Terminal Services for Windows 2003
Last week I introduced concepts for Terminal Services and its thin clients. Last week I introduced concepts for Terminal Services and its thin clients. This week my challenge is to surprise administrators that are more experienced, by showing them at least one new feature for Terminal Services. I also have a tale of industrial espionage from Barking Eddie.
A World Within a World
In ezine 71, I spoke of Terminal Service clients each having a compartment on the server. In this issue, I would like to introduce the idea of Terminal Service occupying a separate world within its Windows Server 2003. I assume that you have already installed Terminal Services via the Add or Remove Programs interface. Let me elaborate on what to look out for next.
Tired of writing scripts? The User Management Resource Administrator solution by Tools4ever offers an alternative to time-consuming manual processes.
It features 100% auto provisioning, Helpdesk Delegation, Connectors to more than 130 systems/applications, Workflow Management, Self Service and many other benefits. Click on the link for more information onUMRA.
Barking Eddie – Industrial Espionage Exploiting Terminal Server
Here is abridged version of an industrial espionage story as told by my old friend Barking Eddie (Barking because Eddie comes from Barking Essex). Techie1 left pharmaceutical company A and joined rival company B. Eddie said that Techie1 then used his old account to make a Terminal Server connection and so steal company A’s product secrets remotely. TechieNew with Eddie’s help, used his Terminal Server skills to investigate this outrageous security breach.
What Eddie found was that several Terminal Server connections had been cut off abruptly, rather than logged off gracefully. What you see sometimes in Terminal Server Manger is disconnected sessions, where people just close the Remote Desktop session rather than click the Log off button. Eddie calls them ‘trapped users’, anyway the Client Name for these ‘trapped’ or disconnected sessions alerted TechieNew that someone was dialling-in from a rogue machine. Incidentally, you can control disconnected users via group policies, but in this case, it was just as well they had not configured Group Policies in company A.
Barking Eddie is inclined to exaggerate, nevertheless I suspect that there is a grain of truth in account of what they did next. Eddie told me once they realized they were being hacked, company A deliberately left documents with false information on their server. The way Eddie told me, company A wrote reports indicating they had invented a new ingredient for their pharmaceutical product. In fact, the ‘secret’ ingredient was nothing more than an emetic mixed with a laxative.
According to Eddie, company B then ‘stole’ this emetic / laxative ingredient via the Terminal Service connection and incorporated it into their product. Soon company B’s customers complained and the subsequent outcry is rumoured to have put company B out of business. This part is almost certainly an exaggeration, but it does make a good urban myth.
Guy Recommends: The Free IP Address Tracker (IPAT)
Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets. IPAT cracks this problem of allocating IP addresses in networks in two ways:
For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges.
For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. Download the Free IP Address Tracker
I keep trying to avoid talking about Licensing, but people keep asking questions.
I once tried to get around the License problem by reinstalling the Terminal Server service after about 80 days, I was hoping to get reset the timer and get another 90 / 120 days of temporary licensing. Wrong, this sneaky move did not work, it seems the temporary licenses are held on the client so reinstalling did not make any difference. Moreover, I noticed that temporary licenses cause a lot of network traffic. Every 5 minutes the clients keep sending a packet saying ‘got any real licenses yet’.
Licensing of XP clients. Windows 2000 does not require a CAL for XP whereas Windows Server 2003 does require a CAL even for an XP client. This is a real shock for those with XP laptops who wish to use Terminal Server sessions when they connect to their various corporate networks.
To give you a clue of how complex Licensing, is Microsoft keep offering me a free place on a two-day course just to explain the ins and outs of Licensing. Not my cup of tea, but if you want to know more, watch out for such a course.
Free Jokes – Will and Guy’s Humour
Each week Will and I add more jokes. Naturally the Christmas section is popular just now. If you want a zany idea for an office quiz with a difference – check out Barking Eddie’s quiz. Also free downloads at Xmas Card Downloads.
See interesting cloud and virtualization articles