TSAC: RDP Terminal Services Meet the Web
Microsoft sometimes over-hypes products that turn out to be whopping disappointments, and other times the company slips crucial and useful features into new service packs or upgrades without fanfare. An example of the latter is the Terminal Services Advanced Client (TSAC), which Microsoft ships on the Win2K Service Pack 1 (SP1) CD-ROM and provides for download at http://www.microsoft.com/windows2000/downloads/recommended/tsac. (TSAC isn't part of the service pack installation and isn't in the Web-downloadable version of SP1.) TSAC provides Win2K's RDP-based Terminal Services with a Web-based client, a feature that earlier Windows versions lack.
TSAC is an add-on for any Win2K or NT 4.0 server running Microsoft Internet Information Server (IIS) 4.0 or later. Installing TSAC on an IIS server enables the server as a Terminal Services gateway of sorts; a system that can distribute and direct Web-based Terminal Services client sessions.
The client side of TSAC works as follows: A remote client using Microsoft Internet Explorer (IE) connects to a TSAC-enabled IIS server that connects the client to a page, which Figure 6, page 48, illustrates, that lets the client connect to a Terminal Services server within the organization. At that point, the IE client also downloads an ActiveX version of the RDP Terminal Services client that ships with Win2K (if the client doesn't already have it). After downloading the software, the client can run terminal server sessions within the browser window or full-screen.
What makes the TSAC client particularly useful is its accessibility. You can easily distribute the client to and run it from within any IE browser that permits downloading and running ActiveX controls. In addition, TSAC extends the accessibility of Terminal Services for administrators because you can theoretically perform remote administration from any IE Web browser that can access the server.
Be aware that TSAC doesn't fundamentally change the way that clients connect to Terminal Services-enabled Win2K servers. Although the TSAC-enabled IIS server provides a connection point to Terminal Services servers, the TSAC-hosting IIS server doesn't need to be running Terminal Services. The IIS server is simply a distribution and connection point for remote clients. In addition, although clients connect through this TSAC-enabled gateway Web server, the final connections between the remote client and the server are ultimately made directly and not passed through the Web server. As typical RDP Terminal Services traffic does, these sessions use TCP port 3389, which you'll need to permit through your firewall if you're supporting Internet-based TSAC or typical Terminal Services connections.
TSAC isn't the only Web-based RDP client. HOB's HOBLink JWT (Java Windows Terminal) is a Java-based RDP 5.0 client that can access any RDP-based terminal server, including Win2K Server and WTS (see Jonathan Chau, "HOBLink JWT 2.1," January 2001). This solution provides an alternative for non-IE users and those interested in additional features that TSAC doesn't provide. For more information about TSAC, see "Related Articles in Previous Issues," page 50.
Four Heads Are Better than One
By default, TSAC connections use an HTML file called default.htm, which contains VBScript code sufficient to display a terminal server session within the browser window. However, while perusing my Web server's TSAC-related files, I happened upon another file called manyservers.htm. A quick review of the TSAC documentation revealed that Microsoft included this file as an example of how to display multiple Web servers within one browser window. I thought this capability might be useful for administrative purposes, so I connected to the TSAC server, this time specifically referencing the manyservers.htm file in the URL.
Manyservers.htm displayed four terminal server windows in one browser page. However, all four connections were to the same server, which isn't very useful. In reading the documentation and examining the HTML file, I discovered that this file is an incomplete product that isn't well documented and doesn't quite work as advertised. Unwilling to be daunted by the disappointing performance of manyservers.htm, I decided to attempt to modify the file to work the way I originally expected it to: Display four windows representing connections to four servers in one browser page. My experiment was successful, and after some tweaking, I managed to get the page to query for and display as many as four separate servers on one page. I have since used this page, which Figure 7 shows, on the road in situations in which I want to examine several servers at once.
The modified manyservers.htm code that I created, which Listing 1 shows, generates this four-server administration console. If you decide to similarly customize your manyservers.htm file, before you start, rename the original file or at least back it up. Also, if you want to display your company's logo, change the HTML tag in Listing 1 that refers to MYLOGO.bmp to the file of your choice. You can also simply omit this tab if you don't want to display a graphic on the page.
A New Day for Remote Administration
The introduction of Terminal Services and remote-administration mode as standard offerings in the Win2K Server product family brings a new level of manageability to Win2K. The SP1-provided TSAC further enhances the usability of Terminal Services by providing a Web-based client that you can use to remotely support your servers from virtually any location. Although Terminal Services doesn't resolve the desktop-side of the remote-administration equation, third-party freeware, shareware, and commercial products on the market provide these features at little or no cost. If you haven't done so already, I highly recommend enabling Terminal Services remote-administration mode on every Win2K server in your enterprise.
End of Article
)
.microsoft.com/windows2000/downloads/
recommended/tsac. To get the customized manyservers.htm file that I included in the article, go to http://www.win2000mag.com, enter 20043 in the InstantDoc ID text box, and click Download the code in the Article Information box. Simply copy the listing into any text editor and follow the instructions in the article to customize the code for your network environment.<br>
<i>--Sean Daily</i>
Sean Daily June 19, 2001