Terminal Services
Encyclopedia
Remote Desktop Services in Windows Server 2008 R2, formerly known as Terminal Services in Windows Server 2008 and previous versions, is one of the components of Microsoft Windows
(both server and client versions) that allows a user to access applications and data on a remote computer
over a network, using the Remote Desktop Protocol
(RDP). Terminal Services is Microsoft
's implementation of thin-client terminal server
computing, where Windows applications, or even the entire desktop of the computer running Terminal Services, are made accessible to a remote client machine. The client can either be a full-fledged computer, running any operating system
as long as the terminal services protocol is supported, or a barebone
machine powerful enough to support the protocol (such as Windows FLP). With terminal services, only the user interface of an application is presented at the client. Any input to it is redirected over the network to the server, where all application execution takes place. This is in contrast to appstreaming
systems, like Microsoft Application Virtualization
, in which the applications, while still stored on a centralized server, are streamed to the client on-demand and then executed on the client machine. Microsoft changed the name from Terminal Services to Remote Desktop Services with the release of Windows Server 2008 R2
in October 2009. RemoteFX
is being added to Remote Desktop Services as part of Windows Server 2008 R2 SP1.
Terminal Server Edition. It was significantly improved for Windows 2000
and Windows Server 2003
. All versions of Windows XP
, except Home edition, also include a Remote Desktop server. Both the underlying protocol as well as the service was again overhauled for Windows Vista
and Windows Server 2008. Windows includes two client applications which utilize terminal services: the first, Remote Assistance is available in all versions of Windows XP and successors and allows one user to assist another user. The second, Remote Desktop, allows a user to log in to a remote system and access the desktop, applications and data on the system as well as control it remotely. However, this is only available in certain Windows editions. These are Windows NT Terminal Server; subsequent Windows server editions, Windows XP Professional, and Windows Vista Business, Enterprise and Ultimate. In the client versions of Windows, Terminal Services supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.
Microsoft provides the client software Remote Desktop Connection (formerly called Terminal Services Client), available for most 32-bit
versions of Windows, including Windows Mobile
, and Apple
's Mac OS X
, that allows a user to connect to a server running Terminal Services. On Windows, both Terminal Services client and Remote Desktop Protocol
(RDP) use TCP port 3389 by default, which is editable in the Windows registry
. It also includes an ActiveX
control to embed the functionality in other applications or even a web page. A Windows CE
version of the client software is also available. Server versions of Windows OSs also include the Remote Desktop for Administration client (a special mode of the Remote Desktop Connection client), which allows remote connection to the traditional session 0 console
of the server. In Windows Vista and later this session is reserved for services, and users always log onto session >0. The server functionality is provided by the Terminal Server component, which is able to handle Remote Assistance, Remote Desktop as well as the Remote Administration clients. Third-party developers have created client software for other platforms, including the open source
rdesktop
client for common Unix
platforms.
For an enterprise, Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the Internet. This centralization makes upgrading, troubleshooting
, and software management much easier. As long as employees have Remote Desktop software, they will be able to use enterprise software. Terminal Services can also integrate with Windows authentication systems to prevent unauthorized users from accessing the applications or data.
Microsoft has a long-standing agreement with Citrix to facilitate sharing of technologies and patent
licensing
between Microsoft Terminal Services and Citrix XenApp (formerly Citrix MetaFrame and Citrix Presentation Server
). In this arrangement, Citrix has access to key source code
for the Windows platform enabling their developers to improve the security and performance of the Terminal Services platform. In late December, 2004 the two companies announced a five-year renewal of this arrangement to cover Windows Vista
.
client connects to this port, it is tagged with a unique SessionID and associated with a freshly spawned console session (Session 0, keyboard, mouse and character mode UI only). The login subsystem (winlogon.exe) and the GDI
graphics subsystem is then initiated, which handles the job of authenticating the user and presenting the GUI. These executables are loaded in a new session, rather than the console session. When creating the new session, the graphics and keyboard/mouse device drivers are replaced with RDP-specific drivers:
encryption. Windows Server 2003 onwards, it can use a FIPS 140
compliant encryption schemes.
Once a client initiates a connection and is informed of a successful invocation of the terminal services stack at the server, it loads up the device as well as the keyboard/mouse drivers. The UI data received over RDP is decoded and rendered as UI, whereas the keyboard and mouse inputs to the Window hosting the UI is intercepted by the drivers, and transmitted over RDP to the server. It also creates the other virtual channels and sets up the redirection. RDP communication can be encrypted; using either low, medium or high encryption. With low encryption, user input (outgoing data) is encrypted using a weak (40-bit RC4) cipher. With medium encryption, UI packets (incoming data) are encrypted using this weak cipher as well. The setting "High encryption (Non-export)" uses 128-bit RC4 encryption and "High encryption (Export)" uses 40-bit RC4 encryption.
as well.
In Windows Server 2008, it has been significantly overhauled. While logging in, if the user logged on to the local system using a Windows Server Domain
account, the credentials from the same sign-on can be used to authenticate the remote session. However, this requires Windows Server 2008 to be the terminal server OS, while the client OS is limited to Windows Server 2008, Windows Vista
and Windows 7. In addition, the terminal server can provide access to only a single program, rather than the entire desktop, by means of a feature named RemoteApp. Terminal Services Web Access (TS Web Access) makes a RemoteApp session invocable from the web browser
. It includes the TS Web Access Web Part control which maintains the list of RemoteApps deployed on the server and keeps the list up to date. Terminal Server can also integrate with Windows System Resource Manager
to throttle resource usage of remote applications.
Terminal Server is managed by the Terminal Server Manager Microsoft Management Console
snap-in. It can be used to configure the sign in requirements, as well as to enforce a single instance of remote session. It can also be configured by using Group Policy
or Windows Management Instrumentation
. It is, however, not available in client versions of Windows OS, where the server is pre-configured to allow only one session and enforce the rights of the user account on the remote session, without any customization.
the Remote Desktop Protocol
session using a HTTPS
channel. This increases the security of Remote Desktop Services by encapsulating
the session with Transport Layer Security
(TLS) This also allows the option to use Internet Explorer
as the RDP client.
This feature was introduced in the Windows Server 2008 and Windows Home Server
products.
Clients supporting Terminal Services Gateway on Mac OS or Linux may be obtained through Wyse Technology: http://wyse.com; Itap supports TS Gateway under Linux and Mac OSx as of summer 2011 http://itap-mobile.com/desktop/rdp
theme if the user connects to the server from a Windows Vista
machine running Aero. Later versions of the protocol also support rendering the UI in full 24-bit color, as well as resource redirection for printers, COM ports, disk drives, mice and keyboards. With resource redirection, remote applications can use the resources of the local computer. Audio is also redirected, so that any sounds generated by a remote application are played back at the client system. In addition to regular username/password for authorizing for the remote session, RDC also supports using smart cards for authorization With RDC 6.0, the resolution of a remote session can be set independently of the settings at the remote computer. In addition, a remote session can also span multiple monitors at the client system, independent of the multi-monitor settings at the server. It also prioritizes UI data as well as keyboard and mouse inputs over print jobs or file transfers so as to make the applications more responsive. It also redirects plug and play devices such as cameras, portable music players, and scanners, so that input from these devices can be used by the remote applications as well. RDC can also be used to connect to WMC
remote sessions; however, since WMC does not stream video using Remote Desktop Protocol
, only the applications can be viewed this way, not any media. RDC can also be used to connect to computers which are exposed via Windows Home Server
RDP
Gateway over the Internet
. RDC can be used to reboot the remote computer with the CTRL-ALT-END key combination.
A RemoteApp can be packaged either as a
package. When packaged as an
database, installing which can register the RemoteApp in the Start Menu
as well as create shortcuts to launch it. A RemoteApp can also be registered as handler for filetypes or URIs. Opening a file registered with RemoteApp will first invoke Remote Desktop Connection, which will connect to the terminal server and then open the file. Any application which can be accessed over Remote Desktop can be served as a RemoteApp.
Windows 7 includes built-in support for RemoteApp publishing but it has to be enabled manually in registry, since there is no RemoteApp management console in client versions of Microsoft Windows.
onwards, Terminal Services also includes a multi-party desktop sharing capability known as Windows Desktop Sharing. Unlike Terminal Services, which creates a new user session for every RDP
connection, Windows Desktop Sharing can host the remote session in the context of the currently logged in user without creating a new session, and make the Desktop, or a subset of it, available over Remote Desktop Protocol
. Windows Desktop Sharing can be used to share the entire desktop, a specific region, or a particular application. Windows Desktop Sharing can also be used to share multi-monitor desktops. When sharing applications individually (rather than the entire desktop), the windows are managed (whether they are minimized or maximized) independently at the server and the client side.
The functionality is only provided via a public API, which can be used by any application to provide screen sharing functionality. Windows Desktop Sharing API exposes two objects:
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
(both server and client versions) that allows a user to access applications and data on a remote computer
Remote computer
A remote computer is a computer to which a user does not have physical access, but which he or she can access or manipulate via some kind of network....
over a network, using the Remote Desktop Protocol
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
(RDP). Terminal Services is Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
's implementation of thin-client terminal server
Terminal server
A terminal server enables organizations to connect devices with an RS-232, RS-422 or RS-485 serial interface to a local area network . Products marketed as terminal servers can be very simple devices that do not offer any security functionality, such as data encryption and user authentication...
computing, where Windows applications, or even the entire desktop of the computer running Terminal Services, are made accessible to a remote client machine. The client can either be a full-fledged computer, running any operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
as long as the terminal services protocol is supported, or a barebone
Barebone computer
A barebone computer is a partially assembled platform or an unassembled kit of computer parts allowing more customization and lower costs than a retail computer system. They are available for desktop computer, notebook and server purposes, and in nearly any form factor...
machine powerful enough to support the protocol (such as Windows FLP). With terminal services, only the user interface of an application is presented at the client. Any input to it is redirected over the network to the server, where all application execution takes place. This is in contrast to appstreaming
Application Streaming
Computer application streaming is a form of on-demand software distribution.The basic concept of application streaming has its foundation in the way modern computer programming languages and operating systems produce and run application code. Only specific parts of a computer program need to be...
systems, like Microsoft Application Virtualization
Microsoft Application Virtualization
Microsoft Application Virtualization is an application virtualization and application streaming solution from Microsoft. It was acquired by Microsoft during the acquisition of Boston, Massachusetts-based Softricity on July 17, 2006...
, in which the applications, while still stored on a centralized server, are streamed to the client on-demand and then executed on the client machine. Microsoft changed the name from Terminal Services to Remote Desktop Services with the release of Windows Server 2008 R2
Windows Server 2008 R2
Windows Server 2008 R2 is a server operating system produced by Microsoft. It was released to manufacturing on July 22, 2009 and launched on October 22, 2009. According to the Windows Server Team blog, the retail availability was September 14, 2009. It is built on Windows NT 6.1, the same core...
in October 2009. RemoteFX
RemoteFX
RemoteFX is a technology first introduced in Windows Server 2008 R2 SP1 that is designed to improve the visual experience of the Remote Desktop Protocol. RemoteFX is based on intellectual property that Microsoft acquired and continued to develop since acquiring Calista Technologies...
is being added to Remote Desktop Services as part of Windows Server 2008 R2 SP1.
Overview
Terminal Services was first introduced in Windows NT 4.0Windows NT 4.0
Windows NT 4.0 is a preemptive, graphical and business-oriented operating system designed to work with either uniprocessor or symmetric multi-processor computers. It was the next release of Microsoft's Windows NT line of operating systems and was released to manufacturing on 31 July 1996...
Terminal Server Edition. It was significantly improved for Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
and Windows Server 2003
Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
. All versions of Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
, except Home edition, also include a Remote Desktop server. Both the underlying protocol as well as the service was again overhauled for Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and Windows Server 2008. Windows includes two client applications which utilize terminal services: the first, Remote Assistance is available in all versions of Windows XP and successors and allows one user to assist another user. The second, Remote Desktop, allows a user to log in to a remote system and access the desktop, applications and data on the system as well as control it remotely. However, this is only available in certain Windows editions. These are Windows NT Terminal Server; subsequent Windows server editions, Windows XP Professional, and Windows Vista Business, Enterprise and Ultimate. In the client versions of Windows, Terminal Services supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.
Microsoft provides the client software Remote Desktop Connection (formerly called Terminal Services Client), available for most 32-bit
32-bit
The range of integer values that can be stored in 32 bits is 0 through 4,294,967,295. Hence, a processor with 32-bit memory addresses can directly access 4 GB of byte-addressable memory....
versions of Windows, including Windows Mobile
Windows Mobile
Windows Mobile is a mobile operating system developed by Microsoft that was used in smartphones and Pocket PCs, but by 2011 was rarely supplied on new phones. The last version is "Windows Mobile 6.5.5"; it is superseded by Windows Phone, which does not run Windows Mobile software.Windows Mobile is...
, and Apple
Apple Computer
Apple Inc. is an American multinational corporation that designs and markets consumer electronics, computer software, and personal computers. The company's best-known hardware products include the Macintosh line of computers, the iPod, the iPhone and the iPad...
's Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...
, that allows a user to connect to a server running Terminal Services. On Windows, both Terminal Services client and Remote Desktop Protocol
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
(RDP) use TCP port 3389 by default, which is editable in the Windows registry
Windows registry
The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user...
. It also includes an ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....
control to embed the functionality in other applications or even a web page. A Windows CE
Windows CE
Microsoft Windows CE is an operating system developed by Microsoft for embedded systems. Windows CE is a distinct operating system and kernel, rather than a trimmed-down version of desktop Windows...
version of the client software is also available. Server versions of Windows OSs also include the Remote Desktop for Administration client (a special mode of the Remote Desktop Connection client), which allows remote connection to the traditional session 0 console
Console
- Computing and video games :* System console, a physical device to operate a computer** Virtual console, a user interface for multiple computer consoles on one device** Command-line interface, the typical use of the computer console...
of the server. In Windows Vista and later this session is reserved for services, and users always log onto session >0. The server functionality is provided by the Terminal Server component, which is able to handle Remote Assistance, Remote Desktop as well as the Remote Administration clients. Third-party developers have created client software for other platforms, including the open source
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
rdesktop
Rdesktop
rdesktop is a free, open source client for Microsoft's proprietary RDP protocol. It is released under the GNU General Public License and is available on Unix-like systems such as BSD and Linux....
client for common Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
platforms.
For an enterprise, Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the Internet. This centralization makes upgrading, troubleshooting
Troubleshooting
Troubleshooting is a form of problem solving, often applied to repair failed products or processes. It is a logical, systematic search for the source of a problem so that it can be solved, and so the product or process can be made operational again. Troubleshooting is needed to develop and...
, and software management much easier. As long as employees have Remote Desktop software, they will be able to use enterprise software. Terminal Services can also integrate with Windows authentication systems to prevent unauthorized users from accessing the applications or data.
Microsoft has a long-standing agreement with Citrix to facilitate sharing of technologies and patent
Patent
A patent is a form of intellectual property. It consists of a set of exclusive rights granted by a sovereign state to an inventor or their assignee for a limited period of time in exchange for the public disclosure of an invention....
licensing
Intellectual property
Intellectual property is a term referring to a number of distinct types of creations of the mind for which a set of exclusive rights are recognized—and the corresponding fields of law...
between Microsoft Terminal Services and Citrix XenApp (formerly Citrix MetaFrame and Citrix Presentation Server
Citrix Presentation Server
Citrix XenApp is a thin client product that allows users to connect to their corporate applications...
). In this arrangement, Citrix has access to key source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...
for the Windows platform enabling their developers to improve the security and performance of the Terminal Services platform. In late December, 2004 the two companies announced a five-year renewal of this arrangement to cover Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
.
Architecture
The server component of Remote Desktop Services is Terminal Server (termdd.sys
), which listens on TCP port 3389. When an RDPRemote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
client connects to this port, it is tagged with a unique SessionID and associated with a freshly spawned console session (Session 0, keyboard, mouse and character mode UI only). The login subsystem (winlogon.exe) and the GDI
Graphics Device Interface
The Graphics Device Interface is a Microsoft Windows application programming interface and core operating system component responsible for representing graphical objects and transmitting them to output devices such as monitors and printers....
graphics subsystem is then initiated, which handles the job of authenticating the user and presenting the GUI. These executables are loaded in a new session, rather than the console session. When creating the new session, the graphics and keyboard/mouse device drivers are replaced with RDP-specific drivers:
RdpDD.sys
and RdpWD.sys
. The RdpDD.sys
is the device driver and it captures the UI rendering calls into a format that is transmittable over RDP. RdpWD.sys
acts as keyboard and mouse driver; it receives keyboard and mouse input over the TCP connection and presents them as keyboard or mouse inputs. It also allows creation of virtual channels, which allow other devices, such as disc, audio, printers, and COM ports to be redirected, i.e., the channels act as replacement for these devices. The channels connect to the client over the TCP connection; as the channels are accessed for data, the client is informed of the request, which is then transferred over the TCP connection to the application. This entire procedure is done by the terminal server and the client, with the RDP protocol mediating the correct transfer, and is entirely transparent to the applications. RDP communications are encrypted using 128-bit RC4RC4
In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
encryption. Windows Server 2003 onwards, it can use a FIPS 140
FIPS 140
The 140 series of Federal Information Processing Standards are U.S. government computer security standards that specify requirements for cryptography modules...
compliant encryption schemes.
Once a client initiates a connection and is informed of a successful invocation of the terminal services stack at the server, it loads up the device as well as the keyboard/mouse drivers. The UI data received over RDP is decoded and rendered as UI, whereas the keyboard and mouse inputs to the Window hosting the UI is intercepted by the drivers, and transmitted over RDP to the server. It also creates the other virtual channels and sets up the redirection. RDP communication can be encrypted; using either low, medium or high encryption. With low encryption, user input (outgoing data) is encrypted using a weak (40-bit RC4) cipher. With medium encryption, UI packets (incoming data) are encrypted using this weak cipher as well. The setting "High encryption (Non-export)" uses 128-bit RC4 encryption and "High encryption (Export)" uses 40-bit RC4 encryption.
Terminal Server
Terminal Server is the server component of Terminal services. It handles the job of authenticating clients, as well as making the applications available remotely. It is also entrusted with the job of restricting the clients according to the level of access they have. The Terminal Server respects the configured software restriction policies, so as to restrict the availability of certain software to only a certain group of users. The remote session information is stored in specialized directories, called Session Directory which is stored at the server. Session directories are used to store state information about a session, and can be used to resume interrupted sessions. The terminal server also has to manage these directories. Terminal Servers can be used in a clusterCluster Computing
Cluster Computing: the Journal of Networks, Software Tools and Applications is a journal for parallel processing, distributed computing systems, and computer communication networks....
as well.
In Windows Server 2008, it has been significantly overhauled. While logging in, if the user logged on to the local system using a Windows Server Domain
Windows Server domain
A Windows domain is a collection of security principals that share a central directory database. This central database contains the user accounts and security information for...
account, the credentials from the same sign-on can be used to authenticate the remote session. However, this requires Windows Server 2008 to be the terminal server OS, while the client OS is limited to Windows Server 2008, Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and Windows 7. In addition, the terminal server can provide access to only a single program, rather than the entire desktop, by means of a feature named RemoteApp. Terminal Services Web Access (TS Web Access) makes a RemoteApp session invocable from the web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
. It includes the TS Web Access Web Part control which maintains the list of RemoteApps deployed on the server and keeps the list up to date. Terminal Server can also integrate with Windows System Resource Manager
Windows System Resource Manager
Windows System Resource Manager is a component of Microsoft's Windows Server 2008/2003 operating systems that provides resource management and enables the allocation of resources, including processor and memory resources, among multiple applications based on business priorities...
to throttle resource usage of remote applications.
Terminal Server is managed by the Terminal Server Manager Microsoft Management Console
Microsoft Management Console
Microsoft Management Console is a component of Windows 2000 and its successors that provides system administrators and advanced users an interface for configuring and monitoring the system.- Snap-ins and consoles :...
snap-in. It can be used to configure the sign in requirements, as well as to enforce a single instance of remote session. It can also be configured by using Group Policy
Group Policy
Group Policy is a feature of the Microsoft Windows NT family of operating systems. Group Policy is a set of rules that control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications, and...
or Windows Management Instrumentation
Windows Management Instrumentation
Windows Management Instrumentation is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification...
. It is, however, not available in client versions of Windows OS, where the server is pre-configured to allow only one session and enforce the rights of the user account on the remote session, without any customization.
Remote Desktop Gateway
The Remote Desktop Gateway service component, also known as RD Gateway, can tunnelTunneling protocol
Computer networks use a tunneling protocol when one network protocol encapsulates a different payload protocol...
the Remote Desktop Protocol
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
session using a HTTPS
Https
Hypertext Transfer Protocol Secure is a combination of the Hypertext Transfer Protocol with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server...
channel. This increases the security of Remote Desktop Services by encapsulating
Encapsulation (networking)
In computer networking, encapsulation is a method of designing modular communication protocols in which logically separate functions in the network are abstracted from their underlying structures by inclusion or information hiding within higher level objects....
the session with Transport Layer Security
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
(TLS) This also allows the option to use Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
as the RDP client.
This feature was introduced in the Windows Server 2008 and Windows Home Server
Windows Home Server
Windows Home Server, code-named Quattro, is a home server operating system from Microsoft. Announced on 7 January 2007, at the Consumer Electronics Show by Bill Gates, Windows Home Server is intended to be a solution for homes with multiple connected PCs to offer file sharing, automated backups,...
products.
Clients supporting Terminal Services Gateway on Mac OS or Linux may be obtained through Wyse Technology: http://wyse.com; Itap supports TS Gateway under Linux and Mac OSx as of summer 2011 http://itap-mobile.com/desktop/rdp
Remote Desktop Connection
Remote Desktop Connection (RDC, also called Remote Desktop, formerly known as Microsoft Terminal Services Client, or mstsc) is the client application for Remote Desktop Services. It allows a user to remotely log in to a networked computer running the terminal services server. RDC presents the desktop interface (or application GUI) of the remote system, as if it were accessed locally. With version 6.0, if the Desktop Experience component is plugged into the remote server, the chrome of the applications will resemble the local applications, rather than the remote one. In this scenario, the remote applications will use the AeroWindows Aero
Windows Aero is the graphical user interface and the default theme in most editions of Windows Vista and Windows 7, operating systems released by Microsoft. It is also available in Windows Server 2008, but is not enabled by default. Its name is a backronym for Authentic, Energetic, Reflective and...
theme if the user connects to the server from a Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
machine running Aero. Later versions of the protocol also support rendering the UI in full 24-bit color, as well as resource redirection for printers, COM ports, disk drives, mice and keyboards. With resource redirection, remote applications can use the resources of the local computer. Audio is also redirected, so that any sounds generated by a remote application are played back at the client system. In addition to regular username/password for authorizing for the remote session, RDC also supports using smart cards for authorization With RDC 6.0, the resolution of a remote session can be set independently of the settings at the remote computer. In addition, a remote session can also span multiple monitors at the client system, independent of the multi-monitor settings at the server. It also prioritizes UI data as well as keyboard and mouse inputs over print jobs or file transfers so as to make the applications more responsive. It also redirects plug and play devices such as cameras, portable music players, and scanners, so that input from these devices can be used by the remote applications as well. RDC can also be used to connect to WMC
Windows Media Center
Windows Media Center is a digital video recorder and media player developed by Microsoft. It is an application that allows users to view and record live television, as well as organize and play music and videos...
remote sessions; however, since WMC does not stream video using Remote Desktop Protocol
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
, only the applications can be viewed this way, not any media. RDC can also be used to connect to computers which are exposed via Windows Home Server
Windows Home Server
Windows Home Server, code-named Quattro, is a home server operating system from Microsoft. Announced on 7 January 2007, at the Consumer Electronics Show by Bill Gates, Windows Home Server is intended to be a solution for homes with multiple connected PCs to offer file sharing, automated backups,...
RDP
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
Gateway over the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
. RDC can be used to reboot the remote computer with the CTRL-ALT-END key combination.
RemoteApp
RemoteApp (or TS RemoteApp) is a special mode of Remote Desktop Services, available only in Remote Desktop Connection 6.1 and above (with Windows Server 2008 being the RemoteApp server), where remote session configuration is integrated into the client operating-system. The RDP 6.1 client ships with Windows XP SP3, KB952155 for Windows XP SP2 users, Windows Vista SP1 and Windows Server 2008. The UI for the RemoteApp is rendered in a window over the local desktop, and is managed like any other window for local applications. The end result of this is that remote applications behave largely like local applications. The task of establishing the remote session, as well as redirecting local resources to the remote application, is transparent to the end user. Multiple applications can be started in a single RemoteApp session, each with their own windows.A RemoteApp can be packaged either as a
.rdp
file or distributed via an .msi
Windows InstallerWindows Installer
The Windows Installer is a software component used for the installation, maintenance, and removal of software on modern Microsoft Windows systems...
package. When packaged as an
.rdp
file (which contains the address of the RemoteApp server, authentication schemes to be used, and other settings), a RemoteApp can be launched by double clicking the file. It will invoke the Remote Desktop Connection client, which will connect to the server and render the UI. The RemoteApp can also be packaged in a Windows InstallerWindows Installer
The Windows Installer is a software component used for the installation, maintenance, and removal of software on modern Microsoft Windows systems...
database, installing which can register the RemoteApp in the Start Menu
Start menu
The Start Menu and Start Button are user interface elements used in the later versions of the Microsoft Windows operating systems and in some X window managers...
as well as create shortcuts to launch it. A RemoteApp can also be registered as handler for filetypes or URIs. Opening a file registered with RemoteApp will first invoke Remote Desktop Connection, which will connect to the terminal server and then open the file. Any application which can be accessed over Remote Desktop can be served as a RemoteApp.
Windows 7 includes built-in support for RemoteApp publishing but it has to be enabled manually in registry, since there is no RemoteApp management console in client versions of Microsoft Windows.
Windows Desktop Sharing
Windows VistaWindows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
onwards, Terminal Services also includes a multi-party desktop sharing capability known as Windows Desktop Sharing. Unlike Terminal Services, which creates a new user session for every RDP
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
connection, Windows Desktop Sharing can host the remote session in the context of the currently logged in user without creating a new session, and make the Desktop, or a subset of it, available over Remote Desktop Protocol
Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows , Linux, Unix, Mac OS...
. Windows Desktop Sharing can be used to share the entire desktop, a specific region, or a particular application. Windows Desktop Sharing can also be used to share multi-monitor desktops. When sharing applications individually (rather than the entire desktop), the windows are managed (whether they are minimized or maximized) independently at the server and the client side.
The functionality is only provided via a public API, which can be used by any application to provide screen sharing functionality. Windows Desktop Sharing API exposes two objects:
RDPSession
for the sharing session and RDPViewer
for the viewer. Multiple viewer objects can be instantiated for one Session object. A viewer can either be a passive viewer, who is just able to watch the application like a screen cast, or an interactive viewer, who is able to interact in real time with the remote application. The RDPSession
object contains all the shared applications, represented as Application
objects, each with Window
objects representing their on-screen windows. Per-application filters capture the application Windows and package them as Window
objects. A viewer must authenticate itself before it can connect to a sharing session. This is done by generating an Invitation using the RDPSession. It contains an authentication ticket and password. The object is serializedSerial communicationIn telecommunication and computer science, serial communication is the process of sending data one bit at a time, sequentially, over a communication channel or computer bus. This is in contrast to parallel communication, where several bits are sent as a whole, on a link with several parallel channels...
and sent to the viewers, who need to present the Invitation
when connecting.
Windows Desktop Sharing API is used by Windows Meeting SpaceWindows Meeting SpaceWindows Meeting Space is the name of a peer-to-peer collaboration program in Windows Vista that supports 2–10 users. Meeting Space does not exist in any version of Windows 7...
for providing application sharing functionality among peersPeer-to-peerPeer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
; however, the application does not expose all the features supported by the API. It is also used by Remote Assistance.
Implementation
Microsoft Windows systems implement the remote desktop client as mstsc.exe
.
External links
- Remote Desktop Services in Windows Server 2008 R2 (Microsoft TechNet)
- Troubleshooting Remote Desktop Licensing Issues (Microsoft Technical Library)
- Terminal Services in Windows Server 2008 (Microsoft Technical Library)
- Terminal Services in Windows Server 2003 (Microsoft Technical Library)
- TechNet wiki on RDS
- Whitepaper: Windows Server 2003 Terminal Server Capacity and Scaling
- Remote Desktop Connection 7.0 Client for Windows
- Remote Desktop Connection Client for Macintosh
- Remote Desktop Server for Linux/Unix