Agree, like I said, forgotten more about Terminal Services than I care to admit, again moved on to greener and more important pastures in information security realm, so trying to tie up loose ends before I drop this off my plate also.
Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Michael B. Smith [mailto:[email protected]] Sent: Tuesday, May 17, 2011 12:49 PM To: NT System Admin Issues Subject: RE: Questions on WIndows 2008 Terminal Services Long ago, the PM told me that they needed to ensure that people didn't think that they do the same thing. 'cuz they don't. The other option was to allow /console for 2003 and 2000 connections (downlevel) and disallow it for 2008+ (uplevel) connections; then allow /admin for 2008 (and up) but disallow it for 2003 and 2000. They deemed that to be too confusing. To which I guess I agree. I moved on to fight other battles. :-P Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andrew S. Baker [mailto:[email protected]] Sent: Tuesday, May 17, 2011 12:41 PM To: NT System Admin Issues Subject: Re: Questions on WIndows 2008 Terminal Services I'll still never get why they just didn't make /console and /admin operate the same way in the new OS, and then deprecate /console *later*. ASB (Professional Bio <http://about.me/Andrew.S.Baker/bio> ) Harnessing the Advantages of Technology for the SMB market... On Tue, May 17, 2011 at 12:36 PM, Michael B. Smith <[email protected]> wrote: I believe this responds to all your questions and concerns: http://blogs.msdn.com/b/rds/archive/2007/12/17/changes-to-remote-adminis tration-in-windows-server-2008.aspx And no, you don't need the print-server role. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, May 17, 2011 12:24 PM To: NT System Admin Issues Subject: RE: Questions on WIndows 2008 Terminal Services The issue is my helpdesk had to Remote into the Terminal Servers in Windows 2003 R2 to fix printer issues, from re-directed sessions, and now that there is no Console Session ( to give the Local Desktop in Windows 2008) they don't have that ability. Also I am wondering for TS easy-print to work in Windows 2008 Terminal Services Application Mode, does the print-role need to be added to the Terminal Services? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] <mailto:email%[email protected]> Cell:401-639-3505 From: Michael B. Smith [mailto:[email protected]] Sent: Tuesday, May 17, 2011 12:18 PM To: NT System Admin Issues Subject: RE: Questions on WIndows 2008 Terminal Services What is the actual issue? The concept behind a "console session" changed starting with Vista/2008 because of "Session 0 isolation". Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, May 17, 2011 12:16 PM To: NT System Admin Issues Subject: RE: Questions on WIndows 2008 Terminal Services No, Its running in Application mode ( Or Terminal Services App Role in Windows 2008) Seems like access to the local desktop is not allowed now to logon to the console session if you are running a default application on the TS Connection. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] <mailto:email%[email protected]> Cell:401-639-3505 From: James Rankin [mailto:[email protected]] Sent: Tuesday, May 17, 2011 11:57 AM To: NT System Admin Issues Subject: Re: Questions on WIndows 2008 Terminal Services Is it not /admin now? On 17 May 2011 16:55, Ziots, Edward <[email protected]> wrote: I have a question, we have two Terminal servers that are setup to run a specific application, but with this configuration I can't use the /console switch to get access to the Local Desktop itself via a Terminal Services connection. Any idea how to get around that accordingly? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] <mailto:email%[email protected]> Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are disclosed in any way my lawyers will swoop down from black helicopters like Seal Team Six and drag you away with a black bag over your head. They will then take you to a secret prison and make you fight to the death with other people who dared to share this email. You will be given a large bowie knife and a supply of methamphetamines while I watch the said deathmatch and wager vast sums of money on who will be the winner. If the fight becomes boring or there is a stalemate, I will release rabid dogs and my two-stone cat into the arena to liven things up a bit. If these animals become in any way docile, I will squirt them with water pistols until they become a bit more temperamental. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
