Windows Server 2003 Terminal Server can be used to manage the resources for each client telnet, providing a Remote Desktop Protocol (RDP)-based service that makes Windows Server 2003 a truly multiple-session environment operating system. and allows users to use a variety of legitimate resources on the server.
First, Terminal Server installation
1. Use the Configure Your Server Wizard to install quickly
The Configure Your Server Wizard includes critical services (such as DNS servers, file servers, mail servers, terminal servers, etc.) that you need to configure on your server, and we can use this wizard to quickly install a Windows Server 2003 Terminal Server.
The first step: click "start → settings → control Panel", go to "Administrative Tools", run the "Configure Your Server Wizard." In the Welcome to the Configure Your Server Wizard window, click Next, and the Setup Wizard lists "preliminary steps" to ensure that these steps are complete and click Next.
Step Two: The wizard checks the server's network settings, completes the check, pops up the Server Role Selection window (Figure 1), selects "Terminal Server", clicks "Next" and clicks "Next" in the next "Select Summary" window to confirm the options you have chosen.
Figure 1
Step three: After completing the installation configuration for the Terminal Server, reboot the system, which completes the rapid installation of the Terminal Server.
2. Install Terminal Server using Add or Remove Programs
Step One: Click "start → settings → control Panel", run "Add or Remove Programs", go to the Add/Remove Windows Components Options page, and check "Terminal Server" in the Windows Components Wizard (Figure 2). The system will pop up a prompt box and click "Yes". Then display the Terminal Services Introduction window and click Next.
Figure 2
The second step: there are two types of Terminal Server installation modes, they are full security mode and relaxed security mode. In general, select Full security mode (Figure 3).
Figure 3
Step three: After the copy and configuration of the file is complete, reboot the system to complete the Terminal Server installation.
Tip: Using Add or Remove Programs to install Terminal Server is cumbersome and requires LAN administrators to manually configure certain Terminal server parameters, and recommends that normal users use the Configure Your Server Wizard.
Second, the client configuration
1. Installation of client software
After Windows Server 2003 Terminal Server installation completes, LAN users must install client software to use Terminal Server resources.
Assuming that the Windows Server 2003 system is installed on the server's D disk, the path to the client software on the server is "D:\Windows\system32\ Clients\tsclient\win32", which is shared on the LAN. The user must run the installer to complete the installation of the client.
2. Telnet to a Terminal server
After you have finished installing the client software, run the Remote Desktop Connection program (Figure 4), fill in the IP address of the terminal server in the "Computer" column, such as "192.168.0.1", and fill in the username and password in the username and password fields (Note: This is filled out in Windows Server 2003 servers on the LAN administrator to set up your account, not the local client's username and password, and then click the "Connect" button, you can log on to the Terminal server.
Figure 4
iii. Reasonable configuration of Terminal Server
Although the Windows Server 2003 Terminal Server has been successfully installed, its default settings do not necessarily meet the needs of local area users, so you must also configure the Windows Server 2003 Terminal Server appropriately according to the needs of your users.
1. Settings for user rights
With the default settings for Windows Server 2003 Terminal Server, only a few users can log on to the terminal server, such as Administrators group users, System group users, and so on, and general LAN users cannot use Terminal Server, so add the appropriate permissions to those users on the Terminal server.
First, we create a new user group "TS" that adds all the LAN users who want to access the Terminal Server to the TS group. On the server side, click on "start → program → admin tools → Terminal Services Configuration", in the left column of the Terminal Services Configuration window, click "Terminal Services Configuration → connection", go to the "Rdp-tcp Properties" box, go to the "Permissions" box (Figure 5), click the "Add" button and go to the "Select User group or user" form. Click "Advanced" below and click "Find Now" to find "TS" user group and click "OK".
Figure 5
Finally, you can give the TS user group access to the terminal server by checking the allowed access rights for user access and guest access in the TS Permissions list box below the Permissions box.
2. Open a Terminal server log audit
Logging logs every activity on the server, so opening a Terminal Server log audit can help LAN administrators more effectively maintain terminal servers.
In the Permissions box on the Terminal Server, click the Advanced button and go to the Audit box. Click "Add", select "TS" in the "Select Users and Groups" list box, click "OK", pop the "Rdp-tcp Audit Entries" dialog (Figure 6), and click "OK" after checking the items in the box. Can.
Figure 6
Iv. Perfecting Terminal Server log
When the LAN administrator opens Event Viewer, the Terminal Services log is found to be imperfect. If the user does not log on to the Terminal server within the LAN, there is no way to find the details of the user's login, which brings trouble to the maintenance work of the LAN administrator. Now let's refine the Terminal server log.
In the D disk directory, create 2 Files "ts2003." BAT "(script files that are run when the user logs on) and" ts2003. Log file.
Write "ts2003." BAT script file:
time/t >>ts2003.log
Netstat-n-P TCP | Find″:3389″>>ts2003.log
Start Explorer
The first line of code is used to record the time the user logged in, and "time/t" means to return to the system time, using the append symbol ">>" to put the time into the ts2003. Log as the Time field for the journal, the second line of code records the IP address of the end user, "netstat" is the command used to display the current network connection status, "-N" is used to display the IP and port, "-p TCP" displays the TCP protocol, and the pipe symbol "|" The result of the "netstat" command is output to the "find" command, which then looks up the row containing "3389" from the output, and then redirects the result to the log file "ts2003." LOG "; The last act starts the Explorer command.
Put "ts2003." BAT "is set to the user's logon script. On the terminal server, go to the RDP-TCP Properties window and switch to the environment box (Figure 7), and check "Override settings for user profiles and Remote Desktop Connection or Terminal Services clients" and enter "D:\ts2003.bat" in the program path and file Name field, at the start location Enter "D:\" in the column and click "OK" to complete the setup. At this point, we will be able to understand the whereabouts of each user through the Terminal Services log.
Figure 7
With the above steps, we have completed the work of setting up a Windows Server 2003 Terminal Server in the LAN, and interested friends can try it immediately.