Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Peter Meister (petermeiMICROSOFT.COM)
Date: Tue Mar 06 2001 - 09:55:06 CST
The Technet article articulates that sharing components are disengaged, but
as i said earlier.. You must have multi-mode inplace inorder to access
Remote Admin more than one time. I have a system i just tested your method
of Notepad.exe running on a system set to remote admin. After launching the
Notepad.exe for Admin1 user his process ID for Notepad.exe is (2600) then
engaged Admin2 user on the same remote admin terminal server and launched
Notepad.exe and his process ID was (2704).
This clearly shows and you can test if need be that when a user whether in
Remote Admin or App Mode executes a .exe file when logged in they are
executing it in there own Process ID and Kernal Space. This is Multi-mode
execution....If we do not do this then every concurrent user in Remote Admin
would collide with each others Process ID's and either corrupt the session
app or in essense crash the Kernal. Even if Administrator user comes in to
the same box on seperate RDP channels the Administrator account is running
in multi-mode. Try it, i would also love to see how you accomplish your East
/ West notepad.exe share as ive tried on multiple Remote Admin machines and
its impossible to reproduce this...
Please test this if you like, so there is no confusion the article in
TECHNET is not explaining itself in full completeness.
Chapter 16 only indicates that the mode set in App mode is different then
that of App Mode, this is correct...but the Remote mode and App mode must
have application executable seperation in order to produce stable mult-admin
connections....I hope this helps you, i hope this clarifies and answers your
question. Please try my test and the results should make clear that the apps
are seperated in there own Kernal Space with Seperate Process ID's for each
app the user fronts whether in App Mode or Remote Admin mode.
Terminal Server SME
From: Laura A. Robinson [mailto:larobinsbellatlantic.net]
Sent: Tuesday, March 06, 2001 5:44 AM
To: Peter Meister; FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Win2K Terminal Service as Web Server Admin Tool
> Laura is 80 % correct...Remote Admin limits but its Mult-user
> to clarify Windows XP does not change this or do it any different then W2K
> did. You can't execute Word.exe 2 times and not be in Mult-mode ....thus
> essense Multi-user is default when Terminal Server is deployed, either in
> Remote Admin or App mode. The limitations are by deployment design, not
> multi mode execution..
> Terminal Server SME - Microsoft
Will the Resource Kit and online documentation be updated to change
information such as what I've copied and pasted below?
"Remote Administration mode only installs the remote access components of
Terminal Services. It does not install application sharing components. This
means you can use Remote Administration with very little overhead on mission
critical servers. Terminal Services allows a maximum of two concurrent
Remote Administration connections. No additional licensing is required for
those connections, and you do not need a license server. "
Additionally, when I connect twice to a terminal server licensed in remote
admin mode, I share a single session and am actually able to interact with
that session from either machine. In fact, a friend and I once used this to
test his terminal server. He was on the West coast, I was on the East coast,
and we used notepad in the session to communicate with one another.
I'm not trying to challenge the information you've provided; I'm just
attempting to clarify whether or not I am misunderstanding you.