10 Tasty Terminal Server Tools

Choosing the right Terminal Server admin tool can be a little like concocting the perfect latte.

In the espresso world, it's called the "god shot." It's that stunningly perfect combination of correct pressure, stable temperature, fresh beans and barista technique which produces a cup that makes you swear there's a higher power. It's hard to make a god shot and even harder to make one consistently, but the central requirement in producing one is a good set of espresso-making tools.

Terminal Servers are no different. When you're playing systems babysitter, struggling to keep 40 or 50 users humming happily on those giant workstations we call Terminal Servers, you've probably thought the same thing: "If I had just the right tool, I could produce the ideal computing environment." Let's take a look at some of the tastier Terminal Server tools you can inexpensively add to your cup-warming tray.

TS Task Manager
Windows' Task Manager can be a boon for troubleshooting processor spikes and memory leaks. But it can also be a pain in the neck for Terminal Server users who have all the options but none of the permissions to make it work. That being said, some of the functionality of Task Manager can be useful should users need to end a malfunctioning application or kill a process.

Where To Download These Tools?

For Windows Server 2003, native Group Policy doesn't have much in the way of controlling Task Manager. One GPO setting called Remove Task Manager is exposed at the path -- Administrative Templates / System / Ctrl+Alt+Delete Options. That setting however, only disables Task Manager in its entirety.

To combat this limited on-or-off option, the people at have developed a hacked Task Manager that exposes only the necessary Task Manager bits. Once you download and install this freeware tool, users are limited strictly to the Applications, Processes and Networking tabs.

If you combine this install with the Group Policy setting -- Remove Run menu from Start Menu at the path Administrative Templates / Start Menu and Taskbar -- you can also restrict the ability to use Task Manager to start new tasks.

Windows has the capability to run scripts at log on and log off as well as startup and shutdown. These timeframes are usually sufficient, as most configuration activity needs to occur during one of those four events. However, in the world of Terminal Services, two other events can occur for which Windows Server 2003 has no native capability to handle, namely session disconnection and reconnection.

If you allow your Terminal Server users to disconnect from their session and reconnect from another location, you probably wish you could run scripts or other configuration changes during those two events. The ReconnACT tool, written by Dennis Damen of Login Consultants, does just that.

A simple but elegant tool, ReconnACT adds two user environment variables for each user, called CURRENT_ CLIENTIP and CURRENT_CLIENTNAME. These two variables store the client name and IP address of the attached client. When a client disconnects or reconnects, the ReconnACT process will read the values of those variables and use them to run an administrator-defined script or executable.

TSWhereIs is the first of three free tools we'll discuss that are written by the Ctrl-Alt-Del Consultancy Pty Ltd. TSWhereIs addresses a specific problem that plagues administrators in large Terminal Server farms: locating users. Native Windows tools like quser are available on the system to tell which users are logged into a specific server. But there's no native tool that reveals the opposite, finding which Terminal Servers a stated user is logged into.

Arriving as a simple command-line tool, if you want to search all Terminal Servers in your network for a username just enter tswhereis {username}. To check other domains, enter tswhereis {username} {domain name}.

The second of our command-line tools from the Ctrl-Alt-Del Consultancy, TSLogoff, expands the native logoff.exe tool with the capability to log off all users on a specific server at the same time. If you've ever needed to complete an emergency patching in the middle of the workday, or just needed to get everyone off your Terminal Servers in a hurry, you'll be happy to have this feature.

To use TSLogoff, enter tslogoff {session ID}. The session ID for each user can be gathered by using the native quser command. Users on remote Terminal Servers can be logged off by using tslogoff {session ID} /server:{remote server}. In any case, you can replace the session ID with the word ALL to log them all off at once.

One interesting quirk with this tool is that if you enter tslogoff with no other switches, it will immediately close all your open Windows and log you off, so be careful.

Our final tool from the Ctrl-Alt-Del Consultancy is ICSweep. Terminal Services and some of the third-party products like Citrix sometimes have problems when corruption occurs within Temporary Internet Files. This problem is exacerbated when browser-based applications are installed to the Terminal Server and those tools are not clean about what they store in that location. Users with Internet Explorer on their Terminal Server can also cause Temporary Internet Files bloat, which can fill up the system drive.

Locating and clearing this location for every user can be a cumbersome process. The ICSweep tool was developed to provide a single command-line that automatically clears the Temporary Internet Files cache for all user profiles that are not in use.

Other than bringing up the help file, there are no switches with this command. Typing icsweep immediately identifies users and starts the deletion process.

As we've said before, the native quser tool provides most of the information an administrator needs, but not everything. It focuses on attached users. But if we need to find information about the attached computers we need to look elsewhere.

Written by Joe Klemencic, computer security coordinator for Fermilab, this tool does just that. If you enter tslistusers or tslistusers {server name} at the command line, the tool will return a list of users attached to the local Terminal Server as well as their computer name and client IP address.

This information comes in especially handy when you're attempting to track down performance problems for specific clients. Is it the server or is it the network? This sort of client information offers a perfect segue to our next tool that answers that very question.

Ping Plotter
If you're a Terminal Services administrator, then you're likely tired of hearing that old complaint: "The server is slow." The constant plight of the Terminal Services administrator in the large network is figuring out whether that slowness comes from resource overuse on the server or network latency on the connection.

Even though the RDP protocol is designed to be used in low-bandwidth situations, the user's experience relies on a constant and uninterrupted flow of communication between client and server. Even the slightest degree of network latency can make that experience intolerable.

Figure 1
[Click on image for larger view.]
Figure 1. Ping Plotter shows low latency but a hefty packet loss in an Internet connection to Google.

Ping Plotter is a GUI-based tool designed to help answer the question: "Is it the server or is it the network?" Using the client IP information you receive from TSListUsers, you can set up Ping Plotter to graphically analyze each hop between server and client to hunt down that nasty latency. Knowing the latency from the server to each progressive hop will help you track down the node in your network that is the source of the slowdown.

To use Ping Plotter, install the tool to your Terminal Server and run the executable. You'll need to enter the IP address for the remote client so you can start the trace. A graphical representation of the connection's latency and packet loss will eventually develop. If you don't feel like waiting for the latency to occur, you can configure Ping Plotter to alert you via e-mail or other methods when high latency occurs.

The basic version of Ping Plotter is freeware, but additional feature levels exist for those willing to pay for that level's progressive pricing.

So you've identified that your slowness problem isn't the network. You've figured out that a few users are using more than their fair share of processor resources on your Terminal Server. Asking those users to stop working isn't an option, and de-prioritizing their processes is too time-consuming. So what can you do?

You can install a tool like Soren Pederson's ThreadMaster to monitor for processor overuse. ThreadMaster watches for processes that consume greater than a preconfigured percentage of the processor over a set period of time. When a process misbehaves and exceeds the administrator's thresholds, ThreadMaster will reduce the priority of the process. This prevents one runaway process from impacting the user experience for everyone else.

The ThreadMaster service does not have a user interface. Once installed, it's administered via a number of registry keys. These registry keys control the threshold maximum amount of CPU percentage for any process, the number of seconds that process can exceed the threshold, any processes exempt from ThreadMaster monitoring and a number more.

Perhaps the worst way to find out about a problem is hearing about it from your users. Why? Because it gives you no chance to fix it before someone complains, and it can make you look bad as the administrator (who's supposed to know everything, right?). Rather than manually watching your Terminal Servers and waiting for them to fail, use TSPing from to watch them for you. TSPing monitors the state of three critical Terminal Server services on any number of machines: Net Logon, Print Spooler and Terminal Server. If any of these three services incur a problem and stop running, this tool can be configured to notify an administrator via e-mail and even to attempt a restart of that process.

The e-mail notification requires an SMTP server to work, so you'll need to ensure one is available and secured to support the notification e-mails.

No matter what your problems are, ensuring a consistent server configuration is important. With so many individual settings in so many different places, this consistency can become difficult.

Figure 2
[Click on image for larger view.]
Figure 2. The WTSConfigurator exposes dozens of Terminal Server-specific registry values, all in one place.

The WTSConfigurator is a tool from that encapsulates many of those individual configurations into a single GUI interface. Giving the administrator the ability to change RDP settings, client device mappings, crash dump locations, log-in banners and all kinds of other Terminal Server specific settings in one location, this tool helps ensure that common configuration.

The author suggests, however, that the tool should not be used in production environments, especially for making changes to configurations. It's a handy tool for validating a configuration once you've completed your Terminal Server build. The WTSConfigurator is a single-executable freeware tool.

Whether it's coffee you're making or remote desktops you're administering, keeping a few good tools in the drawer will make the difference between a perfect crema and a burnt flavor. So always remember: To keep your customers happy, keep the portafilter warm between shots, the key to good foam is a little spin, and good monitoring will help prevent the dreaded "the server is slow today" call.


comments powered by Disqus

Subscribe on YouTube