Terminal Server setup opinions...

[YeOldeStonecat]

For some larger networks, what are some peoples preferences when it comes to Terminal Server setup. Specifically, I see some instances where only the specific shared "application" will be run on TS, like the accounting or production software, and people run the rest of their "stuff" locall, MS Word, Outlook to Exchange, My Documents is treated the old fashioned way like kept locally or mapped to a server share.

-or-

Run literally everything through the Terminal Services desktop...install MS Office there, configure Outlook, redirect My Documents to some network storage, etc.

Which leads to a question that popped up in my head....how are viruses and malware treated if the users Term Service session gets infected?

[twwabw]

I can't imagine the horsepower requirements of letting users perform all desktop apps via TS ... I would imagine it would be significant. Plus, it's difficult to control server access when you're running so many different programs, as in it is in essence the users only desktop app resource.

I like the TS to be an app server for only the app that requires it, ie: the acct'g app. Then, I can configure the TS via GPs to preven virtually any type of OS access on the TS by the users other than the app they're running. I'll have the acct'g app launch upon TS connection, and be the ONLY thing the user can even see or access on the TS desktop. This way, I can control their ability to mess around with the interface.

This way, they can treat the remote desktop TS session as just another program running on their own desktop- they can window or minimize during slack times, etc.

I've got a setup now between a Client's NY office and their MA main office running their accounting software via TS, over a VPN tunnel. Server 2003. Works well. They're linked via 1500/1500 WISP in MA to a commercial RoadRunner 2000/768 link in NY, and tunneled with a pair of SonicWalls. About 6 users in each site that access the acct'g pkg at any given time. Works well.

[YeOldeStonecat]

That's somewhat of what my instinct tells me...what you've described. TS for the app only. Only thing I'm looking at for this particular project....is two sites...substantial file storage needs at both locations, with access to each from the other.

[iaus10]

I love TS setup for ease of administration. Users really don't notice a difference or care. We use two Desktop class machines as servers right now. A lot of Wyse CE devices, and re-used P133 dells and compaqs as clients. Remote users VPN and use the servers as well. Cpu (2.8 and 3.0 P4's) is never a problem, but memory is. One machine with ~40 users uses most of the 2 Gigs. The 2.8 machine only has about 20-25 concurrent users and 1 gig of ram. Storage is -supposed- to be on a mapped network drive to a storage server, email on an exchange server, etc. They're used mainly for a couple special "telnet type" applications as well as the basic office and browsing. It's a lot easier to keep virus defs, updates, and audits in check on two mahcines rather than 60 - 70 machines.

[Noevo]

We had it setup for a few users at my old job. Specifically to use ADP apps on the server. And yeah, we just gave them the ability to use those particular things they needed. and make sure to disable shutdown for them