The wireless age has arrived—people are reaching for their handheld computers and going mobile. But what does a wireless world mean for systems administrators? How can we use this new technology to make our jobs easier? What Microsoft tools are available for remotely managing our IT infrastructures? Currently, Microsoft's only mobile administration tool is the Terminal Services Client for Pocket PC 2002. This software client isn't included with Pocket PC 2002 devices, but you can download it for free from Microsoft's Pocket PC Downloads Web site (http://www.microsoft.com/mobile/pocketpc/downloads/terminalservices/default.asp). Let's take a look at the Terminal Services Client's requirements, installation, configuration, and use. (For information about how to use a Pocket PC 2002 to perform administrative tasks, see Mobile & Wireless, "Mobile Administrator's Toolkit," March 2002, http://www.winnetmag.com, InstantDoc ID 23855.)
Microsoft wrote the Terminal Services Client solely for the Pocket PC 2002—the program isn't backward-compatible. To download a Windows CE 3.0 Terminal Server client, go to http://www.microsoft.com/mobile/handheldpc/downloads/terminalserver/ts.asp. This version of the Terminal Server client isn't as stable as the Pocket PC 2002 version. (For more information about the earlier version, see the Microsoft article "Terminal Server Client for the Handheld PC Professional Edition Readme.txt File" at http://support.microsoft.com/?kbid=q236282.)
To take full advantage of the Terminal Services Client's mobility, you need wireless access to the LAN on which the servers you want to administer reside. Most environments currently support some form of wireless LAN (WLAN) connectivity. This access usually incorporates 802.11b, which is the 11Mbps wireless standard for most of today's wireless access products. You can also use a standard 10/100 NIC to connect to your LAN, but you won't have the freedom of wireless mobility. For this article, I assume you've implemented a wireless infrastructure in your environment and that your Pocket PC has a wireless network card installed. Cisco Systems, ORiNOCO Wireless Networks, and Linksys are the three most commonly used wireless hardware manufacturers. For more information about wireless network hardware, see Buyer's Guide, "Wireless Server Management," September 2001, http://www.winnetmag.com, InstantDoc ID 21864.
In addition to the hardware necessary to physically connect to the network (either wirelessly or through a physical LAN connection), you also need an IP address. You can use DHCP to dynamically configure an IP address, or you can manually enter the IP address information directly into your Pocket PC.
Finally, you need to have Windows 2000 Server Terminal Services installed on any server you want to remotely administer. Terminal Services is available in the Win2K Server family but isn't installed by default.
Before you install Terminal Services on your Win2K server, you need to decide which mode you want to run. The most common mode for systems administration is the Remote Administration mode. This mode doesn't require additional Terminal Services licensing, but it does have a limit of two concurrent terminal sessions. In addition, the users connecting to the session must belong to the Local Administrators group.
Another mode is Application Server mode. You typically use this mode to share applications through a terminal connection across a network. Application Server mode doesn't have the two-concurrent-user limitation, and nonadministrators can access sessions. However, this mode requires you to install Terminal Services licensing and purchase a license for each concurrent user.
To install Terminal Services in the Remote Administration mode, start the Control Panel Add/Remove Programs applet on the server. Click Add/Remove Windows Components. Then, scroll to the bottom of the components list and select the Terminal Services check box. In the Terminal Services Setup wizard, click Remote Administration. When the installation is finished, click Finish. Your server is now ready to accept Terminal Services sessions.
You can also configure a Windows XP machine to accept remote administrative sessions, much like a Win2K server. To configure remote access in XP, start the Control Panel System applet. Click the Remote tab and select the Allow users to connect remotely to this computer check box. Click OK. Finally, ensure that you're an administrator or a member of the Remote Desktop Users group on your computer. For more information about remote access in XP, see the OS's Help and Support files.
The Client Installation
After you've connected your Pocket PC to your network and installed Terminal Services, you need to install the Terminal Services Client. First, ensure that Microsoft ActiveSync is installed and running on your computer. Use the cradle or infrared (IR) port to connect your Pocket PC to your computer. Double-click the setup.exe file on your desktop to launch the installation package. When the InstallShield Wizard starts, click Next to proceed to the License Agreement screen. To agree to the license agreement, click Yes. Next, you must specify the directory in which you want to install the Terminal Services Client. By default, the installation wizard installs to a directory called Terminal Services Client for Pocket PC 2002. Ensure that this directory resides in the ActiveSync directory on your computer, and click Next. After the Terminal Services Client installs in the designated directory on your handheld device, click Finish. The ActiveSync application installer will then launch and ask you to accept the default installation directory on your Pocket PC or manually change the directory. For a default installation, click Yes. After the application installs, you'll see a screen on your Pocket PC that reminds you to check your mobile device to see whether additional steps are necessary to complete the installation. Since the Pocket PC doesn't require additional configuration, click OK. You can then start using the Terminal Services Client.
The Terminal Services Client is easy to use. By default, the application installs in the Programs directory. To launch the application, simply click the Terminal Services Client icon.
In the initial application window, which Figure 1 shows, you enter the server name or IP address you want to connect to. Alternatively, you can select from a list of servers you've recently connected to. This option saves time because you don't need to enter a server name or IP address every time you connect to Terminal Services.
To minimize your server desktop and workspace to fit within your Pocket PC's screen, you can select the Limit size of server desktop to fit on this screen check box. This feature might sound great, but it has a huge drawback. When your terminal screen sizes to fit your Pocket PC screen, the window and icon sizes don't reduce. As Figure 2 shows, when you start running applications and opening windows on your server, your desktop will become so crowded that it will be unusable. Although this feature is currently more hindrance than help, it will be quite useful when larger-format machines running the Pocket PC OS become available. For now, I don't recommend enabling this option.
The Terminal Services Client in Action
With the Terminal Services Client open, enter either the server name or IP address you want to connect to or select it from the Recent servers list. Then, click Connect. You'll quickly notice the application's biggest limitation—the lack of space available to view the server desktop. To minimize this problem, Microsoft added screen movement buttons to the bottom left-hand corner of the application window, as Figure 3 shows. These five screen navigation buttons let you position the viewable area at each corner or at the center of the desktop. You'll likely select the center placement to navigate through Terminal Services. For fine-tuning adjustments, Microsoft also added horizontal and vertical scroll bars. These navigation buttons and scroll bars aren't available if you enable the option to limit the size of the server desktop.
After you connect to your server, click the centering screen navigation button. This option will center your screen to show the logon box on the server desktop. From this point, the Terminal Services Client functions similarly to the Terminal Services client running on your computer. However, a few important differences exist between the two Terminal Services versions.
The first difference is the navigation mode. The most efficient method for navigating the Terminal Services desktop is a mouse. But the Pocket PC uses a stylus rather than a mouse. To perform a left mouse click on a Pocket PC, you must double-tap the stylus. To perform a right mouse click (e.g., to open a menu option), tap and hold the stylus for 1 second.
Another difference is that with a Win32-based Terminal Services client, you can copy between your local device and the remote server desktop. The Terminal Services Client doesn't have this option.
The last crucial difference between the two Terminal Services versions isn't in the applications but rather in the places in which you can use them. Although the Terminal Services Client lets you be mobile, you still need to be connected (either wired or wirelessly) to your local network. Most current VPN device manufacturers don't offer VPN clients for the Pocket PC OS. In addition, if your network is secured behind a firewall, you won't be able to directly connect to servers in your network. To solve these problems, some third-party software companies have written VPN clients that interoperate with today's leading VPN gateways. For example, Certicom's movianVPN is a VPN client that runs on a Pocket PC and interoperates with leading VPN solutions by manufacturers such as Cisco, Check Point Software Technologies, NetScreen Technologies, and Nortel Networks. Unfortunately, Certicom doesn't currently support the Win2K VPN.
No Easy Solutions
With the Terminal Services Client, Microsoft gave administrators a clean, stable Terminal Services client they can rely on to perform quick tasks from wherever they happen to be. The application lets systems administrators easily administer a server without having to log on to a workstation or walk up to a server rack. However, the Terminal Services Client isn't an end-all solution to remote systems management. The application doesn't have many options for systems administrators to customize their experience. In addition, Microsoft hasn't offered any complementary administrative utilities. Systems administrators are looking for a suite of tools to help them remotely manage their systems. For now, they must look to third parties to obtain these tools. For information about three of the most popular systems administration utilities, see the sidebar "Systems Management Applications for the Pocket PC," page 55.