Windows Server 2008 R2 Unleashed (184 page)
Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
2008 R2.
New Redirection Features
The following are new redirection features that are introduced in Windows Server 2008 R2
Remote Desktop Services:
.
Multimedia redirection—
This feature redirects multimedia files and streams such
that audio and video content is received in its original form from the server to a
client. By doing this, multimedia content is then rendered using a client’s local
media playback capabilities.
.
Audio input and recording—
This feature enables audio recording support for
25
remote clients using Voice over IP (VoIP) or speech-recognition applications.
ptg
.
Language bar redirection—
Users can now control the language setting (for exam-
ple, right to left) for RemoteApp programs using the local language bar.
Single Sign-On
This feature allows a user with a domain account to log on once (via a password or smart
card) and access RD Session Host servers and virtual desktops without being prompted for
credentials again.
The following are some important considerations when using Single Sign-On:
. Single Sign-On is supported from Windows 7, Windows Vista, or Windows XP with
Service Pack 3 clients to a Windows Server 2008 Terminal Server or Windows Server
2008 R2 RD Session Host server. This feature is also supported between Windows
Server 2008 R2 to Windows Server 2008 servers or vice versa.
. The remote machine that a client is connecting to must be authenticated via
Kerberos or a server authentication certificate such as SSL. Or, an administrator must
enable the Allow Default Credentials with NTLM-Only Server Authentication policy.
. When saved credentials for a remote machine are already present, those credentials
take precedence over the current credentials.
Remote Desktop Connection Display
In the Remote Desktop Connection 6.0 client (and carried over to RDC 7.0), support was
added for several new features that are geared toward improving the end-user experience:
custom display resolutions, horizontal monitor spanning across multiple monitors,
Desktop Experience, Font Smoothing, and Display Data Prioritization.
946
CHAPTER 25
Remote Desktop Services
Custom Display Resolutions
In the previous Terminal Services Client, only 4:3 display resolution ratios and a maximum
resolution of 1600x1200 were supported. In the new client, additional display resolution
ratios, such as 16:9 or 16:10, and maximum resolution of 4096x2048 are now supported.
There are two ways to set a custom display resolution. The first method is to edit an .rdp
file with a text editor. In the file, add or change the following settings:
. desktopheight:i:
. desktopwidth:i:
The variable
define the custom resolution from the command prompt:
. mstsc.exe /w:
Monitor Spanning
With the monitor spanning feature, a Remote Desktop session can now be spanned across
multiple monitors. To use this feature, the monitors used must meet the following
requirements:
. The monitors must use the same resolution.
ptg
. The monitors must be aligned horizontally.
. The total resolution across all monitors cannot exceed 4096x2048.
Monitor spanning can be enabled using two methods. The first method is to edit an .rdp
file with a text editor. In the file, add or change the following setting: Span:i:
.
.
The second method is to enable spanning from the command prompt:
. mstsc.exe /span
Desktop Experience
The Desktop Experience feature is used to make a desktop session on an RD Session Host
server look and feel like a Windows 7 desktop. When enabled, this feature does the follow-
ing things:
. Installs a Windows 7–like desktop, which then enables features such as Windows
Media Player, desktop themes, photo management, and so on
. Allows another feature called Desktop Composition to function; Desktop
Composition is used for Windows Aero over a Remote Desktop Connection
NOTE
Desktop Composition is not supported on a multiple monitor–based Remote Desktop
session.
Planning for Remote Desktop Services
947
Font Smoothing
An RD Session Host server can provide ClearType functionality to clients via a feature
called Font Smoothing. ClearType is a feature that is used to display fonts such that they
are clearer and smoother on displays such as an LCD monitor.
By default, ClearType is enabled in Windows Server 2008 and Windows Server 2008 R2.
To enable Font Smoothing, use the following procedure on a Remote Desktop
Connection client:
1. Open the Remote Desktop Connection client.
2. In the Remote Desktop Connection dialog box, click Options.
3. Now select the Experience tab, and select the Font Smoothing check box.
Display Data Prioritization
In past versions of Terminal Services, a user’s remote session would often become frozen
when printing or transferring files. In Windows Server 2008, a feature called Display Data
Prioritization was introduced. By design, this feature gives display, keyboard, and mouse
data a higher priority over other virtual channel traffic. The result of this design is that
virtual channel traffic, such as disk or file transfers, does not adversely affect a user’s
25
ability to interact with a remote session.
By default, the bandwidth ratio with the Display Data Prioritization feature is 70:30. This
ptg
means that 70% of the bandwidth is reserved for display and input data and 30% is
reserved for all other traffic. An administrator can adjust the bandwidth ratios by chang-
ing the following Registry values on a Terminal Server or RD Session Host server under the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD subkey:
.
FlowControlDisable—
Enables and disables flow control
.
FlowControlDisplayBandwidth—
Determines relative bandwidth priority for
display (and input data)
.
FlowControlChannelBandwidth—
Determines relative bandwidth priority for
other virtual channels
.
FlowControlChargePostCompression—
Determines bandwidth allocation based
on precompression or postcompression bytes
New RDC Display Features
The following are new RDC display features that are introduced in Windows Server 2008
R2 Remote Desktop Services:
.
True multiple-monitor support—
Now up to 16 monitors of almost any size, reso-
lution, or layout are supported with RemoteApp and Remote Desktop.
Planning for Remote Desktop Services
To successfully deploy a Remote Desktop Services environment requires thorough plan-
ning and testing prior to production rollout. Criteria such as application resource usage,
security requirements, physical location, network access, licensing, fault tolerance, and
948
CHAPTER 25
Remote Desktop Services
information indicating how users will be utilizing their sessions all contribute to the way
Remote Desktop Services implementation should be designed.
Planning for Remote Desktop for Administration
Unless Remote Desktop Services is viewed as a security risk, it is recommended to enable
Remote Desktop for Administration on all internal servers to allow for remote administra-
tion. For servers that are on the Internet and for demilitarized zone (DMZ) networks,
Remote Desktop Services can be used, but access should be limited to predefined separate
IP addresses using firewall access lists to eliminate unauthorized attempts to log on to a
server. In addition, those servers should be closely monitored for unauthorized attempts to
access the system.
Planning for RD Session Host Requirements
Deploying RD Session Host servers can require a lot of planning. Because the goal is to
make applications and entire desktops available to end users, server hardware specification
and application compatibility are key components to test before a production rollout.
User Requirements
It is important to determine user requirements based on typical usage patterns, the
number of users accessing the system, and the number of applications that are required to
ptg
run. For instance, the more applications that a user will run in a session, the more
processing power and memory will be required to optimize session performance. On
average, a Remote Desktop user who runs one application might take 10MB of RAM and
use little more than 3% of a server’s total processing time per session. A power user who
runs three or more applications simultaneously might require 40MB of RAM or much
more, depending on the applications and features being used. Use the Performance
Monitor MMC snap-in to test and validate usage statistics. The key is to not overload the
server to the point where performance is too slow to be cost effective. Additionally, the
bandwidth required by each user session will also affect how well the system performs
under various workloads.
Antivirus on Remote Desktop Services
Just as standard servers require operating system (OS)–level antivirus software, so do
Remote Desktop Services servers. When choosing an antivirus product, be sure to choose
one that is certified to run on Windows Server 2008 R2 Remote Desktop Services.
Additionally, for RD Session Host servers, install the antivirus software after adding the
role service so that scanning will work for all Remote Desktop sessions. Be sure to also
follow installation guidelines for installing applications as outlined in the “Installing
Applications” section later in this chapter.
Application Compatibility
In Remote Desktop Services, application compatibility is a term used to describe a number
of issues that might be encountered when trying to deploy an application on an RD
Session Host server. For example:
1. Some applications are written such that only a single user can use the application at
a time. With such applications, conflicts with system resources—such as files,
Planning for Remote Desktop Services
949
Registry entries, pipes, IP addresses, and ports, which are used concurrently by multi-
ple instances of applications—might prevent an application from being concurrently
executed on an RD Session Host server.
2. In some cases, an application’s preferences might persist or manifest from one user
to the next. When this scenario occurs, there is concern with user data privacy
because settings (data) are transiting from one user to the next.
3. Additionally, an application might be written such that execution of the application
requires administrative privileges. However, in most Remote Desktop Services
deployments, regular users are not granted administrative access on an RD Session
Host server.
4. Applications might also be written such that network bandwidth or hardware
constraints cause application performance to suffer in a multiuser usage scenario. For
example, a large amount of video or animation content might overwhelm the RD
Session Host’s network connection, video card, and so on, thus reducing response
time. Or, the application was simply written such that it requires a large amount of
CPU or memory, thus monopolizing resources.
5. In some cases, an application might require devices that are not redirected by
25
default, for example, devices such as CD drives, hard disk drives, and other special
devices that are not available as native devices.
ptg
6. Or, an application is written for a particular version of Windows and, thus, its API
usage and behavior might differ on Windows Server 2008 R2.
To help administrators determine if an application is compatible before it is deployed on
an RD Session Host server, Microsoft provides a tool called the Remote Desktop Services
Application Analyzer. When this tool is executed against an application, it uses Microsoft
Application Verifier to analyze an application via intercepted function calls from that
application into the operating system and notes the calls and the parameters passed. Then
based on the information returned from the Microsoft Application Verifier, the Remote
Desktop Services Application Analyzer generates a summary report of any RDS incompati-
ble behavior and recommendations about deploying the application on an RD Session
Host server. For example:
1. Any shared resources such as files and Registry entries that the application might
require
2. Any type of access privileges issues that might be encountered
3. Any API usage requirements that might conflict with RDS
Planning for RD Session Host Sizing and Optimizing
An RD Session Host server can be sized to deliver high-performance Remote Desktop
sessions by estimating the amount of resources each user will require and the number of
users who will utilize Remote Desktop Services. Performing frequent performance testing
on the RD Session Host server helps generate accurate information on Remote Desktop
