|
 |

|
|
Terminal Services Advanced Client (TSAC) FAQ
|
Posted: Tuesday, June 27, 2000
Q. Why are you releasing the TSAC now?
A. Many Microsoft customers have been asking Microsoft for the ability to run applications within a Web page without purchasing a separate add-on package. ISVs are looking to integrate Terminal Services sessions within their applications and an ActiveX version of the RDP client is the only way to do this.
Q. How will licensing work for the TSAC?
A. Terminal Services Licensing is the same as it is today; regardless of the client or protocol you use to connect to the server. Please refer to the Exploring Terminal Services Web page for licensing white papers and frequently asked questions.
Q. Are there any new protocol features in the TSAC not included in the previous RDP 5.0 Terminal Services client?
A. No - the feature set is identical for this version of the client.
Q. What versions of Internet Explorer does the TSAC run on? Will it run on Windows CE, a Macintosh or a UNIX version of Internet Explorer?
A. The TSAC only runs on the Windows 9x, Windows Millenium Edition (Windows Me), Windows NT (Intel only), and Windows 2000 operating systems using Internet Explorer 4 or later version. It is not supported on any other platform.
Q. Will the TSAC run on Windows-based Terminals powered by Windows NT-Embedded?
A. Yes – assuming the device is configured to allow ActiveX controls to be downloaded.
Q. Will the TSAC run natively in Netscape Navigator?
A. No. Netscape Navigator does not natively support ActiveX controls.
Q. I'm happy with the RDP 5.0 TS Client that came with Windows 2000. Should I upgrade to the new TSAC?
A. Microsoft will continue to support users who wish to use the previous client. However, the TSAC is the base for all Terminal Services Client development going forward, and customers will be asked to migrate to the new client for any fixes that require code changes to the client that shipped with Windows 2000 or Terminal Server 4.0. In addition, please see the next question related to this issue.
Q. I've just installed the Windows 2000 High Encryption Pack on my copy of Windows 2000 Server. I need a "high-encryption RDP client" in order to connect. Can I use the TSAC to do this?
A. Yes. The TSAC is a high-encryption RDP client and deploying it via a Web server or through IntelliMirror or SMS (using the Windows Installer version of the TSAC) will be the most convenient way of distributing a high-encryption RDP client to your desktops.
Q. What about the Windows for Workgroups client? TSAC doesn't work on Windows for Workgroups, so what is the future of that client?
A. The Windows for Workgroups client that ships with Windows 2000 Server is the last Microsoft supported 16-bit client. There will be no further versions of the RDP client for Windows for Workgroups. Microsoft will continue to support this client, but encourages customers to investigate the benefits of replacing these legacy PCs with Windows-based Terminals.
Q. Can I use the TSAC to connect to a server running Terminal Server 4.0?
A. Yes. The TSAC is backwards compatible and will connect to a server running Terminal Server 4.0. However, it will only support the RDP 4.0 feature set.
Q. Can I use the TSAC to remotely control a server running Windows NT Server 4.0?
A. No. The TSAC requires that Terminal Services and the RDP protocol is running on the host computer. Currently the only products that support this today are servers running Windows 2000 Server (with Terminal Services enabled) or Windows NT Server 4.0, Terminal Server Edition.
Q. When I access a Terminal Services session through a Web page, where is the TSAC actually running? Is there any communication between the Web server and the terminal server?
A. There is no direct communication between the Web server and the terminal server.
- When users navigate to the Web page containing the TSAC, it is downloaded to the client computer unless it exists on the client computer already.
- If it did not exist, once the Web page attempts to execute the control, users will receive a message asking whether they want to install the control (unless users have previously checked the "Always trust content from Microsoft" option).
- After clicking yes, or if the control was already installed on the client computer, the TSAC executes on the client computer using parameters that were set by the Web page.
- The TSAC, executing on the client computer, then connects to the terminal server as specified by the parameters that were set by the Web page, at which point users will receive a Windows logon screen.
Q. When the TSAC is running within a Web page, is it using TCP port 80 to communicate to the terminal server?
A. No. The TSAC uses the RDP TCP port 3389, regardless of whether it is running in a Web page, MMC console or the full client.
Q. Why can't I type a password into the Web page so I don't have to see a Windows logon screen?
A. Before the TSAC shipped, it went through a security review. Microsoft takes the security of its products very seriously and this feature was deemed to be a security risk.
Q. Does the TSAC support printing to a local printer? Remote Control? Clipboard Redirection?
A. The TSAC supports all of the RDP 5.0 features, including printing, clipboard redirection, virtual channels, remote control, and encryption.
Q. How do I turn on compression and persistent (disk) bitmap caching when using the TSAC within a Web page over a low bandwidth connection?
A. Compression and persistent bitmap caching are on by default when using the sample web pages that ship with the TSAC Web package. The use of compression is always recommended, but it may be desirable to turn off persistent bitmap caching in certain circumstances (for example, low disk space on the client). To turn it off, see instructions on the MSDN Web site.
Q. Does the TSAC utilize SSL encryption when it is running within a Web page?
A. No. TSAC uses the standard RDP encryption mechanism. In addition, please see the next question related to this issue.
Q. I'm worried about security. I understand that it's possible to sniff passwords from users logging onto a terminal server. Does the TSAC and RDP suffer from this same vulnerability?
A. Unlike some other display protocols which use an easily decodable "scrambling" algorithm, all of Microsoft's RDP clients, including the TSAC, have had built-in encryption from day one. This practically eliminates the possibility of deciphering the data stream to obtain sensitive data. The server determines the encryption strength that the TSAC will use (up to 128-bit in all languages worldwide). It will also connect using a 40-bit or 56-bit key if that is what the server is using.
Q. What encryption strength does the TSAC use?
A. The encryption for the TSAC depends on the server it is connecting to, but it will support up to 128-bit. The 128-bit client is available in all languages. It will also connect using a 40-bit or 56-bit key if that is what the server is using.
Q. Is there any additional documentation available on programming with the TSAC?
A. Yes. Please see the MSDN Web site .
Q. How long does the control take to download over a 28.8 kilobits-per-second connection?
A. Typically less than a minute. Once the control is downloaded, it will not be downloaded again unless a new version of the control is made available on the Web page.
Q. If I navigate to two different Web sites that use the TSAC, how many copies of the control will be installed on my computer?
A. Just one. As with any ActiveX control, if both sites use the same version of the control, it will only be downloaded from the first site visited by a user. If the sites have different versions of the control, only the newer version will be used.
Q. What about redistribution rights for the TSAC?
A. The TSAC can be downloaded to users from a Web site in its .cab file form. ISVs wishing to redistribute components of the TSAC setup programs or the setup program itself for inclusion within their own applications may do so if they abide by the terms of the supplemental EULA at the download location on the Microsoft Web site.
Q. Does the Terminal Services Advanced Client only connect to a Windows 2000 Advanced Server?
A. The Terminal Services Advanced Client connects to any computer with Terminal Services enabled, including the entire Windows 2000 server family, as well as Windows NT 4.0, Terminal Server Edition.
|
 |
Last Updated: Monday, October 16, 2000
© 2001 Microsoft Corporation. All rights reserved. Terms of use.
|
|