Christa Anderson Q&A: Securing Terminal Services

Vandana Sharma

Server-based computing introduces some unique security problems that don't enter into client-centric computing. Read Terminal Services expert Christa Anderson's answers to member questions from a recent webcast outlining approaches that will help you bridge those security gaps. If you missed the live event, be sure to register for the

    Requires Free Membership to View

archived version, along with other Terminal Services webcasts. Does Terminal Services allow connections to individual publishing applications such as Citrix, New Moon or Thinworx, as opposed to full desktop access?

Christa Anderson: You can create RDP connections to single applications that will end when the user closes the application window. However, this connection will have the RDP connection icon (as opposed to the one for the application being presented). It also does not prevent the user from gaining applications to other applications on the Terminal Server through back doors such as pressing Ctrl-Alt-Esc to open Windows Security. My printer drivers seem to be a chronic problem. Is there a central source for identifying or obtaining "approved" drivers?

Christa Anderson: Printer drivers ARE a chronic problem because they function partially in the kernel-mode memory area of the operating system. What that means is that if the drivers crash they take down everything; they don't run in a protected memory area like user-mode applications. Unfortunately, since no one company writes or approves printer drivers there isn't any kind of centralized source for tested drivers. You'll need to test them on your own. Is there any easy way to check and/or switch security compatibility mode in Terminal Services?

Christa Anderson: Yes. Open Terminal Services Configuration and look in the Server Settings folder. You can change the security settings from here. When do you think we will see SSL for RDP? Will that be in Win2003?

Christa Anderson: Windows Server 2003 is already out and has no SSL support for RDP. However, it's in Microsoft's interest to introduce it soon, so as to make Terminal Services a more attractive stand-alone solution. My Terminal Services licensing server has the wrong available license numbers put in. How can I correct this problem?

Christa Anderson: You'll need to call the Microsoft licensing clearinghouse to get this fixed. Their telephone number is in the activation wizard.


Christa Anderson is an internationally-known speaker and writer about server-based computing. Her books include Windows Terminal Services (Sybex, 2002), The Definitive Guide To MetaFrame XP (available from and she is co-author of the best-selling Mastering Windows Server 2003 (Sybex, 2003). You can sign up for her free e-mail newsletter at her server-based computing site:

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: