Terminal Server Best practices
Updated: January 21, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Install Terminal Server on a standalone server and not on a domain controller.
Installing Terminal Server on a domain controller can affect the performance of the server because of the additional memory, network traffic, and processor time required to perform the tasks of a domain controller in a domain.
Install Terminal Server on an NTFS file system partition.
NTFS provides greater security for users in a multisession environment who access the same data structures.
When shutting down a terminal server, use the tsshutdn command instead of the Shut Down option on the Start menu. This will shut down the server in a controlled manner. The Shut Down option on the Start menu does not notify users before ending user sessions and is not recommended. Ending a user's session without warning can result in loss of data at the client. For more information about using tsshutdn, see Tsshutdn.
Back up your license server regularly.
Backing up your license server regularly protects data from accidental loss due to hardware or storage failure. Create a duplicate copy of the data on your hard disk and then archive the data on another storage device such as a removable disk or tape. In the event that the original data on your hard disk is accidentally erased or overwritten, or becomes inaccessible because of a hard disk failure, you can easily restore the data from the archived copy.
Use Add or Remove Programs in Control Panel to install applications on the terminal server. Using this method, you can install programs for multisession use. For more information about installing applications on a terminal server, see Starting the installation.
After you install Terminal Server, do not use Add or Remove Programs to switch Terminal Server on and off.
Terminal Server installs programs for use in a multisession environment. Programs that were installed while Terminal Server was installed might not work correctly when Terminal Server is uninstalled. Instead, reinstall all programs for use without Terminal Server if you decide to remove the component.
Check for application compatibility scripts before installing programs for use with Terminal Server.
Many commonly used programs have been tested for compatibility. Some programs require minor changes to the installation. Scripts are available for these programs and must be run after the program installation is complete. Scripts are located in the systemroot in \Application Compatibility Scripts\Install.
Configuring Terminal Services
Use Terminal Services Group Policy to configure one or more terminal servers, or to manage Terminal Server user settings. Terminal Server Group Policies can be applied on individual computers or on groups of computers belonging to a single organizational unit.
Use Terminal Services-specific groups
Create User Groups that are specifically for Terminal Services users. Maintaining users through groups is much easier and less time consuming than managing users individually.
Windows Server 2003 family server operating systems contain a default User group called Remote Desktop Users, which has been specifically created to manage Terminal Server users. This group is not populated by default. You must add users to the Remote Desktop Users group if you want them to be able to establish remote connections.
Use Terminal Services-specific profiles
Assign a separate profile for logging onto Terminal Services. Many of the common options that are stored in profiles, such as screen savers and animated menu affects, are not desirable when using Terminal Services. Assigning a specific profile allows users to get the most out of the system they are using without expending additional server resources. For information about assigning a Terminal Services specific profile, see Change a user's Terminal Services profile path.
Use mandatory profiles
Use a mandatory Terminal Services profile that is created to suit the needs of all of the different types of clients and that provides the best server performance. Be aware that 16-bit computers and Windows-based terminals might not support some screen resolutions.
Set time limits
Setting limits on the duration of client connections can improve server performance. You can set the limits on how long a session lasts, how long a disconnected session is allowed to remain active on the server, and the time allowed for a session to remain connected, yet idle. For information about setting session limits, see Configuring session limits.
Use the Starting program option
If you have users who need access to only one application on the terminal server, use the Starting program option to restrict users to that application. For more information, see Specify a program to start on session connection.
Create preconfigured connection files for users or groups of users
To make connecting to Terminal Services easier, you can supply users with preconfigured connection files. Collections of connection files can also be made either for different departments within your organization or for different job titles. preconfigured connection files are created using Remote Desktop Connection. For more information, see Managing Terminal Services connection files.