you select the Server Settings node, are listed below:
Delete Temporary Folders On Exit: If this setting is enabled, all temporary folders created on the server are deleted when the user logs off. This setting is enabled by default.
Use Temporary Folders Per Session:If the setting is enabled, each session has its own temporary folders.This setting is enabled by default.
Licensing: You can choose between Per User, and Per Device licensing.
Active Desktop: Enabling this setting allows connections to use Active Desktop, at the expense of bandwidth.
Permission Capability: You can choose between Full Security or Relaxed Security. Full Security is the default setting.
Restrict Each User To One Session: Enabling this setting limits users to one session on the Terminal Services server.
Session Directory: Enabling this setting results in Session Directory managing the sessions within the cluster. This setting is disabled by default.
Modifying Terminal Services Connection Properties using Terminal Services Configuration
You can use the Terminal Services Configuration tool to modify the properties of existing connections. The Microsoft Remote Data Protocol (RDP) 5.2 is the only protocol that installed by default. Before you start to change the properties of connections, it is important to bear in mind that each property setting which is configured affects each user that connects using the particular connection.
To change the connection properties settings of an existing connection,
Click the Connections node in the left pane of the Terminal Services Configuration window.
The Results pane lists all existing connections.
The default connection is namedRDPTcp.
To change the properties of any of the listed connections in the Results pane, right-click the connection,and then click Properties on the shortcut menu.
The Properties dialog box of the connection which you selected opens. The Properties dialog box contains the following tab:
To change the connection properties settings of an existing connection,
Click the Connections node in the left pane of the Terminal Services Configuration window.
The Results pane lists all existing connections.
The default connection is namedRDPTcp.
To change the properties of any of the listed connections in the Results pane, right-click the connection,and then click Properties on the shortcut menu.
The Properties dialog box of the connection which you selected opens. The Properties dialog box contains the following tab:
To change the connection properties settings of an existing connection,
Click the Connections node in the left pane of the Terminal Services Configuration window.
The Results pane lists all existing connections.
The default connection is namedRDPTcp.
To change the properties of any of the listed connections in the Results pane, right-click the connection,and then click Properties on the shortcut menu.
The Properties dialog box of the connection which you selected opens. The Properties dialog box contains the following tab:
General tab, Logon Settings tab, Sessions tab, Environment tab, Remote Control tab, Client Settings tab, Network Adapter tab, and Permissions tab.
The settings which you can change on the General tab are listed below. The tab identifies the connection type (RDP-Tcp) and the RDP version number, and enables you to change the encryption level that will be required for the connection to Terminal Services.
Commentbox: You can enter a short note in this box.
EncryptionLevel: The settings that can be configured are listed below:
Low: The standard encryption key is used to encrypt data from the client to the server. If a client cannot support 56-bit encryption, it will not be able to establish a connection.
Client Compatible: This is the default setting. Data is encrypted using the maximum level of encryption supported by the client.
High: Data is encrypted in both directions, using the maximum encryption key. Clients that do not support 128-bit encryption will not be able to connect.
FIPS Compliant: Data is encrypted in both directions through the Federal Information Processing Standard (FIPS) encryption algorithms.
Use Standard Windows Authentication checkbox: The checkbox can be enabled to ensure that Windows authentication used for Terminal Services connections.
The settings which you can change on the Logon Settings tab are listed below.
Use Client-Provided Logon Information: You select this option to ensure that the credentials provided by the client are accepted by the server. This means that the client essentially determines the logon security user.
Always Use The Following Logon Information: Choose this option if you want to specify the logon information that should be used for all users. This basically allows all users to log on to the server automatically – no credentials need to be provided. When this option is selected, you have to enter the appropriate information in:
User Name text box
Domain text box
Password and Confirm password text boxes
Always Prompt For Password: If this option is selected, the user will be prompted to provide a valid password.
The settings which you can change on the Sessions tab are listed below.
Override User Settings checkbox:When selected, user settings are overridden and the options listed below are available:
End a disconnected session: You can set the time which a disconnected session can continue running on the Terminal Services computer.
Active session limit: You can set the time which active sessions can remain connected to the Terminal Services computer.
Idle session limit: You can set the time which an idle session can stay connected to Terminal Services computer.
Override User Settings checkbox:When enabled, the two options listed below become available, and relate to when the session limit isreached or the connection is broken:
Disconnect from session
End session
Override User Settings checkbox:When enabled, the Allow Reconnection setting can be configured as:
From any client
From previous client
Th settings which you can change on the Environment tab are listed below.
Program path and file name: Used to indicate the program path and executable file that would be run when connection is established
Start in: If the program needs working directory, enter it here.
The settings which you can change on the Remote Control tab are listed below.
Use remote control with default user settings option: This is the default option. The settings for remote control are configured in the properties of the user account.
Do not allow remote control option:All remote control to sessions are disabled or blocked.
Use remote control with the following settings: Allows you to specify the remote control settings which should be used for all users connecting to the Terminal Services server through the connection:
Require user’s permission checkbox: Enable this checkbox if you want a message that requests remote control, to be displayed to the user.
To specify the level of control which is allowed over the session select the View the session option or the Interact with the session option.
The settings which you can change on the Client Settings tab are listed below:
Use connection settings from user settings checkbox: When enabled, you can choose the options listed below:
Connect client drives at logon
Connect client printers at logon
Default to main client printer
Limit Maximum Color Depth checkbox:When enabled, you can select the maximum color depth used by clients. The Default setting is 16-bit.
You can also choose to disable the following options using the checkboxes listed below:
Drive Mapping, client drives are not mapped to the session
Windows Printer Mapping, connections to Windows printers are blocked
LPT Port Mapping, the mapping of client LPT ports is blocked.
COM Port Mapping, mappings to COM ports is blocked
Clipboard Mapping, clipboard mapping is blocked
Audio Mapping, audio information is blocked
The settings which you can change on the Network Adapter tab are listed below:
Network Adapter drop-down box: Contains the available network adapters which can be used to connect to TerminalServices.
Unlimited connections: Settings this option means that no limit exists for the number of connections allowed using this network adapter.
Maximum connections: Used to set the maximum number of connections allowed using this network adapter.
The access permissions which you can set for the connection on the Permissions tab are listed below:
Full Control: This permission allows the tasks listed below to be performed. The permissions is usually enabled for Administrators and the System:
Modify connection settings
Log on to a session
Connect to an existing session
Log off another user from a session
Disconnect another user from a session
Take control of the session
Send a message to a user or session
Query for information on the session
User Access: This permission allows the tasks listed below to be performed:
Log on to a session
Connect to an existing session
Send a message to another user
Query for information on the session
Guest Access: This permission allows the tasks listed below to be performed:
Log on to a session
Service: This permissions allows the tasks listed below to be performed:
