The next screen will allow you to configure the client experience providing your end users with similar functionality and visual experience found from a Windows 7 desktop. I will be selecting all 3 options provided, with one of the enhancements to Remote Desktop Services in R2 being the ability to provide users with a much better Video playback experience than in previous releases. It does so by offloading the actual video playback to the local graphics processing unit.
The next screen provides you with the ability to configure discovery scope for RD licensing. The next screen is requesting a server authentication certificate for SSL encryption. To simplify matters during the installation I will select create a self-signed certificate for SSL encryption and will discuss this in more detail in part 2 of this series.
Note that using a self-signed certificate will create additional administrative overhead for administrators as the certificate will need to be exported and imported to your remote desktop client computers.
Using a 3rd party certificate from a Trusted certificate authority will remove that administrative burden and provide end users with a seamless experience. The next screen introduces Authorisation policies for the RD Gateway. With an RD CAP you can also specify conditions for specific users and groups such as, you can only connect to this RD Gateway if you are using a smart card. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means electronic, mechanical, photocopying, recording, or otherwise , or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. All rights reserved.
All other trademarks are property of their respective owners. When a client—either a user or a device—connects to a terminal server, the terminal server determines if a TS CAL is needed. The terminal server then requests a TS CAL from the Terminal Services license server on behalf of the client attempting to connect to the terminal server. If an 5. Although there is a licensing grace period during which no license server is required, after the grace period ends, clients must have a valid TS CAL issued by a license server before they can log on to a terminal server.
Important Remote Desktop supports two concurrent connections to remotely administer a computer. You do not need a license server for these connections. To use Terminal Services, you must also have at least one license server deployed in your environment. For small deployments, you can install both the Terminal Server role service and the TS Licensing role service on the same computer. For larger deployments, it is recommended that the TS Licensing role service be installed on a separate computer from the Terminal Server role service.
You must configure TS Licensing correctly in order for your terminal server to accept connections from clients. To allow ample time for you to deploy a license server, Terminal Services provides a licensing grace period during which no license server is required.
During this grace period, a terminal server can accept connections from unlicensed clients without contacting a license server. The grace period begins the first time the terminal server accepts a client connection. The length of the grace period is based on the operating system running on the terminal server. The grace periods are as follows: Operating system running on the terminal server. By default, after you log on as a local administrator on a terminal server, a message will appear in the lower-right corner of the desktop that notes the number of days until the licensing grace period for the terminal server expires.
Before the TS Licensing grace period ends, you must purchase and install the appropriate number of TS CALs for each device or user that needs to connect to a terminal server.
In addition, you must verify that the Terminal Services licensing mode that you specify on the terminal server matches the type of TS CAL available on the license server. The Terminal Services licensing mode determines the type of TS CAL that a terminal server will request from a license server on behalf of a client connecting to the terminal server. This checklist provides tasks that an administrator should perform before installing and configuring TS Licensing. Remote Desktop supports two concurrent connections to remotely administer a computer.
A terminal server running Windows Server can only communicate with a license server running Windows Server When Per Device licensing mode is used, and a client computer or device connects to a terminal server for the first time, the client computer or device is issued a temporary license by default.
Terminal Services License Server Discovery When you install the TS Licensing role service, you need to specify a discovery scope, which determines how the Terminal Services license server will be automatically discoverable by terminal servers. The recommended discovery scope for a license server is Forest. If you configure workgroup discovery scope, terminal servers, without any additional configuration, can automatically discover a license server in the same workgroup.
Domain discovery scope and forest discovery scope are only available when the computer that you are installing the TS Licensing role service on is a member of a domain. If you configure domain discovery scope, terminal servers, without any additional configuration, can automatically discover a license server in the same domain only if the license server is installed on a domain controller.
You can install the TS Licensing role service on a non-domain controller, but the license server will not be automatically discoverable by terminal servers in the domain. To configure domain discovery scope, you must be logged on as a domain administrator to the domain in which the license server is a member.
If you configure forest discovery scope, terminal servers, without any additional configuration, can automatically discover a license server in the same forest, because the license server is published in Active Directory Domain Services. To configure forest discovery scope, you must be logged on as an enterprise administrator to the forest in which the license server is a member.
You can change the discovery scope of the license server by using Review Configuration in the TS Licensing Manager tool. This checklist provides the tasks that an administrator needs to complete to install and configure TS Licensing. Note The installation of the TS Licensing role service does not require the computer to be restarted. Membership in the local Administrators group, or equivalent, on the computer that you plan to configure, is the minimum required to complete this procedure.
To install the TS Licensing role service 1. Open Server Manager. In the left pane, right-click Roles, and then click Add Roles. Note If Terminal Services is already installed on the server, the Terminal Services check box will be selected and dimmed.
Click Next. On the Terminal Services page, click Next. If you want to specify a database location other than the default location provided, click Browse. Log in to Verify Download Permissions. Information Summary This article contains information on troubleshooting and Terminal Server licensing errors. Cause-1 The Event Log does not specify the client device that provided the invalid license.
Open the Registry Editor through regedit Click the Advanced key. Verify that the Authenticated Users group is in Permissions Entries. Cause-2 A potential race condition between the Icaapi. Name the new key LicenseServers. Restart the computer. The fully qualified domain name FQDN of the server. The IP address of the server. Restart the server to apply the changes. An individual workstation might connect to server A but not to server B.
Some client workstations might connect to all servers while others are denied to some servers. In both cases, the RDP client connection from the same workstation might connect to both servers A and B. Resolution-3 Upgrade to the latest firmware version 4. Verify the ICA Client version. The first thing you will notice is that the License Server is not activated. You can see that on the red mark left to the server name.
If you right click on the server name you can open the configuration of the server. To change the scope the user we use to reconfigure this option needs to have Enterprise Admin privileges in Active Directory. Choosing Forest makes this Licensing Server available to multiple domains within the forest.
Click OK again to finish the configuration for the scope. Now right click on the server name again and start the Activate Server Wizard.
0コメント