Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.
-
date post
19-Dec-2015 -
Category
Documents
-
view
237 -
download
3
Transcript of Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.
![Page 1: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/1.jpg)
Windows Server 2008 R2: Remote Desktop Services od A do Ž
Luka ManojlovićMA-NO d.o.o.
![Page 2: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/2.jpg)
![Page 3: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/3.jpg)
Gremo! Demo!
![Page 4: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/4.jpg)
![Page 5: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/5.jpg)
Connection Brokering arhitektura
RD Redirector
RD ServerConnection Broker
Client
TSVTSVTSVVM
TSVTSVTSVVM
Hyper-V
Hyper-V1.Connect
2.Get Target 4.Return Target
3.Prepare/Start VM
5.RedirectTo VM
6.Connect to VM
![Page 6: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/6.jpg)
• Poganjamo aplikacije ali predstavljamo namizje z enega računalnika (strežnika) na drugem
• “Oddaljimo” uporabniško izkušnjo z uporabo remote desktop protokola
Remote Desktop Services v Win2K8 R2
![Page 7: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/7.jpg)
Kaj so terminalske storitve?Skupek orodij za oddaljeni dostop do
namizja računalnikaUporabljajo protokol RDPVrata TCP 3389Od nas proti strežniku se prenašajo– Tipkovnica in miška
Proti odjemalcu se prenaša– Slika
![Page 8: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/8.jpg)
Sejno bazirana infrastruktura
• Aplikacije se poganjajo na cetralnem strežniku• Dovoljuje uporabnikom skupno rabo sistema• Uporabniki so izolirani v sejah
![Page 9: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/9.jpg)
Virtual Desktop Infrastructure
Poganjanje virtualnih strojev na skupnem strežnikuS tem damo posameznemu uporabniku lasten operacijski sistem– Trajen / oseben– Začasen
![Page 10: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/10.jpg)
Kaj imamo na voljo?
RD LicensingRD Server
Virtual desktopServer
Connection Broker
RD Gateway
Client
RD Web Access
RD strežnik poganja aplikacije in jihprikazuje odjemalecem v sejah
Virtual desktop server poganja virtualne strojeza uporabnike
![Page 11: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/11.jpg)
Kaj vidim?
RD LicensingRD Server
Connection BrokerRD Web Access
RD Gateway
Client
RD Web Access server prikazuje objavljene aplikacije alioddaljena namizja
Virtual desktopserver
ConnectionBrokerpoganja storitve za objavo in pravilno razporejanje obremenitve med RD strežniki
![Page 12: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/12.jpg)
Kako se povezujem?
RD LicensingRD Server
Connection Broker
RD Gateway
Client
Connection Broker pošilja oziromaprevsmerja prihajajoče povezave napravilne končne destinacije
RD Web Access
Virtual desktopserver
The RD Gateway strežnik pa ponuja novovarno možnost dostopa do strežniške aliodjemalske infrastrukture znotraj omrežja
![Page 13: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/13.jpg)
Kako pa licenciram?
RD LicensingRD Server
Connection Broker
RD Gateway
Client
RD Licensing Server ureja distribucijo insledljivost TSCAL-ov, ki jih potrebujemoza dostop do oddaljenih storitev
RD Web Access
Virtual desktopserver
![Page 14: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/14.jpg)
Varujmo internetno povezljivost
• Pred prihodom WS08, sta bili na voljo dve možnosti za oddaljen dostop z uporabo terminalskih storitev:– Odpiranje vrat TCP 3389– Nastavitev VPN povezav
• Z uporabo RD Gateway sistema lahko:– Vzpostavimo varno povezavo preko vrat 443 oziroma HTTPS
brez uporabe nerodnih VPN povezav– Omejimo dostop samo določenim uporabnikom– Omejimo dostop do virov v omrežju
![Page 15: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/15.jpg)
Kako RD Gateway deluje?DMZ
HTTPS / 443
Internet Corp LAN
RD Server
HotelEx
tern
al F
irew
all
Inte
rnal
Fire
wal
l
Home
Business Partner/Client Site
Other RDPHosts Eg. Desktops
RDVServer
Internet
Tunnels RDP over RPC/HTTPS
Passes RDP/SSL traffic to TS
Strips off RPC/HTTPS
Network Policy Server
Active Directory DC
RD Gateway Server
![Page 16: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/16.jpg)
Srečanje MSDN in TechNet
TS Gateway – primer II (WAN to LAN and WAN)
![Page 17: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/17.jpg)
RD Gateway – primer I (WAN to LAN)
![Page 18: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/18.jpg)
RD Gateway – primer I (WAN to LAN)
![Page 19: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/19.jpg)
Connection Authorization Policies
Katere avtentikacijske metode so na voljo
Kateri uporabniki se lahko povezejo?
S katerih računalnikov se lahko povežejo?
![Page 20: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/20.jpg)
Connection Authorization Policies
Kontrola nad prevsmerjenemi napravami
Omogočanje oziroma onemogočanje uporabe naprav
![Page 21: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/21.jpg)
Resource Authorization PoliciesControl what computers can be connected to by Active Directory Security Group…
… or by TSG managed groups
Control what ports canbe connected
![Page 22: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/22.jpg)
Easy print in Display Data prioritization
Easy print je univerzalen tiskalniški gonilnikNa terminalski strežnik ni potrebno instalirati gonilnikovUporabnikom omogoča uporabo lastnih tiskalniških nastavitevDejansko “skoči” ven nako pogovorno okno, kot na lokalnem računalnikuSpooler hitreje oštevilči preusmerjene tiskalnike – hitrejša prijavaAdministrator ne vidi več kopice preusmerjenih tiskalnikovNastavmo lahko per session default printerKrajša imena tiskalnikov, ki so preusmerjeni %printername% (%session id%)Podatki potujejo v XPS XML Paper specification formatuIn v praksi...
22
![Page 23: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/23.jpg)
![Page 24: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/24.jpg)
![Page 25: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/25.jpg)
Easy print in Display Data prioritization
Privzeto nastavljeno razmerje 70:3070 % slika30 % podatki preko preusmerjenih virov oziroma tiskalniške storitve
Za nas, ki imamo radi registry pa...HKLM\System\CurrentControlSet\Services\TermDD
FlowControlDisable – FIFO ali KPPPMFlowControlDisplayBandwidth – privzeto 70FlowControlChannelBandwidth – privzeto 30FlowControlChargePostCompression – privzeto 0 – kalkulacija se vrši na podlagi post-compression bytes
Spremembe registra zahtevajo ponovni zagon “Terminal services” storitve
25
![Page 26: Windows Server 2008 R2: Remote Desktop Services od A do Ž Luka Manojlović MA-NO d.o.o.](https://reader036.fdocuments.net/reader036/viewer/2022081512/56649d2f5503460f94a06799/html5/thumbnails/26.jpg)
Click to edit Master title styleClick to edit Master text styles
Lorem ipsum– Second level