Remote Desktop and Remote Desktop Services under WINDOWS Remote Management

Preface: How do we manage remote computers in WINDOWS as the Internet develops today? There are many solutions. One is to use remote management software, such as VNC and RemotelyAnywhere. This type of software is developed by a third party and needs to be installed. Another method is to use the Remote Desktop Protocol (RDP), the Remote Desktop and remote desktop service provided by the system, to remotely manage computers in WINDOWS, this article mainly discusses the latter.
First, what is RDP? Remote Desktop Protocol (RDP) is a proprietary protocol created by Microsoft. It allows system users to connect to a remote system through a graphical user interface. By default, the client agent of this protocol is built into Microsoft's operating system. The RDP server is installed on the Microsoft operating system and receives requests from the client proxy. The diagram of the published application or remote access to the system itself is displayed. By default, the system listens to connection requests from clients through RDP on port 3389. Some people even think that RDP is a graphical interface-based remote management tool that replaces the TELNET Technology in the WIN system.
The second problem is that the relationship between RDP and remote desktop services can be understood as follows. RDP is a standard, just like the TCP/IP protocol, however, the difference is that it is a dedicated Protocol created by Microsoft, and Remote Desktop Services are its instances-that is, practical applications.
Third, what is the difference between remote desktop and remote desktop service? I believe many people may have questions about this issue. Remote Desktop and remote desktop services seem to be inferior to the word "service". Why is there a difference? Let's take a look at their history. "From Windows 2000, almost anyone can easily access the server system remotely, because the terminal service has been introduced as an optional Windows component and can be configured, therefore, you can use the system as the actual terminal server or as the Remote Desktop we now call. Windows Server®2003 and Windows XP provide the local Remote Desktop function, allowing you to control the system as you do locally ." (For Terminal Services, I will explain it later ). Let me explain this passage in plain words. Remote Desktop has been used in windows xp and WINDOWS 2003. To put it bluntly, it is as convenient as controlling a remote computer. We use a Desktop client tool to connect to a remote computer, the desktop of the remote computer is directly displayed on our local computer. We can use the local mouse and keyboard to operate the remote computer, such as running a program, although the program itself runs on the remote computer, however, the running result can be seen locally in a timely manner. The mysterious remote client tool is the Remote Desktop Connection we often see, such as (1.1)
(Figure 1.1) the so-called server has been installed by default. In addition, remote assistance is added to Windows XP and later versions. Remote Assistance can provide a similar experience with Remote Desktop, however, remote assistance is designed specifically for local users to request assistance from remote users. With the evolution of remote access support, Windows Vista®Remote users are now allowed to provide remote assistance (if the group policy permits this ). You only need to check the Remote Desktop and remote assistance functions. For example (1.2)
 
(Figure 1.2) Note that WINDOWS operating systems are classified into WINDOWS and windows server. The former is windows xp or WINDOWS 7. "Only one interactive user can be logged on at a time. When a quick User Switch in Windows XP allows multiple users to log on, no matter whether these users are local users or remote users, only one user can use the mouse or keyboard interactively ." The above section means that remote logon is not allowed if you log on locally. Or in another way, if you are logging on remotely and someone happens to log on to the computer locally, remote logon will be interrupted immediately. This is the biggest drawback of WINDOWS Remote logon. It is also noted that not all WINDOWS systems support the remote desktop mode, for example, WINDOWS 7 family edition and advanced family edition do not.

Windows server includes WINDOWS 2003, WINDOWS 2008, WINDOWS 2008R2, and even WINDOWS SERVER2012. "Windows Server version (not running as a Terminal SERVER) can connect two remote desktop sessions at a time. To connect to the actual console session through remote desktop in Windows Server 2003, you need to use the optional parameter/console to start the ghost service client application program (mstsc.exe ). Console sessions are very important because some earlier applications do not consider terminal service sessions due to unreasonable design, and sometimes only some dialog boxes are displayed on the console session (Session 0 ." From the above section, we can see that the windows server system can connect two remote desktops at a time, but no more. In the end, we can obtain the remote desktop, which is a function component used to manage remote computers, just like on the local machine, in order to allow the Administrator to remotely log on to the computer, therefore, by default, administrators (administrators) and Remote Desktop Users (Remote Desktop user groups), such as 1.3 and 1.4, are the user accounts that Allow Remote Desktop login.
 
(Figure 1.3) See the text description above. In the other figure, the administrator account is the administrator account. By default, the administrator account belongs to the administrators group (the administrator group is added with S as the group). All administrators have remote access permissions.
(Figure 1.4) Note: The above discussion is about the complexity of the Working group mode in the domain mode. I will discuss it in a later article. Through the above description, I think we have some knowledge about remote desktop, but the problem also arises. In the production process, we may have the following problems: first, what if I need five users on WINDOWS SERVER to access through remote desktop? Note that this is parallel, or five people log on simultaneously. If it is a WINDOWS system, it is recommended that you do not ask, after all, it is not the SERVER version of the operating system second, if you need to use remote desktop to log on to a windows server, there are a lot of users, how can I authorize him to log on only to access the specified file or program? Don't tell me that every time I create and delete a group in the Administrator group and Remote Desktop user group, it is too troublesome. Third, I have a set of extremely expensive and complex software installed on a WINDOWS SERVER, this software is not based on the B/S mode (that is, it cannot be accessed through a browser. It seems a little against the day, and there are more and more B/S-based software) is not based on the C/S mode. It may be used by at least five people. Because the software is expensive, it is impossible to install five more machines locally. What should I do? Here we can use this assumption, but this assumption is prone to infringement, but mainly for ease of understanding. Assume that a set of 3DMAX software requires 30000 yuan to buy a set of genuine products, and now there are 5 users, as long as it is 5 RMB 30000 Yuan, and these 5 people only use it once a few months, it is a waste. Therefore, if you buy a set of software installed on windows server, you can remotely log on to your computer to apply the software, saving money. Fourth, we want to use remote logon to access the company's internal computer from home or outside the company. I still have a VPN because it is an internal computer and this computer uses a private IP address, swollen? Fifth, some people in the company have poor IT knowledge and won't even use Remote Desktop Connection tools. What should I do if I want to access some applications on this computer in the same way on the WEB? Well, it's time to reveal the answer. The remote desktop service provides more functions to solve the preceding five problems, such as user virtualization. A service component. This component has been available for a long time. However, it has been continuously updated and upgraded to improve and add new features. Another question is not explained. I mentioned the term "terminal service". What is the relationship between this term and the remote desktop service? Okay, I will tell you. Before WINDOWS 2008 (including), this service component was called a terminal service, but after WINDOWS 2008R2, it was changed to "remote desktop service. I personally think that I changed to the remote desktop service because, apart from retaining the vast majority of the functions of the original terminal service, I added the user access application (RemoteApp) and virtual desktop service (VDI ).
The Windows Serve 2008 R2 remote desktop service (RDS) architecture includes the following components: 1. remote Desktop Session host (RDSH) server/remote virtual host (RDVH) Server 2. remote Desktop license (RD Licensing) 3. remote Desktop Gateway (RD Gateway) 4. remote Desktop Connection Broker (RD Connection Broker) 5. remote Desktop Web Access (RD Web Access) is installed with the Remote Desktop Server, you can see the remote desktop service manager, here you can see in detail who has logged on to some of the user management. Remote Desktop Service Manager, such as 1.5
(Figure 1.5) There is also a remote desktop in the remote desktop service. You can add new connections and log on to the console in batches. For example, 1.7
(Figure 1.7) RetomeAPP, which can be installed on the computer where the remote desktop service is installed and distributed to the client using RDP and MSI, then they access the application software on the remote server, which is as simple as accessing locally installed programs, such as 1.8 (Figure 1.8) this can solve the problem 3. It is also convenient to use RDweb to access the computer where the remote desktop service is installed, such as 1.9
(Figure 1.9) This is the problem I just mentioned. 5 but there is a problem with the remote desktop service, that is, it is not as free as remote desktop, both device authorization and user authorization require the CAL Client Access Authorization Certificate, which must be purchased from Microsoft. Generally, there is a trial period of 120 days. In addition, the remote desktop service can only be installed on windows server, but cannot be installed on WINDOWS. By default, it is not installed. For example, 1.6
(Figure 1.6) We can see that the purpose of this article has been completed at the very bottom of the Remote Desktop service. I believe many people may be more concerned about the powerful functions of the Remote Desktop. Therefore, I have collected some information for your reference. The following are some references and knowledge bases.
Http://technet.microsoft.com/zh-cn/library/dd640164 (v = ws.10)
Microsoft official website Remote Desktop Service Knowledge Base: http://technet.microsoft.com/zh-cn/library/cc770412
Windows Server 2008 R2 Remote Desktop Service Knowledge Base: http://technet.microsoft.com/zh-cn/library/dd647502 (v = ws.10) about the installation and deployment of Remote Desktop, you can refer to the http://xiaosu.blog.51cto.com/2914416/573749 series blog
Windows Server 2008 terminal service details, can refer to: http://jettcai.blog.51cto.com/1447637/714336 Win2008 R2 RemoteApp deep experience series blog: http://yuelei.blog.51cto.com/202879/296532