In the early stages of release of SBS2000, various sources indicated that your could run Terminal Server on the actual SBS2000 server itself. Much confusion exists over these initial statements. Overall however Microsoft seem to state that you should not run Terminal Services in Application mode on your SBS 2000 server, you should however install a second server for this purpose. To explain some of the reasons behind this, it’s better to understand what Terminal Services is and how it operates. Terminal Server has two modes of operation, Remote Administration mode and Application mode.
In Remote Administration mode, it is designed to run only 2 sessions, both of which need to be Administrator level users. All applications installed are installed as if they were to be run from the console. Remote Administration mode is tuned specifically for the remote administration of the actual server. It’s performance is tuned for server applications such as SQL server, Exchange server and file and print sharing. It is not intended to be use for any other purpose. Terminal Services is installed on the SBS2000 server in Remote Administration mode as part of a standard configuration. Features such as the ability to shutdown and restart the server are part of this.
In Application Mode, the server is optimised for desktop style applications such as word, excel etc. Microsoft do not recommend running Server level applications such as Exchange Server, or SQL server on a terminal server configured in Application mode, due to the lower than acceptable performance the users will likely experience. In App mode, you need to install any applications via the control panel > Add/Remove programs method, so that all changes to the registry and ini files are captured for later use by other users.
Whilst technically you could reconfigure your SBS2000 server to run Terminal Services in Application mode, the question is why would you? If you did then you would be giving all users the ability to play directly on the hard drives of your main business server. Would you want to chance that they would not delete the wrong file accidentally?, run the wrong application and lock up your only server? have an application crash with a Blue Screen of Death and bring down all your users? I certainly would not like this at all. What about security? You would have to alter permissions on various files to be other than standard – what about future supportability of the system after you’ve gone?
As you can see whilst technically you can do something, doesn’t always mean that you should. Regardless of Microsoft’s stance on this subject, I recommend that if you want to have users using a Terminal Server, then you should really have them on an isolated box. At least that way you can limit your exposure and be in a “supported” environment from the Microsoft perspective.