Solved

Terminal Server Question

Posted on 2008-10-21
6
229 Views
Last Modified: 2012-05-05
Hello - I have installed Terminal Server (10 Licenses) and I'm wondering if logging into my Filserver where Terminal Server is installed multiple times with same user name from active directory would cause any issues.
0
Comment
Question by:nimdatx
6 Comments
 
LVL 3

Accepted Solution

by:
Darksied9 earned 425 total points
ID: 22772525
As a best practice, it is best to logout each time you end a remote desktop session.  However when you disconnect without logging in the system should put you back to the most recent inactive session.  If you have 6 people all logging in with the same user name they will each get a new session if none of the existing sessions are inactive currently hence eating up multiple terminal server sessions.

You could run into an issue where you logged in to one session and are running some application, you walk away and 15 minutes (or whatever you have inactivity set to) later that session goes idle along with two others (say three people go to lunch at the same time).  When you get back, all three of you login with the same user name.  You won't know which session you will get back.

Best practice...don't login multiple times with the same account.
0
 
LVL 14

Assisted Solution

by:dfxdeimos
dfxdeimos earned 50 total points
ID: 22772555
Well, you have the Terminal Session and the Console Session (locally logged in).

If you log in via RDP (terminal session), kill the session (without logging out) and then log back in you are just going to reconnect to the same session.

So really you could only be logged in a maximum of twice, only one of which would eat up a TS license (because the other one is local).
0
 
LVL 18

Assisted Solution

by:Americom
Americom earned 25 total points
ID: 22773351
Try not to logon multiple sessions with the same account, you will eventually run into problems.
Can't think of any reason you would use the same user account to do multiple sessions. Sharing account is bad practice when comes to accountability. 6 sessions with the same account will still take out 6 TS CALs.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 14

Assisted Solution

by:dfxdeimos
dfxdeimos earned 50 total points
ID: 22773740
Well, it would be accurate to say that it would cause accountability issues. It wouldn't "hurt" anything though.
0
 
LVL 1

Author Comment

by:nimdatx
ID: 22786439
The reason I'm using multiple TS clients/Licenses is that I've configured a SSL (Sonicwall SSL 2000) to allow outside connection into a applications our doctors can access securely. It's a virtual office portal they log into (Autenticating through AD w/ their assigned username/password) from outside and I have assigned bookmarks that they have access to the application software of my choice. This bookmark is utilizing RDP w/ActiveX and I simply point it to the FILESERVER IP and I have selected ONE Username that I have created a Policy (Lockdown), so the doctors do not see anything else except Icon on desktop of the application software. I decided to just use one account (user name/password) and apply this policy onto the configuration on SSL/AD. I guess the reason is cause I do not want this policy to be applyed on their account they use in the office. They still have to use their AD account to get into the SSL virtual office, the second account is just a Bookmark I've created utilizing this single account behind the scene. It's been working, however I have noticed that if the doctors do not log out properly and another logs on to the same system, they will see the last session that was logged in. If I have more then one user logged into this account from multiple systems, it seems to be working.

If I have locked down policies for this account - then accountability is not an issue?

I guess I'll read up more on TS.

I appreciate all your help!
 
0
 
LVL 3

Expert Comment

by:Darksied9
ID: 22812879
There is an option in TS Configuration Manager for automatically logout and reset the session when the user disconnects...that would do you.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now