Solved

Terminal Services - Server 2003...question

Posted on 2006-11-15
6
218 Views
Last Modified: 2010-04-18
Hi there

Finding Terminal services is a little confusing

We want to deploy a single windows server 2003 std edition, setup as a DC with Active directory.
We want to allow remote desktop users access an application on this server / file share etc.
From what understand that you should not (according to MS) have terminal services running on a DC from a security perspective, but is that the only reason? Is it technically possible?

Am I correct in saying that you only need to install terminal services licensing if you want to centrally distribute TS licenses to users who want to access multiple servers. Finally am I correct in saying that TS licensing will not run on a DC?

Thanks
John
0
Comment
Question by:ggntt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 2

Accepted Solution

by:
sscuser earned 84 total points
ID: 17949230
Yes and No....er Yes, Yes, and Not quite...

Yes you can install it on a DC and, for the most part, it's strictly a security issue...BUT depending on the size of your forest/domain you would want to avoid putting TS on a tasked DC...TS is very resource intensive and could affect your AD performance depending on the amount of GP/Scripting/Logons/Logoffs, etc

You must have TS licensing installed and it can be installed on a DC to my knowledge...I've never had any issues with it.
0
 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 83 total points
ID: 17951406
yes its pretty much security related, usually its best to have term serv on a separate server and the licence server on the DC, however, understandably its not always feasible...
0
 
LVL 1

Assisted Solution

by:weblinktech
weblinktech earned 83 total points
ID: 17953753

I have a Terminal Server running as a Domain Controller on three of our servers.
There isn't a problem doing this, except you will want to make sure that your users are restricted in their sessions and folder rights.
And, of course, giving them anything other than user access is definitely out.

We are now moving to a Terminal Server cluster and seperate DNS and PDC servers, but it has worked great for us for 2 years now.

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question