This month I’ve been trying to nudge the project of moving to Windows Server 2008 Terminal Services RemoteApp forward at the office. The goal is to get away from using a version of Citrix Presentation Server to access applications over the Internet. The needs of our office have changed and the new features with Terminal Services in Server 2008 make this something we want to adopt instead.
However, nothing is without an occasional bump in the road. Here a couple of ours:
Bump #1 – No way to filter which applications users see on the RemoteApp webpage.
I know this feature was added in Server 2008 R2. Unfortunately, we have to stick with the Server 2008 “classic” due to an important 32-bit application that does not install or run properly under WoW. We debated the importance of filtering the application list and decided it wasn’t a deal breaker. Or we can look at some third-party workarounds.
Bump #2 – Users with passwords set to “enforce change at next logon” can’t get past the TS Gateway.
We have to remember to handle first time password changes for users who only be using RemoteApp by NOT checking the enforcement box and instructing them on how to change there password after they launch an application. (CNTL + ALT + END does the trick from any launched application.)
Bump #3 – No support for Macs with the Mac version of the RDC client.
Ouch. We only have a few employees that use a Mac at home and we’ll have to continue offering GoToMyPC to meet their needs. Not what I’d like to do, but hopefully support for the Mac will come along soon.
Bump #4 – Limitations with multi-monitor support.
Microsoft KB925876 gives some of the details of what type of multi-monitor support is available with Server 2008 Terminal Services and should automatically support spanning if your monitors meeting the configuration requirements. Those rules are: the total resolution on all monitors must be under 4096 x 2048 pixels; the monitors must have the same resolution; the monitors must be aligned side-by-side; and the far left screen has to be the primary one.
This is pretty limiting, especially if you have a laptop connected to an external monitor and want to take advantage of both screens. Or have monitors set up in configuration where one is turned vertically. Or any other number of possible configurations. Windows 2008 R2 improves on this as well, but as noted in #1, we just can’t quite use that yet.
So yes, we’ve got a few bumps, but nothing that would keep us moving forward with the project at this point. Our remote access isn’t supposed to be used by someone as a long-term way to work, nor is used with a frequency that demands extra capital expenditures to overcome a few relatively minor issues.
When you first load a fresh install of Windows 7 or Server 2008 (original or R2) the desktop is empty of icons except for the Recycle Bin. Personally, I really like it that way. The search mechanism is so easy to use I have little need for icons cluttering up my desktop background.
However, some people like the look of the familiar. In Windows 7, you can use the “Personalization” control panel applet to add back the icons for Computer, Network and Documents. Windows 2008 has no such option in the control panel for restoring those icons by default. Instead you must type “desktop icons” into the search window and select the hidden control panel feature to “Show or hide common icons on the desktop.”
You can right click “Computer” in the start menu and there is an option for that component to show on the desktop, but the same feature is not available for “Network.” The other option is to install the “Desktop Experience” onto the server, which will add several of the customizing features that one might be wishing for. I also noticed that I have access to the Personalization control panel applet on a server that has Terminal Services (aka Remote Desktop Services) installed.
I suspect there are some registry keys that can reveal some of these interface tweaks. Or maybe this is just a Trivial Pursuit question in the making.
Wondering where to get started with Windows 7 and Server 2008 R2?
If you are looking for some fresh reading material, don’t miss out on two free eBooks by Microsoft Press. Get more information about the “Deploying Windows 7” eBook at the TechNet Flash Blog and “Introducing Windows Server 2008 R2” at the Windows Server Division Blog.
Yesterday, I attended Microsoft’s “The New Efficiency” technical series, as part of the Windows 7/Server 2008 R2/Exchange 2010 product launch. I was a little disappointed at the turn out, since registration had been closed so early. I expected more people and generally “more” from Microsoft with all these new products coming out in just days. But I guess not every event can be hit out of the park.
That being said, there were several sponsor-led sessions that were interesting and then tracks for Windows 7, Server 2008 R2 and Exchange 2010. My original plan was to hit something from every track, but that proved difficult as the presenters from each track didn’t always keep to the scheduled break times. Thus I stuck with the server track, which was presented by Chris Henley.
Here are a few of the features that were touched on during the sessions:
- The integrated Best Practice Analyzer covers more areas, such as Active Directory Domain Services and DNS. The BPA was mostly known for it’s use with Exchange, so it’s nice to see it expanded to other critical areas.
- The Recycle Bin for AD. This feature makes it easier to restore deleted objects in Active Directory without having to resort to an authoritative restore, effectively extending your recoverablity of objects to nearly a year. While possible, its not recommended to reduce the lifetimes for deleted object and tombstone object below the 180 days each. Also, it’s important to note that the recycle bin feature is a schema change and it can’t be turned off once implemented. Finally, while item in the recycle bin can’t have their UPN used again until it moves out to a tombstoned object, but you can manually force items to be moved earlier.
- In Server 2008 R2 there were changes in the core architecture which affected the networking stack to support IPv6 and IPv4 native to same Windows core protocols.
- The Server Core installation option supports an additional role for WoW64 and IIS 7.5 also supports ASP on Server Core. Server Core has also gained a text menu environment called “S-config” to make it easier to configure basic server settings.
- New features in Remote Desktop Services, such as virtual desktops via Hyper-V, improvements in RemoteApp, multimedia support and bi-directional audio.
- DirectAccess as an alternative to VPNs for corporate network access. DirectAccess requires at least 4 servers and includes a setup wizard that details out how it all hooks together.
- Improvements in Hyper-V, such as Live Migration and the ability to add some “hardware” (like Hard Drives)to virtual machines without powering them off. Don’t forget the Microsoft Assessment & Planning Toolkit, which can help minimize capital costs and reduce operating costs in your data center.
At the end of the day, the software giveaway was a copy of Windows 7 (32-bit) and the swag bag had the ever-popular XL t-shirt. Hidden among the product pamphlets in the bag was a cool gift from NetApp – a free copy of the book “Windows Server 2008 Hyper-V: Insider’s Guide to Microsoft’s Hypervisor”. Request your copy by November 20th. I’m sure the request will get you on a mailing list of some kind, but I’ll live with that for a free book.
This week I continued with disaster recovery testing in our lab, the first machine restored from tape being one of our domain controllers. While checking over the health of the restored Windows 2003 active directory, I remembered that we are using a third-party tool in production to aid in the recovery of deleted items – Quest’s Active Directory Recovery Manager. To be honest, we haven’t had a reason to use the software since we installed it, which I suppose is a good thing. But it is a stress reliever to know that it’s there for us.
Restoring this product in our test lab isn’t part of the scope of this project, but it does have me looking forward to planning our active directory migration to Server 2008 R2, which includes a new, native “recycle bin” feature for deleted active directory objects. You can find more details about how this feature works in Ned Pyle’s post on the Ask the Directory Services Team blog, The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting.
While the native feature doesn’t have the ease of a GUI and requires your entire forest to be at the 2008 R2 functional level, it’s certainly worth becoming familiar with. Once I’m done with all this disaster testing, you can be sure this feature will on the top of my list to test out when I’m planning that upgrade.
Today I enjoyed a morning at the Microsoft office in SF attending an event in the current series of TechNet Events. Through the months of September and October, the TechNet Events team is traveling around the US providing tips, solutions and discussion about using Windows 7 and Server 2008 R2.
Today’s presentation was given by Chris Henley, who led some lively and informative discussions on three topics – Tools for migration from Windows XP to Windows 7, Securing Windows 7 in a Server 2008 R2 Environment (with Bitlocker, NAP and Direct Access) and new features in Directory Services.
I was excited to see specific information on Active Directory. If you missed the blogs about Active Directory Administrative Center back in January like I did, you’ll like some of the new features in this 2008 R2 tool, including the ability to connect to multiple domains and improved navigation views.
If there isn’t an event near you this time around, check back after the holidays when they’ll head out again for another series.