| Author | Messages | |
bdesmond
Posts:996
 | | 08/15/2008 6:26 PM |
| How could TS make that change? Every terminal server would need to be delegated rights over users.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Friday, August 15, 2008 5:17 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Slightly on topic...  New attributes in 2008 for Terminal Server??
Yeah I saw them listed out there but the docs are weak IMO. Would like to see specific mention that they are or aren't utilized by various OSes. Wonder how TS2008 prioritizes, I expect it would look for these first but not good to guess.
I hoped one day they would break that all out, but was hoping for sort of some tie-in with userParameters so legacy worked ok. Will TS08 automatically pull the info out of userParameters and populate into the new attribs?
Details on this stuff would be good.
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Michael B. Smith
Sent: Friday, August 15, 2008 6:11 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Slightly on topic... New attributes in 2008 for Terminal Server??
I checked with someone on the T/S team. They are fully-supported - on Server 2008 only. I asked a couple of other questions to get more detail, but that's all I got.
They are actually on MSDN....e.g., http://msdn.microsoft.com/en-us/library/ms678162(VS.85).aspx
Regards,
Michael B. Smith
MCITP:SA,EMA/MCSE/Exchange MVP
http://TheEssentialExchange.com
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Friday, August 15, 2008 2:11 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Slightly on topic... New attributes in 2008 for Terminal Server??
So I am poking around with a Windows Server 2008 machine looking at the schema and happened to see a whole slew of new attributes prefixed with msTS... These look like the Terminal Server attributes that should have existed in Windows 2000 instead of using userParameters... I looked at the definitions and see that they are normal attribs, not constructed. I have done any source chasing yet nor started playing with them yet, just googled and found little to nothing...
Anyone know the scoop behind these attributes before I start trying things with them? I would love to find that they are all hooked up in the backend somehow to userParameters but if not, if the systems are smart enough to use them, shouldn't be terribly difficult to write something to hook them together.
The listing is
G:\>adfind -sc sl:msts*
msTSAllowLogon
msTSBrokenConnectionAction
msTSConnectClientDrives
msTSConnectPrinterDrives
msTSDefaultToMainPrinter
msTSExpireDate
msTSExpireDate2
msTSExpireDate3
msTSExpireDate4
msTSHomeDirectory
msTSHomeDrive
msTSInitialProgram
msTSLicenseVersion
msTSLicenseVersion2
msTSLicenseVersion3
msTSLicenseVersion4
msTSLSProperty01
msTSLSProperty02
msTSManagingLS
msTSManagingLS2
msTSManagingLS3
msTSManagingLS4
msTSMaxConnectionTime
msTSMaxDisconnectionTime
msTSMaxIdleTime
msTSProfilePath
msTSProperty01
msTSProperty02
msTSReconnectionAction
msTSRemoteControl
msTSWorkDirectory
or if you prefer the longer output
G:\>adfind -e -sc s:msts* ldapdisplayname admindescription
AdFind V01.37.00cpp Joe Richards (joe@joeware.net<mailto:joe@joeware.net> June 2007
Using server: TROUBLE-DC1.trouble.loc:389
Directory: Windows Longhorn
Base DN: CN=Schema,CN=Configuration,DC=trouble,DC=loc
dn:CN=ms-TS-Allow-Logon,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Allow Logon specifies whether the user is allowed to log on to the Terminal Server. The value is 1 if logon is allowed, and 0 if logon is not allowed.
>lDAPDisplayName: msTSAllowLogon
dn:CN=ms-TS-Broken-Connection-Action,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Broken Connection Action specifies the action to take when a Terminal Services session limit is reached. The value is 1 if the client session should be terminated, and 0 if the client session should be disconnected.
>lDAPDisplayName: msTSBrokenConnectionAction
dn:CN=ms-TS-Connect-Client-Drives,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Connect Client Drives At Logon specifies whether to reconnect to mapped client drives at logon. The value is 1 if reconnection is enabled, and 0 if reconnection is disabled.
>lDAPDisplayName: msTSConnectClientDrives
dn:CN=ms-TS-Connect-Printer-Drives,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Connect Printer Drives At Logon specifies whether to reconnect to mapped client printers at logon. The value is 1 if reconnection is enabled, and 0 if reconnection is disabled.
>lDAPDisplayName: msTSConnectPrinterDrives
dn:CN=ms-TS-Default-To-Main-Printer,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Default To Main Printer specifies whether to print automatically to the client's default printer. The value is 1 if printing to the client's default printer is enabled, and 0 if it is disabled.
>lDAPDisplayName: msTSDefaultToMainPrinter
dn:CN=MS-TS-ExpireDate,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: TS Expiration Date
>lDAPDisplayName: msTSExpireDate
dn:CN=MS-TS-ExpireDate2,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Expiration date of the second TS per user CAL.
>lDAPDisplayName: msTSExpireDate2
dn:CN=MS-TS-ExpireDate3,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Expiration date of the third TS per user CAL.
>lDAPDisplayName: msTSExpireDate3
dn:CN=MS-TS-ExpireDate4,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Expiration date of the fourth TS per user CAL.
>lDAPDisplayName: msTSExpireDate4
dn:CN=ms-TS-Home-Directory,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Home Directory specifies the Home directory for the user. Each user on a Terminal Server has a unique home directory. This ensures that application information is stored separately for each user in a multi-user environment. To set a home directory on the local computer, specify a local path; for example, C:\Path. To set a home directory in a network environment, you must first set the TerminalServicesHomeDrive property, and then set this property to a UNC path.
>lDAPDisplayName: msTSHomeDirectory
dn:CN=ms-TS-Home-Drive,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Home Drive specifies a Home drive for the user. In a network environment, this property is a string containing a drive specification (a drive letter followed by a colon) to which the UNC path specified in the TerminalServicesHomeDirectory property is mapped. To set a home directory in a network environment, you must first set this property and then set the TerminalServicesHomeDirectory property.
>lDAPDisplayName: msTSHomeDrive
dn:CN=ms-TS-Initial-Program,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Initial Program specifies the Path and file name of the application that the user wants to start automatically when the user logs on to the Terminal Server. To set an initial application to start when the user logs on, you must first set this property and then set the TerminalServicesWorkDirectory property. If you set only the TerminalServicesInitialProgram property, the application starts in the user's session in the default user directory.
>lDAPDisplayName: msTSInitialProgram
dn:CN=MS-TS-LicenseVersion,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: TS License Version
>lDAPDisplayName: msTSLicenseVersion
dn:CN=MS-TS-LicenseVersion2,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Version of the second TS per user CAL.
>lDAPDisplayName: msTSLicenseVersion2
dn:CN=MS-TS-LicenseVersion3,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Version of the third TS per user CAL.
>lDAPDisplayName: msTSLicenseVersion3
dn:CN=MS-TS-LicenseVersion4,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Version of the fourth TS per user CAL.
>lDAPDisplayName: msTSLicenseVersion4
dn:CN=MS-TSLS-Property01,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Placeholder Terminal Server License Server Property 01
>lDAPDisplayName: msTSLSProperty01
dn:CN=MS-TSLS-Property02,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Placeholder Terminal Server License Server Property 02
>lDAPDisplayName: msTSLSProperty02
dn:CN=MS-TS-ManagingLS,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: TS Managing License Server
>lDAPDisplayName: msTSManagingLS
dn:CN=MS-TS-ManagingLS2,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Issuer name of the second TS per user CAL.
>lDAPDisplayName: msTSManagingLS2
dn:CN=MS-TS-ManagingLS3,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Issuer name of the third TS per user CAL.
>lDAPDisplayName: msTSManagingLS3
dn:CN=MS-TS-ManagingLS4,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Issuer name of the fourth TS per user CAL.
>lDAPDisplayName: msTSManagingLS4
dn:CN=ms-TS-Max-Connection-Time,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session maximum Connection Time is Maximum duration, in minutes, of the Terminal Services session. After the specified number of minutes have elapsed, the session can be disconnected or terminated.
>lDAPDisplayName: msTSMaxConnectionTime
dn:CN=ms-TS-Max-Disconnection-Time,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Maximum Disconnection Time is maximum amount of time, in minutes, that a disconnected Terminal Services session remains active on the Terminal Server. After the specified number of minutes have elapsed, the session is terminated.
>lDAPDisplayName: msTSMaxDisconnectionTime
dn:CN=ms-TS-Max-Idle-Time,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Maximum Idle Time is maximum amount of time, in minutes, that the Terminal Services session can remain idle. After the specified number of minutes have elapsed, the session can be disconnected or terminated.
>lDAPDisplayName: msTSMaxIdleTime
dn:CN=ms-TS-Profile-Path,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Profile Path specifies a roaming or mandatory profile path to use when the user logs on to the Terminal Server. The profile path is in the following network path format: \\servername\profiles<file:///\\servername\profiles> folder name\username
>lDAPDisplayName: msTSProfilePath
dn:CN=MS-TS-Property01,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Placeholder Terminal Server Property 01
>lDAPDisplayName: msTSProperty01
dn:CN=MS-TS-Property02,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Placeholder Terminal Server Property 02
>lDAPDisplayName: msTSProperty02
dn:CN=ms-TS-Reconnection-Action,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Reconnection Action specifies whether to allow reconnection to a disconnected Terminal Services session from any client computer. The value is 1 if reconnection is allowed from the original client computer only, and 0 if reconnection from any client computer is allowed.
>lDAPDisplayName: msTSReconnectionAction
dn:CN=ms-TS-Remote-Control,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Remote Control specifies the whether to allow remote observation or remote control of the user's Terminal Services session. For a description of these values, see the RemoteControl method of the Win32_TSRemoteControlSetting WMI class. 0 - Disable, 1 - EnableInputNotify, 2 - EnableInputNoNotify, 3 - EnableNoInputNotify and 4 - EnableNoInputNoNotify
>lDAPDisplayName: msTSRemoteControl
dn:CN=ms-TS-Work-Directory,CN=Schema,CN=Configuration,DC=trouble,DC=loc
>adminDescription: Terminal Services Session Work Directory specifies the working directory path for the user. To set an initial application to start when the user logs on to the Terminal Server, you must first set the TerminalServicesInitialProgram property, and then set this property.
>lDAPDisplayName: msTSWorkDirectory
31 Objects returned
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
| | | |
|
|