Let's rename the Administrator account. Restoring a database from a backup copy
Terminal Services are additional component family of systems Microsoft Windows 2003 (Windows 2000 server). Terminal Services allows you to use graphical Windows interface on remote devices, connected to local network, global network or the Internet.
Terminal Services can operate in two modes:
1) Remote Desktop for Administration(formerly known as Terminal Services in Remote Administration mode)
This mode is designed to provide operators and administrators with the ability to remote access to servers and domain controllers. Server configured for remote administration does not require additional licensing; in this mode, only two simultaneous connections are possible.
2) Terminal Server mode
This mode has no restrictions on the number of connections, but requires additional licensing. Solving the problem activation of necessary licenses and this article is dedicated to. In a non-activated state, the server will work for 120 days (in Windows 2000 - 90 days).
First of all you need turn on Terminal mode Server mode this is done through the control panel applet (Control Panel) "Add or Remove Programs". We also need installed serviceTerminal Server Licensing.
Then you can proceed directly to activating the necessary licenses. This task has two parts. The first is the activation of the license for the Terminal Server‘oh, and the second one is the installation client access licenses(CALs)— licenses that determine the number of simultaneously connected users.
So, the most important thing:
1) Let's launch Terminal Server Licensing(Start -> Control Panel -> Administrative Tools-> Terminal Server Licensing)
2) Select the terminal server that we want to activate, then right-click And Properties. On the tab Installation Method select the installation method Web Browser (in Windows 2000 - WorldWideWeb).
3) Go to the tab Required Information, fill in the fields with various crap and click OK
4) On the terminal server that we activate, right-click And Activate Server, will start . Read the description and click Next
5) Selecting the activation method Web Browser(in Windows 2000 - WorldWideWeb), click Next.
6) At this step we need to go to the site for getting license server ID.
7) On the website Terminal Server Licensing select the option Activate a license server and click Next
8) (*) . Product ID take from Terminal Server License Server Activation Wizard(see step 6), fill in the remaining fields with the same crap as in step 3. After that, click Next, then check the entered information and press again Next.
9) If everything is correct, then we will get the necessary license server ID, website https://activate.microsoft.com/ close no need, we will need it later to obtain .
Enter the received license server ID V Terminal Server License Server Activation Wizard(see step 6), and it is also advisable to print the page or save it somewhere license server ID, it may be needed later. Click Next.
This completes the first part - activation of the terminal server itself.
10) For installation client access licenses (CALs), second part, you need to check that the checkbox is ticked Start Terminal Server Client Licensing Wizard installed and click Next. We will see the CAL Installation Wizard greeting you. Let's get acquainted with the information and click Next.
11) At this step we will again need to go to the site https://activate.microsoft.com/, or rather, to the page that was mentioned in step 9 (it should be open). To the question “Do you wish to install license tokens at this time?” we answer Yes(see step 9).
12) In this step we need to fill in the fields marked (*) . License Server ID take from Terminal Server CAL Installation Wizard(see step 11), select Enterprise agreement as License Program (Definitely, otherwise it won’t work!), fill in the remaining fields with the same crap as in step 3. After that, click Next.
13)
The most important step! Here you need to select:
Product Type - Windows Server 2003 Terminal Server Per Device Client Access License
(in Windows 2000 - Windows 2000 Server Terminal Services Client Access License (per-device))
Quantity— the number of licenses you need
Agreement Number — 6565792, 5296992, 3325596
or any other found on the Internet
Next click Next, check the entered information and press again Next.
Installing Terminal Services
Login to the server with administrator rights.
Open “Server Manager” -> Roles -> Add Role:
In the list of available server roles, select “Terminal Services”:
In the "Role Services" list, check "Terminal Server" and "Terminal Services Licensing". These services are sufficient to maintain basic functionality.
It is advisable to install the terminal server before installing user applications. We are warned about this in the next step:
Authentication method. "Require Network Level Authentication" - This option provides increased security, but in this mode, users with legacy clients (rdp 5.x and lower), as well as users connecting via Explorer (remote desktop web connection), will not be able to connect to the server. To ensure support for all versions of clients, select the "Don't require network level authentication" option.
Licensing mode. It is advisable to decide in advance on the licensing mode: “per user” or “per device”. User licenses are effective if your organization a large number of mobile users who require access to the server from both corporate network, and from a remote location (home, another office). Per-device licenses are effective if users are locked into their desktops.
Group of users. Here you can immediately specify groups or individual users who will be allowed access to the terminal server. This can be done later by simply adding the right users to the “Remote Desktop Users” group.
Setting up a license server. If the server is not part of the domain, then there are not many options:
Review selected options before installation. Please note that the system warns us that after installation the Internet Explorer enhanced security option will be disabled. Moreover, enhanced security will be disabled only for ordinary users(will not be disabled for administrators). After completing the installation of Terminal Server, do not forget to enable it back.
The next step is to activate the terminal server.
Activating a Terminal Server
Open Start -> Administrative Tools -> Terminal Services -> “Terminal Services Licensing Manager”. Select the license server from the list. Right-click and select “Activate Server” from the menu:
The Server Activation Wizard starts:
In the next step, select the connection method. You can safely select “Auto-connect”:
Information about the organization. Enter your first name, last name and organization name:
Additional information. You can fill in or you can ignore:
After a few seconds, your server will be successfully activated:
Now you can start installing licenses. It should be noted that after activating the license server, there is no need to immediately purchase and install licenses. In the absence of full licenses, the server operates in demo mode. Users are issued temporary licenses for 120 days.
Installing licenses
Launch the license installation wizard. This can be done immediately after activating the license server by selecting the appropriate option, or by opening Start -> Administrative Tools -> Terminal Services -> “Terminal Services Licensing Manager” -> Select your license server -> Right click -> Install licenses.
Enter the agreement number:
Select the product version, license type (must match the previously selected license type of the license server), number of licenses:
We check the installation of licenses in the licensing manager:
The terminal server is ready for use.
What is the difference between "Remote Desktop" and "Terminal Server"?
Remote Desktop on Windows Server is the same as RDP, but only for administrators. This tool is available immediately after server installation and does not require additional installation. A maximum of two administrators can simultaneously connect to the server remotely.
Terminal server - needed to connect ordinary users in quantities limited only by purchased licenses, and the speed of the server.
Where can I change General settings connections?
Open Server Manager -> Roles -> Terminal Services Configuration -> Right click on RDP-TCP -> Properties:
How to allow a new user to access the remote desktop?
Open Server Manager -> Configuration -> Local users-> Users. Open the properties of the user who needs access, the “Group Membership” tab. Add the Remote Desktop Users group:
Are there settings that apply to individual users rather than everyone?
Yes, see user properties, tabs: “Remote Control”, “Terminal Services Profile”, “Sessions”.
Is it possible to create several independent connection sessions under one account?
It is possible, but by default this option is disabled (to save resources). Open Server Manager -> Roles -> Terminal Services Configuration -> Change Settings (on the same page). Double clicking on an option opens a window where you can make changes:
How to use the function remote control session?
Remote control is only possible for administrators. And most importantly, for this function to be available, the administrator must be connected to the server via remote desktop. If you are sitting directly at the computer (console session), and want to log into a user session connected to the same computer, then you will be disappointed.
What port does RDP use by default and how can I change it?
Default is TCP port 3389. You can change it by editing the registry. Open a thread
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-tcp
and change the parameter PortNumber.
Terminal Services allows you to individual applications, or the entire desktop session is executed on remote server systems, and they are displayed on the local client side. When you use Terminal Services, it appears as if you are running local application or the local desktop is displayed, but everything is running in virtual sessions on remote server. This approach allows one Windows Server 2008 server to simultaneously serve a large number of desktop systems. The advantage of this approach is that all users have the same version specific application, and also in terms of reducing administrative overhead. Therefore, when using Terminal Services, when updating custom application, it will only need to be updated on the terminal servers, not on every PC in the organization.
In this and subsequent articles, I will talk about how to install, configure and use Terminal Services in Windows 2008.
Installing Terminal Services
Terminal Services can be installed from the console ServerManager. Open Server Manager, click on Roles in the left panel and click AddRoles, As a result, the Add Roles Wizard will start (AddRolesWizard). On the first screen, click Next, you will be taken to a list of available roles. On the form SelectServerRoles, select TerminalServices and press the button Next, You will be taken to a form for selecting specific terminal services. In our case, we only need the role TerminalServer(other roles will be covered in future articles):
After pressing the button Next, A warning appears advising that all applications that will be used through Terminal Services be installed after installing the Terminal Services role. (described in this article) After reading this information, click the button Next to go to the authentication type selection form. By selecting the option RequireNetworkLevelAuthentication, you will prohibit users of older operating systems that do not support Network Level Authentication from using your terminal servers. Network Level Authentication essentially performs authentication before the remote session is established. If you want to use weaker authentication mechanisms, select DonotrequireNetworklevelAuthentication. After selecting the authentication type, click Next.
Next, you will need to select the licensing type for your terminal. If you select the option Configurelater(Set up later ), you will be provided trial period duration of 120 days, during which you can use terminal services without licenses. If this option is selected, within 120 days you will have to configure your chosen licensing type using the editor group policy or Terminal Services Configuration Tool. If the option is selected PerDevice (per device), this means that you will have to specify and license a certain number of client devices that can use the terminal (regardless of the number of users). Another option is licensing Peruser(per user), i.e. you grant access to a certain number of users, regardless of what device they connect from. As I will write later.
Finally, you must specify the users and groups that are allowed access to the terminal server (however, you can always change these access lists by simply removing or adding certain users or groups to the local RemoteDesktopUsersGroup).
Click the button Add..
.,
and enter the users and groups you need in the window that appears. By pressing the button Next, you will be taken to the settings confirmation window. Carefully read all warnings that appear on the display, then press the button Install you will start the installation process. During the installation process you will have to reboot your Windows server 2008. After the reboot, to continue the installation, you must log in with administrator rights.
That's it, Terminal Services is installed on your server and you can start using it. You can connect to the terminal using the application.
The issue of proper licensing of Microsoft server products is one of the most pressing for system administrator. It is necessary to correctly determine the type and number of licenses required, which is not so easy to do. The licensing scheme is quite complex and confusing, and numerous tips, guides and reminders on websites and forums often add even more confusion.
Licensing Basics
Among all the diversity Windows family Server 2008 is of greatest interest to small and medium-sized businesses in its two editions: Standard And Enterprise, so we will consider the licensing scheme in relation to these versions. Taking information only from the official Microsoft website as a basis, we will try to make a brief summary that will allow you to quickly determine the required licensing scheme and the number of licenses.
The main licensing scheme for these editions is Server + Client Access License (CAL). This means that for each server in the organization, a server OS license + the required number of client access licenses must be purchased. A server license can be assigned to another server no earlier than 90 days after the last assignment, or sooner if the original server permanently fails.
A Windows Server 2008 license gives you the right to use a 32-bit or 64-bit version of the software, but you should remember that some tools (for example, technology Hyper-V virtualization) can only be run on 64-bit Windows versions Server.
License types and licensing models
There are two types of client license (CAL):
- per Device- allows anyone number of users to access the server with one devices. This type licenses are convenient to use when the number of users on the network is greater than the number of devices. For example, when six users work in shifts from three PCs.
- per user (per Users)- allows alone user to access the server from unlimited number of devices. This type of license is convenient for organizations that have many mobile users or users who need to access the server from several network devices.
User and device licenses have the same cost and their selection should be based on the actual infrastructure of the enterprise. It is acceptable to use both types of licenses simultaneously.
There are two licensing models for Windows Server:
- per user or device, this model provides for a CAL license for each user or device on the network, regardless of the number of servers, and makes it possible to connect to any of them. This model usually used in a network with multiple servers and is used for any Microsoft server products(For example SQL Server). The total number of licenses under this licensing scheme must be equal to the total number of PCs or users on the network.
- to the server, this model implies limiting the number of connections to the server by the number of purchased licenses. Licenses are purchased for a specific server and their number must correspond to the maximum number of connections to the server at any given time. Once the maximum number of connections to the server is reached, other devices and network users trying to access the server will not be able to do so. This model is usually used in a network with a single server or with infrequent use basic functions servers, as well as for remote access servers. This licensing scheme applies Windows Server only.
Terminal Server Licensing
Windows Server 2008 Terminal Services requires separate licensing. To use Terminal Services (TS) features, you must have a Terminal Services Client License (TS CAL) in addition to the Client Access License (CAL).
TS CAL, just like CAL, provides for two types of licenses: per device and per user, which provide for similar rules of use. There is only one licensing model: per user or per device.
Hyper-V
Hyper-V virtualization tool is one of the key capabilities the base OS Windows Server 2008, but not all users have a need for virtualization, so there are versions of Windows Server 2008 without Hyper-X, which is clearly reflected in their name. Although the cost of these versions is slightly lower, they have the same licensing conditions as the basic ones, incl. and on the use of virtualization. In this case, you will need to separately purchase a license for a virtualization tool, be it Hyper-V, Microsoft Virtual Server R2, or technology from another manufacturer (for example, VMware).
For licensing virtual machines the following scheme is provided: 1+1 for Standard and 1+4 for Enterprise. The numbers indicate the number of virtual OS instances that can be launched on one physical instance. The total number of OS instances available to clients each this moment time should not exceed 1 for Standard and 4 for Enterprise, i.e. when the virtual system is running, a physical instance of the OS Windows Server 2008 Standard can be used only for service virtual system. Windows Server 2008 Enterprise allows you to use physical system along with three virtual ones. When running the fourth virtual system, the physical OS can also be used only for servicing virtual machines.
These rules apply not only to Hyper-V, but also to any other virtualization technology (MS Virtual Server, VMware, etc.)
How many licenses are needed?
Now, having familiarized yourself with the basics of licensing, you can try to correctly answer this question. Please note that the CAL not required in the following cases:
- The server is accessed only via the Internet, and no authentication or other identification procedure is performed, either through server software or otherwise. Example: Accessing an IIS based web server.
- For each server license, up to two devices or users may have access solely for the purpose of administering that server.
Client CALs required also for users or devices with indirect access to server functions, for example using a DHCP server.
Let's look at a few examples.
Example 1.
The simplest and most common case. The server is used as a file server and router to organize public access on the Internet, also used DHCP server for configuration internal network. Guest access is used on the server; user identification is not performed. Many people mistakenly believe that in this case One server license is enough, and client access licenses are not required (especially when the server is used only as a router and DHCP). However, this is not true; you must have CAL licenses with a total number equal to the number of devices or users on the network (in our case, 5).
Example 2.
The organization has a network of 9 PCs, of which five machines must have access to file server for 1C Enterprise. In this case, you can apply the “per server” licensing scheme and purchase 5 CAL licenses.
Example 3.
The organization has a file server and a terminal server, has a fleet of 9 PCs, 4 of which must have access to the file server, and on 5 PCs 10 users work in terminal mode in shifts, there are also two mobile users who must have access via VPN to the server terminals. Also available workplace administrator. In this case, the most optimal scheme will be the following: for all stationary PCs, 9 CAL licenses per device are purchased, for 5 PCs using terminal services, 5 TS CALs per device are additionally purchased. For mobile users, it would be more appropriate to use CALs + TS CALs per user. The administrator does not need a client license, as he gains access to the servers solely for the purpose of administration.
Additional information on Windows licensing Server 2008 can be found on the Microsoft website.
Tags:
- A powerful computer (server) with Windows Server 2008 R2 installed on it. (I wrote about how to install this axis)
- A valid terminal server client license purchased through one of the existing programs licensing. (In this article I will use the agreement number found on the Internet for the Enterprise Agriment program. At the time of writing, the working numbers were: 6565792, 5296992, 3325596, 4965437, 4526017.)
2. Install Remote Desktop Services
Launch the server manager ( "Start" - "Administration" - "Server Manager"). Expand the tab " Roles" and click " Add roles."
" Add Role Wizard". Click " Further", then select the role in the list " " and press " 2 times again Further» .
We will see the window for selecting role services. In it we select “ Remote Desktop Session Host" And " Remote Desktop Licensing" and again 2 times " Further» .
Select authentication method " We don't require network-level authentication.", so that you can connect from old clients. Then click “ Further» .
The next step is to select the licensing mode: “ Per device" or " Per user". To understand how these modes differ, consider a simple example. Let's assume you have 5 licenses. With the “Per Device” mode, you can create an unlimited number of users on the server who will be able to connect via remote desktop from only 5 computers on which these licenses are installed. If you select the “Per User” mode, then only 5 selected users will be able to access the server, regardless of what device they are connecting from. Choose the mode that suits you best and press " Further» .
At this point, you need to add users or a group of users who will have access to the Terminal Service. To do this, click “ Add», « Additionally", in the window that opens " Search", select the user and click " OK" In order for all users, without exception, to be able to connect to our terminal server, we add the group “ All". Then click “ OK" And " Further» .
If you want to be able to listen to audio data and watch video via a remote desktop, then check the appropriate box. Same with sound recording and Windows Aero. Having selected the necessary parameters, click “ Further» .
Now you need to configure the discovery scope for remote desktop licensing. If you have Active Directory up, then select “ This domain" or " Forest", depending on the domain structure. Otherwise, select " This working group " and click " Further» .
We check all the settings and click “ Install».
After installation, a reboot will be required.
3. Installing a Remote Desktop Licensing Server
If everything is done correctly, then after the reboot we will see a window with a message that the installation was successful, but with a warning that we need to configure the licensing settings on the Remote Desktop Session Host server.
Let's specify the licensing server manually. To do this, launch the equipment “ Remote Desktop Session Host Configuration» (« Start» - « Administration» - « Remote Desktop Services"). There we see that the remote desktop licensing server is not specified.
Double-click on this line, in the window that opens “ Properties", select the tab " Licensing" and press the button " Add» .
We select servers from known licensing servers. In our case, the licensing server is located on the same computer as the terminal server. Add it and click " OK» .
Now, if you go to the tab " Licensing diagnostics"we will see that the licensing server is selected, but not enabled.
To start and activate the Remote Desktop Licensing Server, run “ Remote Desktop Licensing Manager» (« Start» - « Administration» - "Remote Desktop Services""). In the manager we see our server and the status “ Not activated". Click on it right click mouse and select " Activate server» .
" Server Activation Wizard A" . Click " Further". In the next window, select the connection method " Auto (recommended)" and press " again Further". Fill in information about the organization. Then, filling out additional information(optional) and clicking " Further", we will see a message about successful server activation.
Now you need to install licenses. If this is not done, the licensing server will issue temporary licenses valid for 120 days. To install licenses, click " Further", leaving a tick " Launch the License Installation Wizard". Or you can run this wizard from “ Remote Desktop Licensing Manager" by right-clicking on the server and selecting " Install licenses". There we can check that the server is activated.
In the launched " License Installation Wizard» click « Further" and we get to the window for selecting a licensing program. The following actions depend on the method of purchasing licenses. In my example it is " Enterprise Agreement". By selecting desired type licensing click " Further» .
Enter the agreement number and click " Further". In the next window, select the product version: “ Windows Server 2008 or Windows Server 2008 R2", select the same license type that we selected when adding roles (" per user" or " to device") and enter the number of required licenses.
Click " Further" and wait for a message about the successful installation of the license. (I would like to note that for reasons unknown to me, this procedure doesn't always end positively. If the wizard reported that the license installation failed, try repeating the procedure some time later. Sooner or later the license will be installed. Checked more than once.) If everything went well in the server manager we should see the parameters of our license.
And let’s make sure there are no problems by going to the “ Licensing diagnostics" in Server Manager. 
That's it, the installation of the terminal server is complete. You can connect to the server using the built-in Windows client"Remote Desktop Connection".
Did this article help you?