Terminal Services is one of the most widely used features in previous versions of Windows Server. Terminal Services makes it possible to remotely run an application in one location but have it be controlled and managed in another. Microsoft has evolved this concept considerably in Windows Server 2008 R2, so we’ve decided to rename Terminal Services to Remote Desktop Services (RDS) to better reflect these exciting new features and capabilities. The goal of RDS is to provide both users and administrators with both the features and the flexibility necessary to build the most robust access experience in any deployment scenario.
Remote Desktop Services in Windows Server 2008 R2 covers the same basic technology features as did Terminal Services, so this name change necessarily filters down as well. The table below summarizes the new names for TS-to-RDS technologies in R2.
Table 2: New Remote Desktop Services Names for Corresponding Terminal Services Names
Remote Desktop Services and Virtual Desktop Infrastructure
To expand the Remote Desktop Services feature set, Microsoft has been investing in the Virtual Desktop Infrastructure, also known as VDI, in collaboration with our partners, which include Citrix, Unisys, HP, Quest, Ericom and several others. VDI is a centralized desktop delivery architecture, which allows customers to centralize the storage, execution and management of a Windows desktop in the data center. It enables Windows Vista Enterprise and other desktop environments to run and be managed in virtual machines on a centralized server.
Increasingly businesses aim to enable their employees and contractors to work from home or from an offshore, outsourced facility. These new work environments provide better flexibility, cost control and lower environmental footprint but increase demand for security and compliance so that precious Corporate data is not at risk. VDI addresses all these challenges with the following features:
For both VDI and traditional remote desktop services the quality of user experience is more important than ever before. The version of VDI and remote desktop services in Windows Server 2008 improves the end user experience through new Remote Desktop Protocol capabilities. These new capabilities, enabled with Windows Server 2008 R2 in combination with Windows 7, help make the user experience for remote users almost identical to local users.
Improved RemoteApp and Desktop Connections
New RemoteApp & Desktop Connection (RAD) feeds provide a set of resources, such as RemoteApp programs and Remote Desktops. These feeds are presented to Windows 7 users via the new RemoteApp & Desktop Connection control panel, and resources are tightly integrated into both the Start menu and the system tray.
The improved RemoteApp and Desktop Connections features in Windows Server 2008 R2 and Windows 7 provide the following improvements:
Extends Remote Desktop Services to provide tools to enable VDI. The in-box Remote Desktop Services capability is targeted at low-complexity deployments and as a platform for partner solutions, which can extend scalability and manageability to address the needs of more demanding enterprise deployments. VDI includes the following technologies to provide a comprehensive solution:
System Center Virtual Machine Manager 2008
Microsoft Application Virtualization version 4.5 in Microsoft Desktop Optimization Pack (MDOP).
Vista Enterprise VECD licensing
Provides simplified publishing of, and access to, remote desktops and applications. The feeds described above provide access in Windows 7, but using the new RemoteApp & Desktop Web Access, users will also be able connect to these resources from Windows Vista and Windows XP.
Improved integration with Windows 7 user interface. Once accessed, RAD-delivered programs and desktops show up in the Start Menu with the same look and feel of locally installed applications. A new System Tray icon shows connectivity status to all the remote desktop and RemoteApp connections to which the user is currently subscribed. The experience is designed so that many users won’t be able to tell the difference between a local and remote application.
Figure 13: Updates to the Terminal Services Connection Broker
Improving User Experience through new Remote Desktop Protocol capabilities. These new capabilities, enabled with Windows Server 2008 R2 in combination with Windows7, improve significantly the experience of remote users, making it more similar to the experience enjoyed by users accessing local computing resources. These improvements include:
Multimedia Redirection: Provides high-quality multimedia by redirecting multimedia files and streams so that audio and video content is sent in its original format from the server to the client and rendered using the client’s local media playback capabilities.
True multiple monitor support: Enables support for up to 10 monitors in almost any size, resolution or layout with RemoteApp and remote desktops; applications will behave just like they do when running locally in multi-monitor configurations.
Audio Input & Recording: VDI supports any microphone connected to a user’s local machine, enables audio recording support for RemoteApp and Remote Desktop. This is useful for VoIP scenarios and also enables speech recognition.
Aero Glass support: VDI provides users with the ability to use the AeroGlass UI for client desktops; ensuring that remote desktop sessions look and feel like local desktop sessions.
Direct X redirection: DirectX 9, 10 and 11 applications will render on the server and will be remoted using bitmaps (requiring Direct3D-compatible hardware). If the application supports the new DirectX 10.1 API with remoting extensions the DirectX (2D& 3D) graphics are redirected to the local client to harness the power of the GPU on the user’s local device, removing the need for a GPU on the server.
Improved audio/video synchronization: RDP improvements in Windows Server 2008 R2 are designed to provide closer synchronization of audio and video in most scenarios.
Language Bar Redirection: Users can easily and seamlessly control the language setting (e.g. right to left) for RemoteApp programs using the local language bar.
Task Scheduler: This adds the ability in Task Scheduler to ensure that scheduled applications never appear to users connecting with RemoteApp. This reduces user confusion.
While RAD improves the end-user experience, RAD also reduces the desktop and application management effort by providing a dedicated management interface that lets IT managers assign remote resources to users quickly and dynamically. Windows Server 2008 R2 includes the following RAD management capabilities to help reduce administrative effort:
RemoteApp & Desktop Connections control panel applet. Users can easily connect to RemoteApp programs and Remote Desktops using the RemoteApp & Desktop Connections control panel applet in Windows 7.
Single administrative infrastructure. Both RemoteApp & Desktop connections and RemoteApp and Desktop Web Access are managed from a single management console. This ensures that connections can still be used from Windows XP and Vista by using a Web page.
Designed for computers that are domain members and standalone computers: The RemoteApp & Desktop feature is easy to configure and use for computers that are members of Active Directory domains and for standalone computers.
Always up to date. Once a workspace is configured, that workspace keeps itself up to date until it is removed from the user’s desktop. When an admin adds an application or update it automatically appears on users’ Start menu and via that user’s Web Access page.
Single sign-on experience within a workspace. Ensures that only a single logon is required to access all applications and resources with a RAD connection.
RemoteApp & Desktop Web Access. This capability provides full integration with RemoteApp & Desktop Connections to ensure a consistent list of applications is available to the user at all times, no matter the desktop OS used. The default web page provides a fresh and inviting look and feel and includes a new Web-based login with integrated single sign-on.
Figure 14: Remote Desktop Services Web Access expands RDS features cross-OS
Administrators faced with larger RAD deployment scenarios will also find additional management features in Windows Server 2008 R2’s Remote Desktop Services aimed at improving the management experience for all existing scenarios previously addressed by Terminal Services as well as the exciting new scenarios available via RAD. These improved management features include:
PowerShell Provider. Easily manage multiple servers and repetitive tasks - almost all Remote Desktop Services administrative tasks can now be scripted; view and edit configuration settings for the Remote Desktop Gateway, Remote Desktop Server and more.
Profile Improvements. The user profile cache quota removes the need to delete profiles at logoff, speeding up user logon. Group policy caching can now be performed across an RDS farm to speed up group policy processing during logon
Microsoft Installer (MSI) compatibility. Microsoft has fixed multiple MSI-related issues with Windows Server 2008’s Terminal Services to ensure that MSI install packages can be installed normally and that per-user install settings are correctly propagated. The updates also remove the need to put the server in ‘install mode’, meaning users no longer need to be logged off during RAD management operations.
Remote Desktop Gateway. RDG securely provides access to RAD resources from the Internet without the need for opening additional ports or the use of a VPN. RDG provides this by tunneling RDP over HTTPS and incorporating several new security features:
Silent Session Re-authentication. The Gateway administrator can now configure the RDG to run periodic user authentication and authorization on all live connections. This ensures that any changes to user profiles are enforced. For users whose profiles haven’t changed, the experience is seamless.
Secure device redirection. The Gateway administrator can be assured that device redirection settings are always enforced even from unmanaged clients like kiosks.
Pluggable Authentication. For corporations that have specific need to implement their own authentication and authorization technologies, these customers now have the flexibility to plug-in their preferred authentication/authorization mechanisms.
Idle & session timeout. Administrators now have the flexibility of disconnecting idle sessions or limiting how long users can be connected.
Consent Signing. If your business demands that remote users adhere to legal terms & conditions before accessing corporate resources, the consent signing feature helps you do just that.
Administrative messaging. The Gateway also provides the flexibility to provide broadcast messages to users before launching any administration activities such as maintenance or upgrades.
Partners and Independent Software Vendors (ISVs) also get tools with the new service to more easily enable third-party software manufacturers to built RAD-optimized products. These tools include:
RemoteApp& Desktop Web Access Customization. It is now possible to easily extend the look and feel of web access by both customers and partners using support for cascading style sheets. Developers can also create custom Web sites that consume the RAD connection XML feed and transform these with XSLT.
RemoteApp & Desktop Connection. Though RAD connections are currently only used for Remote Desktop Services, it is possible to extend both the server-side infrastructure and Windows 7 client shell to add support for any type of application or service – even ones that don’t use RDP or remoting protocols. This provides a single UI and point of discoverability for any service.
Session broker extensibility. The session broker offers broad extensibility to enable customers and ISVs to take advantage of the built-in RDP redirection features while providing significant additional unique value through the various types of plug-ins; for example:
Policy (policy plug-in), which determines the proper farm or VM for a connection,