Windows 2000 Terminal Services

The Terminal Services part of Windows 2000 Server is interesting.  It isn't very fast, but it does seem to work with a surprising number of programs.  There are a few things that might not be immediately apparent, but make life a little easier:

1. Disabling the ALT+CONTROL+DELETE requirement to log on

This is a fairly annoying requirement that is enabled by default.  Disable it by going to: Start, Programs, Administrative Tools, Local Security Policy.  Now go to Local Policies, Security Options.  Find "Disable ALT+CTRL+DEL requirement for logons".  Right-click on it, select Security, and select ENABLE.

If you want added security, you can blank the last username by modifying the very next line, "Do not display last user name in logon screen".  Do the same thing: Right-click, Security, Enable.

2. Disallow remote disconnections

If the remote user unexpectedly disconnects and leaves a program open on the server, you could potentially tie up key files.  You can remedy this situation by forcing the client to log off, and not just clicking on the "X" to close the window by using this modified Win32 Client (which also incorporates the RDPCLIP fix).  (Program courtesy of terminal-services.net)

3. Reclaim lost TS Client licenses

This Microsoft Hotfix (Q287687) allows unused licenses to be reclaimed after a few months.

4. Added font choices for DOS Windows

Add a few more selections to DOS Box font selections by adding these fonts to your font folder.  (Fonts courtesy of terminal-services.net)

5. Keep client printer mappings

The terminal server has a way of losing the printer mappings for client printers, especially when you need these mapped to actual LPTx: ports.  Here's the key to making this work:

1. You MUST have Active Directory installed and functioning on the Terminal Server machine.  Odd, but true.

2. Set up File & Print sharing on your client computer, and share out your printer with the name you wish to use.

3. Log into the terminal server, and verify that you can see your printer in the Printers folder (Start, Settings, Printers).  Right click on it, Sharing, and make sure it is shared with the proper name.

4. If you need LPTx: port mapping, go into DOS (Start, Programs, Accessories, Command Prompt), then type in:

net use lpt1: \\servername\printersharename

Example: net use lpt1: \\mainserv\okidata

5. Now exit the dos box, and log off the terminal server.  It is critical that the share exist when you log off - this will cause it to "stick" once you log back on again.

You may also want to reinforce this a little more, with a login script that first releases the mapping (with something like: net use lpt1: /delete), then tries to map it (with the command in step 4 above).  If that command fails, keep retrying until it works.  I've seen Windows sometimes take up to a minute retrying this, but then it finally "takes".  Definitely a very strange operating system!

More interesting found at admin911.com

Last updated 09/02/2003