Back in the summer of 2005, this column discussed how you can use thin client technologies such as Microsoft's Terminal Services to create a scalable application access solution for your end-users. Thin clients are uniquely scalable because you can use old or underpowered hardware to access modern operating systems that require far more systems resources than your client machines have. You can even connect to the terminal server from a handheld computer such as a Pocket PC phone.
As the number of users grows, however, you may find your terminal server is getting overloaded. The good news is that you can use load balancing to spread the load across a group of terminal services configured in a terminal server farm. As with a web farm, a terminal server farm consists of a group of machines that are seen by users as if they were a single machine. The ability to add more machines to the farm as needed makes this a viable solution for scaling the thin client solution on the server side.
Building load balanced terminal server farms
Windows Server 2003 Enterprise and Datacenter editions support load balancing. For best results, you should use server machines for the farm that are all as much alike as possible. They should run the same software and be configured in the same way. It’s also a good idea to store user data in a network storage location rather than having duplicates of it on different servers in the farm.
You should install Windows Terminal Services on the servers through the Add or Remove Programs | Windows Components option, prior to the installation of user applications. You can use Microsoft’s network load balancing service, but it has some limitations. For example, it limits you to 32 servers on the same subnet. This is often sufficient, but if you need more flexibility, you can use a third party load balancing solution or a hardware-based load balancing device that does layer 4 switching. For example, HOB WebSecureProxy can perform more sophisticated load balancing, querying the servers in the farm and evaluating over a dozen parameters such as CPU load, memory utilization, swap activity and page file use, network load and more. Disconnected sessions are reconnected to the same server (For more information about HOB, see http://www.hobsoft.com/produkte/connect/wts_computing.jsp) .
Advantages of the session directory
You don’t have to use a third party solution to get the advantages of reconnecting sessions to the same server. You can create a farm of terminal servers using Windows Server 2003 computers, running Enterprise or Datacenter edition, that uses a session directory to maintain a database associating user names with session IDs, so that users can disconnect terminal sessions and then later reconnect to the same session. This means the applications that the user had open previously will still be running, making it more convenient and transparent for your users.
Users are used to being able to disconnect and reconnect to the same session when you have a single terminal server, but this is more complex when you have a terminal server farm because the user needs to be able to reconnect to the same server. With the session directory service, you scale your thin client solution to encompass a terminal server farm and still preserve the familiar user experience.
The session directory server
The session directory can be installed on a separate server that is not part of the terminal server farm, and it doesn’t have to have terminal services installed on it, although it can be installed on one of the terminal services if you wish. The session directory can be run on a Windows Server 2003 Standard edition machine. You’ll need to configure the session directory service to start automatically (in the Services section of the Computer Management console). The service is disabled by default.
Next you must grant access to the client servers. A Session Directory Computers group is automatically created when you enable the service, but it’s empty by default. This is done in the Select Users, Computers or Groups dialog box.
For fault tolerance, you can create a server cluster so that if the session directory server goes down, it will fail over to another cluster member and the service will still be available to your users.
Session directory clients
The terminal servers that will get information from the session directory are known as the client servers. You can configure them with the Terminal Services Configuration Tool (tscc.msc) or through Group Policy. The latter is the best way to configure multiple servers. These settings can be found in the Computer Configuration | Administrative Templates | Terminal Services | Session Directory node in the Group Policy Editor. You can configure the client servers to participate in the session directory, set the name or IP address of the computer running the session directory service (the session directory server) and the name of the load balancing cluster.
Citrix originally developed the technology on which Microsoft’s terminal services (beginning with Windows NT Terminal Server Edition) are based. Windows TS uses the Remote Desktop Protocol (RDP), whereas Citrix uses a different thin client protocol, Independent Computing Architecture (ICA). ICA client software is available for Linux, Unix and Macintosh operating systems as well as Windows, and has a web-based client, and there is a version of Presentation Server that runs on UNIX servers.
Citrix Presentation Server (formerly called Metaframe) provides some advantages over Microsoft Terminal Services. For example, you can load balance the servers in a farm based on 11 different performance counters. The "Smart Access" feature lets you control how users can access applications from different locations and grant access based on such factors as whether the client has anti-virus software installed and updated, type of authentication used, patch status, etc.
Regardless of whether you use Citrix or Microsoft terminal services, a terminal server farm can be a complex environment. Luckily, there are many third-party products that can help you to monitor and manage the servers in the farm. For example, eG Enterprise suite provides extensive monitoring for server farms.
The future of Terminal Services
Microsoft has added a number of features to Terminal Services in Longhorn Server (the next generation of Microsoft’s server OS). Some of these are similar to Citrix features. For example, there will be a terminal server gateway that functions like the Citrix Secure Gateway, providing SSL encryption for terminal servers behind it. Longhorn TS will also support application publishing with client-side file type associations (called Remote Programs), seamless windows with system tray integration, a single management console, and more. Unfortunately, there don’t seem to be any plans for improvements to TS load balancing or changes to the session directory service (other than adding support for IPv6).
Terminal services can offer a scalable solution for providing users access to a modern operating system and applications at a lower TCO, and you can realize even more scalability by implementing terminal server farms that allow you to increase the number of users and/or applications while preserving the familiar terminal experience for the end-user.
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.