Improvements in Remote Desktop Client
Other improvements to Windows Server 2012 RDS
include updates to the Remote Desktop Protocol (RDP) and Remote Desktop
Client (RDC).
The latest versions of the RDC support the following:
• Video support up to 4,096 x 2,048—Users
can use very large monitors across an RDP connection to view data off a
Windows Server 2008 Terminal Services system. With Windows Server 2012
RDS, the latest support has been extended to support DirectX 9, 10, and
11 redirection.
• Multimonitor support—Users
can also have multiple (up to 10) monitors supported off a single RDP
connection. For applications like computer-aided design (CAD),
graphical arts, and publishing, users can view graphical information on
one screen and text information on another screen at the same time.
• Secured connections—The
latest RDP clients now provides for a highly encrypted remote
connection to an RDS system through the use of Windows Server 2012
security. Organizations that need to ensure their data is protected and
that employee privacy is ensured can implement a highly secured
encrypted connection between a Windows Server 2012 RDS system and the
remote client.
RDS Web Access
Also new to Windows Server 2008 and extended
in Windows Server 2012 RDS is a role called RDS Web Access. RDS Web
Access allows a remote client to access an RDS session without having to launch the RDP client, but instead connect to a web page, similar to that shown in Figure 1,
that then allows the user to log on and access his or her session off
the web page. This simplifies the access method for users; where they
can just set a browser favorite to link them to a URL that provides
them Terminal Services access.
Figure 1. RDS Web Access.
RDS Gateway
RDS Gateway is an update to Windows Server
2012 RDS and provides the connectivity to an RDS session over a
standard port 443 SSL connection. In early releases or RDS, users could
only connect to Windows RDS using a proprietary port 3389 connection.
Unfortunately, most organizations block nonstandard port connections
for security purposes, and so if a user was connected to an Internet
connection at a hotel, airport, coffee shop, or other location that
blocked nonstandard ports, the user could not access Terminal Services.
Now with RDS Gateway, the remote user to the
RDS Gateway connection goes over port 443, just like surfing a secured
web page. Because of the use of SSL in web page access (anytime someone
accesses a web page with https://), a user can now effectively access
Windows Server 2012 RDS from any location.
RDS RemoteApps
Another server role added to Windows Server
2008 and updated in Windows Server 2012 is called RDS RemoteApps. RDS
RemoteApps enables administrators to “publish” certain applications for
users to access. These applications could be things like Microsoft
Outlook, Microsoft Word, the company’s timesheet
tracking software, or a customer relationship management (CRM) program.
Instead of giving users full access to a full desktop session complete
with a Start button and access to all applications on the session, an
organization can just publish a handful of applications that it allows
for access.
Leveraging group policies and Network Policy
Server, along with RDS RemoteApps, the administrators of a network can
publish different groups of applications for different users. So, some
users might get just Outlook and Word, whereas other users get Outlook,
Word, and the CRM application. Add in to the policy component the
ability to leverage network location awareness (new to Windows Server
2012 and covered in the earlier section “Improvements in the Group
Policy Management”), the administrators of the network can allow
different applications to be available to users depending on whether
the user is logging on to the network on the LAN or from a remote
location.
Beyond just limiting users by policy to only
the programs they should have access to, RDS RemoteApps minimizes the
overhead for each user connection because the user no longer has a full
desktop running, but only a handful of applications deemed necessary
for the remote user’s access.
Remote Desktop Virtualization Host for VDI
Lastly, a completely new role added to
Windows Server 2008 and also greatly enhanced in Window Server 2012 is
the Remote Desktop Virtualization Host (RDVH) role that provides
Virtual Desktop Infrastructure (VDI) functionality. Instead of RDS that
provides a one-to-many experience, where effectively a single server
instance is shared across multiple users, VDI provides a one-to-one
virtual guest session relationship between the server and remote
client. When a VDI client user logs on to a guest session, a dedicated
guest session is made available to the user with a separate client boot
shell, separate memory pool allocated, and complete isolation of the
guest session from other guest sessions on the host server.
Windows Server 2012 VDI provides two
different VDI modes. One mode is a personalized desktop, and the other
is a pooled desktop. The personalized desktop is a dedicated guest
session that users have access to each and every time they log on to
the VDI server. It is basically a dedicated guest session where the
image the guest uses is the same every time. A pooled desktop is a
guest session where the user settings (favorites, background, and
application configuration settings) are saved and reloaded on logon to
a standard template. Actual guest session resources are not permanently
allocated but rather allocated and dedicated at the time of logon.
Windows to Go
Windows to Go is a great addition to
Windows Server 2012, where effectively Windows is installed on a USB
drive and Windows can be booted from the thumb drive. By having a
bootable thumb drive, organizations can allow users to use various
desktop and laptop systems that may otherwise be installed and
configured with a different operating system or configuration (for
example, a home system) but booted to the thumb drive that has a secured
version of an organization’s operating system and applications. Windows
to Go helps organizations maintain security of system configurations
while allowing employees to retain personal laptop or desktop
configurations.
