Q

Controlling Terminal Services licensing

Are you aware of any products that can control Terminal Services licensing and prevent unauthorized devices from stealing licenses from our production licensing server? Any help would be appreciated.
This is sort of a two-part question with no simple answer. So far as clients are concerned, install SP3 (or the post-SP2 hotfix for licensing, if you're not using SP3) on the server. This will keep the server from issuing a license to a machine before the user is authenticated. This will be ineffective with users who are permitted to log onto the terminal server, but at least it ensures that only those allowed to log on are using licenses. The new policy controlling whether logons are permitted through Terminal Services applies to users and groups and not to client computers, so this won't help you.

For machines using Windows XP, you can apply software restriction policies to prevent them from running the remote

desktop connection (mstsc.exe). Your only real recourse for earlier versions of Windows is not to install the Remote Desktop Protocol (RDP) client. (XP clients can draw from the Unlimited pool for Win2k terminal servers, but new XP clients will need their own Terminal Server Client Access License (TSCAL) for Win2k3 terminal servers.)

Server-side, you can stop people from launching rogue application servers that access the license server by using the License Server Security group policy (found in Windows ComponentsTerminal ServicesLicensing). This policy is available only to Win2k3 terminal servers.

This was first published in July 2003

Dig deeper on Terminal Services and Remote Desktop Services

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchEnterpriseDesktop

SearchServerVirtualization

SearchCloudComputing

SearchConsumerization

SearchVMware

Close