Archived from groups: microsoft.public.windowsnt.terminalserver.client (
More info?)
No, if you cannot afford more than one server license, then there's
nothing else you can do. But since this setup is likely to give you
problems, the costs in lost productivity and man-power could in the
(not so long) run be much higher than the initial costs of the
extra hardware and license.
The cheapest solution is to run the DC on minimal hardware, and to
use the most powerful hardware for your Terminal Server (because
you likely will be using the TS for more demanding applications in
the future).
But it's all a matter of priorities: if you are low on money and
don't mind some downtime to fix the server every now and then, and
don't count your own hours in doing so, you will be OK.
If you need high availability and security, I would invest in a
second server.
--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---
"=?Utf-8?B?SmltIE1hY0tlbnppZQ==?=" <Jim
MacKenzie@discussions.microsoft.com> wrote on 31 jan 2005 in
microsoft.public.windowsnt.terminalserver.client:
> Thanks that seems to work, costs mean only one server, can't
> affort two copies of windows server 2000, or is there some way
> of running TS without a second copy of win2K server? Should be
> no impact on performance in this case.
>
> thanks again,
> Jim
>
> "Vera Noest [MVP]" wrote:
>
>> OK, that explains it.
>> Running Terminal Services on a Domain Controller is *not*
>> recommended, because of the security risks (and in some cases:
>> performance impact).
>> If you want to continue with this setup, you have to modify the
>> Default Domain Controller Security Policy, and give your users
>> the right to Log On Locally there.
>> Note that this will give them this right on every DC!
>> Also note that by running TS on a DC, you have your users
>> running on your DC, as if it was their personal workstation.
>>
>> --
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>
http://hem.fyristorg.com/vera/IT
>> --- please respond in newsgroup, NOT by private email ---
>>
>> "=?Utf-8?B?SmltIE1hY2tlbnppZQ==?=" <Jim
>> Mackenzie@discussions.microsoft.com> wrote on 30 jan 2005 in
>> microsoft.public.windowsnt.terminalserver.client:
>>
>> > The server is running win 2k server, terminal server and is
>> > the domain controller. The application program does not tax
>> > the computer so everything is run together. Some
>> > workstations are running win98se and the others win2k.
>> > The 4 computers that are going to be using TS are running
>> > win2k.
>> >
>> > Jim
>> >
>> > "Vera Noest [MVP]" wrote:
>> >
>> >> What's the role of this server? stand-alone in a workgroup?
>> >> member server in a AD domain? DC?
>> >>
>> >> --
>> >> Vera Noest
>> >> MCSE, CCEA, Microsoft MVP - Terminal Server
>> >>
http://hem.fyristorg.com/vera/IT
>> >> --- please respond in newsgroup, NOT by private email ---
>> >>
>> >> "=?Utf-8?B?SmltIE1hY0tlbnppZQ==?=" <Jim
>> >> MacKenzie@discussions.microsoft.com> wrote on 30 jan 2005 in
>> >> microsoft.public.windowsnt.terminalserver.client:
>> >>
>> >> > Win2K server, in local security I added users to log on
>> >> > locally.
>> >> > "local policy setting" is checked, but "effective policy
>> >> > setting" is not checked. How do I give users this right?
>> >> >
>> >> > Jim
>> >> >
>> >> >
>> >> > "Vera Noest [MVP]" wrote:
>> >> >
>> >> >> Depends on the OS on your Terminal Server.
>> >> >> If it runs W2K: users must have the user right "Log On
>> >> >> Locally" If it runs 2003: users must be members of the
>> >> >> local group "Remote Desktop Users" on the TS.
>> >> >>
>> >> >> --
>> >> >> Vera Noest
>> >> >> MCSE, CCEA, Microsoft MVP - Terminal Server
>> >> >>
http://hem.fyristorg.com/vera/IT
>> >> >> --- please respond in newsgroup, NOT by private email
>> >> >> ---
>> >> >>
>> >> >> "=?Utf-8?B?SmltIE1hY0tlbnppZQ==?=" <Jim
>> >> >> MacKenzie@discussions.microsoft.com> wrote on 29 jan 2005
>> >> >> in microsoft.public.windowsnt.terminalserver.client:
>> >> >>
>> >> >> > A user gets "the local policy of this system does not
>> >> >> > allow you to logon interactively" when trying to
>> >> >> > connect to the server. Administrators have no problem
>> >> >> > connecting. What needs to be changed/set for users to
>> >> >> > connect with terminal server?
>> >> >> >
>> >> >> > thanks
>> >> >> > Jim
Facebook
Twitter
Instagram