Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Terminal Services for Remote PVSS Access Peter Chochula ALICE DCS Workshop 21 June 2004 Colmar.

Published byClemence McCormick Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows Terminal Services for Remote PVSS Access Peter Chochula ALICE DCS Workshop 21 June 2004 Colmar."— Presentation transcript:

1 Windows Terminal Services for Remote PVSS Access Peter Chochula ALICE DCS Workshop 21 June 2004 Colmar

2 This talk is based on presentation given at JCOP Project Team meeting (June 17) This talk is based on presentation given at JCOP Project Team meeting (June 17) For full version please see: For full version please see:  http://agenda.cern.ch/fullAgenda.php?ida=a042724

3 Outline Motivation Motivation Technology : RDP, RDC, Windows Server 2003 Technology : RDP, RDC, Windows Server 2003 CERNTS, licensing issues CERNTS, licensing issues ALICE Test Setup ALICE Test Setup Tests to be performed Tests to be performed

4 Motivation for using TS Remote access to control systems is required by several groups Remote access to control systems is required by several groups We were looking for secure and reliable solution We were looking for secure and reliable solution Number of protocols passing through CERN’s firewall should be limited to minimum Number of protocols passing through CERN’s firewall should be limited to minimum CERN’s security team recommends TS in conjunction with PVSS remote UI as a preferred solution CERN’s security team recommends TS in conjunction with PVSS remote UI as a preferred solution

5 Remote Connection to Control Systems (basic ideas) Remote client CERN’s firewall W2003 TS Control System Remote desktop connection over VPN PVSS Remote UI PVSS Master Projects

6 Remote desktop clients (RDC) Implemented in Windows XP Implemented in Windows XP Clients available for Clients available for  Windows 95/98/98SE/ME/NT4/2k  Windows CE – allows for using palmtops on client side!  Linux  MAC OS X 10.2.8 or later Web based interface available for ActiveX enabled browsers Web based interface available for ActiveX enabled browsers

7 Benefits from TS and RDC Centralized maintenance of remote UI projects Centralized maintenance of remote UI projects  No need to install project on each client machine Low-bandwidth access to data Low-bandwidth access to data  Only screen view of the data is transmitted  RDP provides techniques such as data compression or persistent bitmap caching  Connection optimization based on network bandwidth High level of security High level of security  128 bit bi-directional RC4 encryption (client dependent)  Additional FIPS compliant encryption level

8 Overview of TS licensing Two licensing modes Two licensing modes  Per user  Per device License is issued to the client by the server License is issued to the client by the server  License server provides a pool of licenses  Licenses are not returned to the pool after disconnecting the session  E.g. a colleague using a laptop goes away with the license  Reformatting a client disk wipes out the license  Unused licenses will be returned to pool after a timeout period (~80 days) If the connection to licensing server is lost, TS issues temporary licenses to clients If the connection to licensing server is lost, TS issues temporary licenses to clients

9 TS at CERN Central service provided by CERN’s IT is now operational (CERNTS) Central service provided by CERN’s IT is now operational (CERNTS) User rights are restricted to minimum (basically the user is allowed to use only the Office applications) User rights are restricted to minimum (basically the user is allowed to use only the Office applications) No possibility to install new software by the user No possibility to install new software by the user PVSS support not foreseen PVSS support not foreseen

10 Cloning of CERN TS for experiments No manpower for central maintenance of additional TS available No manpower for central maintenance of additional TS available We were offered help with installation of the servers and setting-up of licensing and local policies We were offered help with installation of the servers and setting-up of licensing and local policies  Credits and thanks to Ruben D. Gaspar Aparicio BUT!: BUT!:  We can profit from CERN License Server  A reasonable number of licenses (~5000) available at CERN (out of them ~300 presently in use)

11 Test Setup in ALICE CERN network 2x W2003 Enterprise Edition running TS PVSS Master Projects RDC Private network RDC PVSS Master Projects

12 Tests to perform A preliminary list of tests to be performed has been prepared A preliminary list of tests to be performed has been prepared Some test were already done – as a proof of the concept Some test were already done – as a proof of the concept Systematic tests will be performed this summer Systematic tests will be performed this summer Everyone is invited to participate Everyone is invited to participate

13 Present Status 2 Servers installed (180 day trial of Enterprise Edition) and created remote UI projects 2 Servers installed (180 day trial of Enterprise Edition) and created remote UI projects  NLB cluster setup in progress – it will be setup on private network tested simultaneous access to 2 different PVSS projects (even across CERN’s firewall) using our TS tested simultaneous access to 2 different PVSS projects (even across CERN’s firewall) using our TS tested RDC with XP, Windows 2000, Windows 98 SE, Mac OS X and Linux tested RDC with XP, Windows 2000, Windows 98 SE, Mac OS X and Linux

14 Present Status our test server is recognized by CERN License server our test server is recognized by CERN License server  Seems to work (tested with ~20 simultaneous connections to WTS)

15 Performance of TS in case of network problems Loss of connection between RDC an TS Loss of connection between RDC an TS  This is not a problem, connection can be resumed even after days. (Can be of course killed by server) Loss of connection between TS and remote PVSS project Loss of connection between TS and remote PVSS project  If less thank 7s, it will be resumed  If the disconnection lasts more than 7 s, the remote UI manager has to be restarted – no effect on master project

16 Additional tests All tests should be done more systematically and with more realistic systems All tests should be done more systematically and with more realistic systems  So far we tried just to check the concept Identify bottlenecks (e.g. network influence) Identify bottlenecks (e.g. network influence) Understand user requirements Understand user requirements Study related technologies (e.g. SFU, SUS…) Study related technologies (e.g. SFU, SUS…)

17 Conclusions Concept of TS has been studied in ALICE Concept of TS has been studied in ALICE Test setup including 2 Enterprise servers is operational (we will be forced to reinstall at least one server by the end of July – grace period is over) Test setup including 2 Enterprise servers is operational (we will be forced to reinstall at least one server by the end of July – grace period is over) No major problems discovered so far No major problems discovered so far DCS Terminal service operational at CERN DCS Terminal service operational at CERN  Production version will be released by the end of August We will continue our tests and report the results We will continue our tests and report the results  Any help is appreciated

Download ppt "Windows Terminal Services for Remote PVSS Access Peter Chochula ALICE DCS Workshop 21 June 2004 Colmar."

Similar presentations

Anders Vinger, University of Oslo Personal Data Recovery The pain of laptops.

Anders Vinger, University of Oslo Personal Data Recovery The pain of laptops.
SLAC Remote Access and Citrix XPe Brian Scott SLAC May 2004.

SLAC Remote Access and Citrix XPe Brian Scott SLAC May 2004.
Remote access to PVSS projects and security issues DCS computing related issues Peter Chochula.

Remote access to PVSS projects and security issues DCS computing related issues Peter Chochula.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Jeff Patton & Doug Whiteley It Service Group IT Roundtable July 15 th, 2009 Thin Clients & Terminal Services.

Jeff Patton & Doug Whiteley It Service Group IT Roundtable July 15 th, 2009 Thin Clients & Terminal Services.
Understand Virtualized Clients 10753 Windows Operating System Fundamentals LESSON 2.4.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.

Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or 415.514-3333 UCSF Campus VPN.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.

IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.
Designing, Deploying and Supporting Windows Terminal Services At CERN by Ruben Gaspar IT – Internet Services Group CERN.

Designing, Deploying and Supporting Windows Terminal Services At CERN by Ruben Gaspar IT – Internet Services Group CERN.
Hands-On Microsoft Windows Server 2008 1 Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.

Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.
Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.
Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.

Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.
Microsoft Windows XP Remote Desktop Alvin Loh Program Manager Terminal Services Group.

Microsoft Windows XP Remote Desktop Alvin Loh Program Manager Terminal Services Group.
Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.

Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.

Similar presentations

Ads by Google