October 6th, 2005, 06:53 PM
Windows 2000 Terminal Server
I've got a strange problem with our terminal servers. Here in the office we run two terminal servers that both employees inside the office at their workstations and outside the office at home and abroad connect to for work.
A user connected to a remote session on the terminal server from a workstation inside the same LAN can stay connected indefinitely until he/she terminates the connection, even if they sit idle for a while (which is how it should be).
However, it's a different story for users connecting from the outside WAN world. A WAN terminal server connection will be automatically terminated if they sit idle for a few minutes.
I tested this by moving my computer from inside our LAN to a DMZ, connecting it to an extra port on the router and thus going around the LAN so it's seen as a box from the WAN. Sure enough, my terminal services connection died after I sat idle for a few minutes. Rejoined the LAN, and it stayed connected indefinitely.
So what could cause this difference between WAN and LAN terminal services connections? How can I change things so that a user from the WAN can stay connected to our terminal servers without being booted for idle time?
October 6th, 2005, 07:10 PM
In terminal services connection manager, check out the disconnect settings. I've ran into issues where, for what ever reason: network jitter, noise, dropped packets, the edit SERVER believes the session is ended.
In these cases I make sure the sessions are not disconected and that sessions are allowed to reconnect.
October 6th, 2005, 10:20 PM
Well I've got it set by each user -- And users that are configured to never be disconnected are still disconnected after being idle for a short while when connecting from the WAN.
October 13th, 2005, 04:08 PM
Sorry for double posting, but I can't edit my message for some reason:
It hasn't even been 1440 seconds yet.
The administrator has specified that you can only edit messages for 1440 minutes after you have posted. This limit has expired, so you must contact the administrator to make alterations on your message.
Anyway, a (slightly off-topic) question for those complaining about CALEA: Which do you value more? The ability for law enforcement to have easier access to data for the sake of tracking down cyber criminals (particularly online predators, those after our children, etc.), or your privacy?
Always a double-edged sword of sorts...
October 18th, 2005, 09:40 PM
Still can't figure this darn problem out.
So I checked configuration settings:
In the domain controllers Active Directory Users and Computers, when I select a specific user and go to the Sessions tab, it shows this:
End a disconnected session: Never
Active session limit: Never
Idle session limit: Never
October 18th, 2005, 09:50 PM
What are the client side settings? Can you provide a screen shot?
October 18th, 2005, 10:28 PM
What client side settings are you referring to? I don't know of any settings client side that handle connectivity and idle times.
October 19th, 2005, 06:01 PM
Hey, um, where'd the bump thread button go?
October 19th, 2005, 06:24 PM
Have a look in "network and dial up connections", "properties", "options"
I think that you will find some settings there?
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
October 19th, 2005, 06:46 PM
I assume you're not using citirix