Windows 2008 Terminal Services – RemoteApps, Web Access, Session Broker, Gateway
I attended a Microsoft roadshow the other day at Microsoft’s new offices in Edinburgh, absolutely stunning views I’m sure you will agree.
So the roadshow was advertised as being presented by James O’Neil but for some reason he wasn’t there and we got Andy Malone who is an MCT and MVP based in Scotland. The event was based around “what’s new in Windows Server 2008″ and covered a number of subjects, including Active Directory, Server Core and of course virtualisation. One of the areas that caught my eye at James O’Neil’s last roadshow in Edinburgh was the new terminal services role in Windows Server 2008. Now the company I work for use Citrix and I worked on implementing a brand new Xenapp 4.5 farm last year, I’ve since sat my Citrix Certified Administrator exam and think I know a thing or two about presentation virtualisation. So I was very keen to hear the Terminal Services presentation again to see if I missed anything the last time, because last time I was convinced that this was a valid alternative to Citrix XenApp.
Microsoft have provided Terminal Services as part of windows for many years, capabilities have always been basic, with Citrix adding a lot of the nice features that made TS attractive to enterprise companies. However in Windows 2008 I think Microsoft have done a lot of work on TS which makes it less entry level and a lot more enterprise friendly everytime I see it. Some of the key features are detailed below.
RemoteApp - This is the equivalent of published applications on Citrix, applications are delivered seamlessly onto a users desktop through the RDP client but run on the terminal server. The icons for running RemoteApps can be delivered as an .rdp file or can be packaged up into an MSI for delivery to the desktop via group policy or the deployment tool of your choice.
Terminal Services Web Access – Now this is a very similar service to the Citrix Web Interface whereby users can access TS RemoteApps and connect to the terminal server desktop from a web browser front end. Users can visit a Web site (either from the Internet or from an intranet) to access a list of available RemoteApp programs. When they start a RemoteApp program, a Terminal Services session is started on the Windows Server® 2008-based terminal server that hosts the RemoteApp program. The one thing that distinguishes it from Citrix is that the Web Access portal is not customisable and that all users see all RemoteApps, although permissions are applied to control the execution of RemoteApps.
Terminal Services Gateway - utilises RDP over HTTPS to establish a point to point RDP connection allowing access to the resources of a terminal server without the need for a VPN. That’s not to say that you should not have some other form of security in place such as ISA Server but it does allow you to operate across port 443 which is generally open on most corporate firewalls. This makes the TS Gateway very easy to deploy without large amounts of change to firewall rule sets, the same cannot be said of Citrix Secure Gateway.
Terminal Services Session Broker – This is a new role wich is designed to provide load balancing when multiple terminal servers are grouped together in a farm. Before Windows 2008 TS load balancing across terminal servers was not very intuative, this new role brings it into line with the functionality we see in Citrix farms.
One thing that wasn’t covered in any of the demonstrations I’ve seen is printing, now coming from a Citrix background I know what a pain printing can be in a TS environemnt. There is a good reason that it makes up about 30% of the CCA examination and that’s because there’s lots to think about in it’s configuration.
Terminal Services Printing – Windows Server 2008 comes with the Terminal Services Easy Print driver, allowing users to print from their RemoteApp or TS Desktop to a printer on their local client device. Where it differs from Citrix is that when you log on to a TS session the server will attempt to install the Easy Print driver first and if for some reason it can’t it will then use a matching native driver. if this step then fails and it can’t find a native driver then the printer will not be availble in the TS session. Citrix will usually search for the native driver first (unless told otherwise via policy) before reverting to the Citrix Universal Print Driver or as a last resort, not allowing the printer in the TS session at all. This is an interesting approach from Microsoft as it means that they do not have to add in additional management features to control driver exclusion lists or driver mapping functionality, thus making it easier than Citrix in the printing arena. I’d be interested to see how the easy print driver performs when you put a slow link or transatlantic WAN connection in the way.
All in all the Windows 2008 Terminal Server offering is very impressive, especially considering it is free straight out of the box. It looks to be a worthy advisory to Citrix for small to medium businesses looking to centralise applications without the usual associated costs. Where it may struggle to gain a foothold is in the enterprise market where all to often they require the extra features that a Citrix solution provides. It’s an interesting move by Microsoft who have a close partnership with Citrix, it’s almost like they didn’t want to take it any further for fear of upsetting them. Maybe in the next incarnation of Windows Server?!