At the company I work for, we run Microsoft Server 2003 and II6, as we are an .NET shop. We have a very loose shop, with few rules and restrictions in place for our team(s) and would like to keep it this way. I am the main systems admin for our company, and am looking for some expert advice.
We have two datacenters, with several server farms/clusters that run IIS6 for our client(s.) We do not have an exact code deployment process at this time, so our developers usualy deploy code manualy to each server farm (we typicaly have 2 load balanced servers in each farm) via windows file share/smb. We have a T1 that connects our datacenter's and office togethor, and will be expanding it to either a bonded T1 or use some form of MPLS to route our internal trafic between these locations.
Our developers are asking that we run terminal services on our production IIS servers, so that they can all have an open remote desktop session open when they are deploying code. It is in my opinion that this is a very bad idea, but I do not have the facts to back it up. I am still trying to get them away from using remote desktop, as their is no purpose for them to use it as they can manage IIS with an MMC as well as all other tasks that they need to perform. Most of our development team has administrative credentials to our IIS servers, so that they can make changes to our IIS infrastructure as needed, but this is going to change as our policies get put in place. I am looking for some technical answers as to why it would be bad to run terminal services (other than the default administrative 2 user log in) on these servers, and or if it is an acceptable thing to do.
Start Free Trial
