Configure Terminal Server Settings
Applies To: Windows Server 2008
To define how users will connect to the terminal server (or terminal server farm) to access RemoteApp programs, you can configure terminal server deployment settings.
To configure terminal server settings
In the Actions pane of TS RemoteApp Manager, click Terminal Server Settings. (Or, in the Overview pane, next to Terminal Server Settings, click Change.)
On the Terminal Server tab, under Connection settings, accept or modify the server or farm name, the RDP port number, and server authentication settings.
If the Require server authentication check box is selected, consider the following:
- If any client computers are running Windows Server 2003 with SP1 or Windows XP with SP2, you must configure the terminal server to use a Secure Sockets Layer (SSL) certificate. (You cannot use a self-signed certificate.) - If the RemoteApp program is for intranet use, and all client computers are running either Windows Server 2008 or Windows Vista, you do not have to configure the terminal server to use an SSL certificate. In this case, Network Level Authentication is used.
To provide a link to the full terminal server desktop through TS Web Access, under Remote desktop access, select the Show a remote desktop connection to this terminal server in TS Web Access check box.
Under Access to unlisted programs, choose either of the following:
Do not allow users to start unlisted program on initial connection (recommended)
To help protect against malicious users, or a user unintentionally starting a program from an .rdp file on initial connection, we recommend that you select this setting.
This setting does not prevent users from starting unlisted programs remotely after they connect to the terminal server by using the RemoteApp program. For example, if Microsoft Word is in the RemoteApp Programs list and Microsoft Internet Explorer® is not, if a user starts a remote Word session, and then clicks a hyperlink in a Word document, they can start Internet Explorer.
- **Allow users to start both listed and unlisted programs on initial connection**
If you choose this option, users can start any program remotely from an .rdp file on initial connection, not just those programs in the RemoteApp Programs list. To help protect against malicious users, or a user unintentionally starting a program from an .rdp file, we recommend that you do not select this setting.
- When you finish, click OK.