Wonderware FactorySuite Terminal Services for InTouch Deployment Guide

Transcription

1 Wonderware FactorySuite Terminal Services for InTouch Deployment Guide Revision A Last Revision: September 2002 Invensys Systems, Inc.

2 All rights reserved. No part of this documentation shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the Invensys Systems, Inc. No copyright or patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this documentation, the publisher and the author assume no responsibility for errors or omissions. Neither is any liability assumed for damages resulting from the use of the information contained herein. The information in this documentation is subject to change without notice and does not represent a commitment on the part of Invensys Systems, Inc. The software described in this documentation is furnished under a license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of these agreements Invensys Systems, Inc. All Rights Reserved. Invensys Systems, Inc. 33 Commercial Street Foxboro, MA (949) Trademarks All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Invensys Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Alarm Logger, ActiveFactory, ArchestrA, Avantis, DBDump, DBLoad, DTAnalyst, FactoryFocus, FactoryOffice, FactorySuite, hotlinks, InBatch, InControl, IndustrialRAD, IndustrialSQL Server, InTouch, InTrack, MaintenanceSuite, MuniSuite, QI Analyst, SCADAlarm, SCADASuite, SuiteLink, SuiteVoyager, WindowMaker, WindowViewer, Wonderware, and Wonderware Logger are trademarks of Invensys plc, its subsidiaries and affiliates. All other brands may be trademarks of their respective owners.

3 Contents 3 Contents Welcome to Terminal Services for InTouch...7 Before You Begin... 7 Document Symbols... 7 Must Know Terminology... 8 Checklist: Setting up Terminal Services for InTouch... 8 About this Manual... 9 Technical Support CHAPTER 1: Introduction to Terminal Services for InTouch...11 Thin computing and Process Visualization...11 Total Cost of Ownership...11 Data Access for the Casual User Wonderware Products Windows 2000 Terminal Services Modes of Operation Components Why Terminal Services for InTouch? Terminal Services for InTouch Benefits Terminal Services and Industrial Applications Business Justification and Project Approval Industrial Scenarios Centralized InTouch Management Remote Access Internet Access Increased Availability CHAPTER 2: Project Planning...25 Deployment Planning Model Identifying Key Team Members Defining Vision and Scope Assessing Risk Documenting Your "As-Is" Environment Documenting LAN Information Documenting WAN Information Documenting Internet Information Documenting the Operator Interface Documenting Logical Design Creating a Functional Specification "To-Be" Creating/Approving the Physical Design Choosing a Domain Setup Expanding to the WAN... 38

4 4 Contents Choosing a License Server...39 Integrating with the FactorySuite...40 Choosing the Right Client...42 Improving Reliability...45 Building the Master Project Plan...46 CHAPTER 3: Deployment...47 Deploying a Pilot Terminal Server...47 Server Hardware Requirements...48 RDP Client Hardware Requirements...50 Installing Terminal Services...50 Terminal Services Licensing...50 License Purchase...50 Activate a License Server...51 Install Licenses...52 Client Licensing...53 License Recovery...53 Defining Security...53 Session Security...54 User Account Management...57 Changing a Desktop into a RDP Client...59 Client Installation Disks...59 Client Connection Properties...59 Installing Terminal Services for InTouch...65 Modifying Applications...66 Software Testing and Validation...66 Known Issues and Limitations...68 Converting Color Palettes...70 Running WindowViewer...73 Selecting an Application...74 Configuring NAD for Terminal Services...74 Configuring Start Program...75 Running WindowMaker...77 Remote Development...77 Rapid Application Development...77 Assessing the Pilot Deployment...80 Deploying Terminal Server Throughout your Environment...81 Providing Maintenance and Support...81 Monitoring Performance...81 Remote Control...84 Network Load Balancing...85 Stand-by Server Option...85 Installation...86 Administration Tools...94 Disconnection Timeouts...95

5 Contents 5 Terminal Services Advanced Client Benefits Installation How to Use Securing Web-based Applications Best Practices Terminal Services Hot key Sequences Index...107

6 6 Contents

7 Welcome to Terminal Services for InTouch 7 Welcome to Terminal Services for InTouch Before You Begin The is intended to help you efficiently plan, deploy and run InTouch applications on Windows 2000 Terminal Services. As a complement to the Terminal Services for InTouch User s Guide, it provides greater detail in architecture design, hardware selection, and how to leverage the features of Terminal Services in an industrial environment. It specifically addresses the RDP protocol. Additional information on RDP and related protocols are available at the following websites: Microsoft Automation Control Products (ACP) Citrix Systems technologies/terminal/default.asp Document Symbols This manual uses the following document symbols. A task to be performed on the terminal server (console) or on the license server. A task to be performed on the client (local) desktop.

8 8 Before You Begin Must Know Terminology Term Console ICA RDP Session Terminal Services Thin Client Description This is the normal desktop experience on the computer that has Terminal Services installed. Independent Computing Architecture. A remote presentation services protocol from Citrix Systems. Remote Desktop Protocol. The default connection protocol installed with Windows Terminal Services. A log-on instance where 100 percent of the resources (processing, memory, and hard disk) are managed under a virtual user account, referred to as a session ID. A service that enables a server-grade computer for multi-user processing and management. (a.k.a. terminal) A device that allows you to send commands to another computer. At a minimum, this usually means a keyboard, a display screen, and some simple circuitry. Checklist: Setting up Terminal Services for InTouch Task Reference Review key Terminal Services for InTouch concepts. Chapter 1 Determine how you want to utilize Terminal Services for Chapter 1 InTouch in your industrial environment. Describe how the deployment project meets business Chapter 1 requirements. Develop a plan for implementing Terminal Services for Chapter 2 InTouch. Review recommended architectures and how to integrate with Chapter 2 the FactorySuite. Consider safeguards to minimize the impact of a hardware Chapter 2 failure. Identify the right client for the environment and operator Chapter 2 needs. Establish guidelines and standards for networking, set-up, Chapter 3 user security, and so on. Determine licensing requirements. Chapter 3 Enable Terminal Services and install programs. Chapter 3 Configure client connections. Chapter 3 Review known issues and limitations and best practices. Chapter 3

9 Welcome to Terminal Services for InTouch 9 Task Reference Modify applications to run in a multi-user environment. Chapter 3 Test and pilot your system. Chapter 3 Prepare to provide support. Chapter 3 About this Manual This manual is divided into a series of logical building block chapters that describe the various aspects of using Terminal Services for InTouch. It is written in a "procedural" format that tells you in numbered steps how to perform most functions or tasks. If you are viewing this manual online, when you see text that is green, click the text to "jump" to the referenced section or chapter. When you jump to another section or chapter and you want to come back to the original section, a "back" option is provided. Tip These are "tips" that tell you an easier or quicker way to accomplish a function or task. To familiarize yourself with the WindowMaker development environment and its tools, read Chapter 1, "WindowMaker Program Elements" in your online InTouch User's Guide. Also, read Chapter 10, "Terminal Services for InTouch." For details on the runtime environment (WindowViewer), see your InTouch Runtime User's Guide. Online manuals are also included in your FactorySuite software package for all FactorySuite components. Note You must install the Adobe Acrobat Reader (version 4.0 or later) to view or print the online manuals. Assumptions This manual assumes you are: Familiar with the Windows 2000 and/or Windows NT operating system working environment. Knowledgeable of how to use of a mouse, Windows menus, select options, and accessing online Help. Experienced with a programming or macro language. For best results, you should have an understanding of programming concepts such as variables, statements, functions and methods.

10 10 Before You Begin Technical Support Wonderware Technical Support offers a variety of support options to answer any questions on Wonderware products and their implementation. Prior to contacting technical support, please refer to the relevant chapter(s) in your for a possible solution to any problem you may have with your system. If you find it necessary to contact technical support for assistance, please have the following information available: 1. Your software serial number. 2. The version of InTouch you are running. 3. The type and version of the operating system you are using. For example, Microsoft Windows NT Version 4.0 SP5 (or later) workstation. 4. The exact wording of system error messages encountered. 5. Any relevant output listing from the Wonderware Logger, the Microsoft Diagnostic utility (MSD), or any other diagnostic applications. 6. Details of the attempts you made to solve the problem(s) and your results. 7. Details of how to recreate the problem. 8. If known, the Wonderware Technical Support case number assigned to your problem (if this is an on-going problem).

11 Introduction to Terminal Services for InTouch 11 C H A P T E R 1 Introduction to Terminal Services for InTouch This chapter provides you with an introduction to Terminal Services for InTouch. It also presents business and industrial scenarios to help you determine if a server-centric strategy is appropriate for your particular application. Contents Thin computing and Process Visualization Windows 2000 Terminal Services Why Terminal Services for InTouch? Industrial Scenarios Thin computing and Process Visualization Windows-based HMI and supervisory control products have empowered operators by making computing easy to use and with better functionality than the traditional mini-computers of yesterday. Now with so many desktops deployed in the business and industrial environments, maintenance and administration have become a major burden on the Information Technology (IT) infrastructure. Accordingly, there is renewing interest in thin computing- a computing model very similar to those mini-computers where the software and processing is performed on a centralized server. New technology in emulation software and browser-based applications now provide this thin computing model to the Windows environment. Total Cost of Ownership The use of thin clients promise to reduce the acquisition cost of computer hardware while reducing administrative costs related to systems management. IT managers can then lower their total cost of ownership (TCO) for computer equipment while improving their level of service.

12 12 Chapter 1 TCO is a term used to collectively group the benefits associated with thin clients. At a hardware level, thin clients (often called terminals) are devices that rely on a server for applications and data, and perform little or no application processing. They typically have a basic operating system to support a web browser or some form of a terminal emulation software. Thin clients require relatively small amounts of RAM and minimum processing power. In contrast, desktop computers are referred to as fat clients because they run programs locally. Desktop computers usually have more RAM, greater processing power, and large hard-drives to store program files and associated data. Note-worthy benefits of a thin computing model include the following: Centralized deployment of programs. Most (if not all) program execution, data processing, and data storage occur on a server, centralizing the deployment of programs. This ensures that all clients can access current versions of a program. Software is installed only once on the server, rather than every desktop throughout the organization, reducing the costs associated with updating individual computers. Centralized Management. Provides you with the ability to manage centrally while still allowing the individual user the flexibility of using the Windows desktop environment. Increased Security and Reliability. Because no application or user data ever resides on the client, thin computing provides you with more control for security. The use of thin clients can also help prevent the loss of data. Since the data is processed and stored on a server, damage to the client does not lead to destruction of data. This decreases the number of nodes that need to be hardened for data protection. Full advantage of existing hardware. Thin computing extends the model of distributed computing by allowing computers to operate as both thin clients and full-featured personal computers, simultaneously. Computers can continue to be used as they have been within existing networks while also functioning as thin clients capable of accessing server-based programs and applications. Scalability. True scalability means more than adding more clients to your environment. You also need an effective means of managing this environment as it grows. Thin computing provides the ease of installing new clients, as well as the ease of maintaining them. Data Access for the Casual User Another benefit of thin computing is the ability to support a new level of users referred to as casual users. Casual users include maintenance, supervisors, engineers and perhaps vendors who need immediate access to critical manufacturing or process information that is pertinent to them. They need this information on-demand and for short duration. Internet technology, telecommunications (voice mail/paging), and wireless Ethernet are typically the preferred mediums to transport such information. Wonderware Products Wonderware offers several integrated products that leverage the thin computing model:

13 Introduction to Terminal Services for InTouch 13 SCADAlarm introduces Wonderware's first mobile client to access and acknowledge factory alarm information from a mobile telephonic device. Terminal Services for InTouch allows you to fully leverage the benefits of Windows 2000 Terminal Services in an industrial environment. With Terminal Services, the processing of InTouch is moved completely off the operator's workstation and onto a centralized server. SuiteVoyager Series introduces the Manufacturing Information Portal that provides Internet access to summary graphics, real-time factory floor data, and reporting information. The Portal has been designed for quick access to summary and analysis information from multiple data sources and from across the enterprise. SuiteVoyager is a fully scalable product, providing process information to hundreds of clients with minimum impact on the control network. Windows 2000 Terminal Services Microsoft Windows 2000 Terminal Services is an integral part of Windows 2000 technology that delivers the familiarity and ease-of-use associated with the Windows graphical user interface (GUI) through a thin computing model. Windows 2000 Server or Advanced Server is required to enable Terminal Services. With the integration of Windows 2000 Terminal Services into the core server operating system, you can now choose to deploy InTouch in a fully servercentric mode, where applications run entirely on the server. Each operator logs on and perceives only their presentation (known as a session), which is transparently managed by the server operating system and is independent of any other client session. Only screen, mouse, and keyboard information is passed between the client and server. Modes of Operation Terminal Services can be enabled in one of two modes:

14 14 Chapter 1 Components Application Server. This is the standard mode for running InTouch. Applications are deployed and managed from a central location. Licensing is required when deploying a Terminal Services-enabled server as an application server. Each client, regardless of the type of operating system and protocol used to connect to Terminal Services, must have a Terminal Services Client Access License (TS CAL), as well as a Windows 2000 Server CAL. Windows 2000 Professional includes one TS CAL, but not a Windows 2000 Server CAL. Access from earlier versions of Microsoft Windows NT, as well as clients using other operating systems, must purchase a TS CAL and Windows 2000 Server CAL. For more information on Licensing requirements, see "Terminal Services Licensing" in Chapter 3, "Deployment," Remote Administration. Terminal Services Remote Administration mode allows any server running Windows 2000 Server to be administrated remotely with full access to the built-in administrative tools, as if you were sitting right at the server. Windows 2000 Terminal Services consists of five components, as described below: Multi-user kernel. The multi-user kernel extensions are fully integrated as a standard part of the Windows 2000 Server family kernel. These are resident on the server at all times, regardless of whether Terminal Services is enabled or not. Remote Desktop Protocol (RDP). This is the default protocol that allows a client to communicate with the terminal server over a network. Independent Computer Architecture (ICA) is another thin client protocol offered by Citrix. Both protocols support several levels of encryption, client-side bitmap caching, and optional compression for low-bandwidth connections. Terminal Services Client. The client software that displays the familiar GUI on a client machine. The client software is a very small software application that establishes and maintains the connection between a client and server running Terminal Services. It transmits all input from the user to the server, such as keystrokes and mouse movements, and all output from the server such as application display information and print streams. Terminal Services Licensing service. This service is required when Terminal Services is enabled for application serving. The service allows Terminal Services to obtain and manage its TS CALs for connecting devices. Terminal Services Administration Tools. Tools consist of software that manages Terminal Services. These include Terminal Services License Manager (if licensing was installed), Terminal Services Client Creator, Terminal Services Configuration, and Terminal Services Manager.

15 Introduction to Terminal Services for InTouch 15 Why Terminal Services for InTouch? Terminal Services for InTouch allows InTouch to run in a multi-user environment. For organizations wanting to increase flexibility in process visualization and to control operator workstation management costs, a Terminal Services for InTouch architecture offers an important enhancement to the traditional two or three tier client-server architecture. Terminal Services for InTouch Benefits Beyond cost and scalability improvements, Terminal Services for InTouch also provides many technological advantages. For example, you can remotely control an InTouch application for quick troubleshooting and operator training. Using Microsoft's new Terminal Services Advanced Client (TSAC), you can view your process over the web for a super-thin client, full InTouch experience. You can also provide roaming operators with real-time information and control by using wireless Ethernet. Lastly, using Terminal Services for InTouch with Embedded NT and Windows CE provides a full desktop experience on hardware that would otherwise be unable to support such operating systems. Embedded clients are generally dedicated purpose devices. Due to InTouch licensing and hardware requirements, full-featured HMI functionality has not been available for embedded-type applications until now. Terminal Services for InTouch fully supports very thin hardware hardware with much less components than a desktop computer. Not only are these clients less likely to fail but they can be replaced in less than 60 seconds, reducing the overall MTTR (mean time to repair). Caution! Terminal Services scalability does not consider the impact on the control network. Data fan out can occur when InTouch sessions exceed the number of topics/update rates that SuiteLink or the I/O devices can support. For a more scalable solution, consider SuiteVoyager. For more information on the benefits of Terminal Services, see Chapter 10, "Terminal Services for InTouch" in your online InTouch User's Guide.

16 16 Chapter 1 Terminal Services and Industrial Applications In a simple deployment, all InTouch applications will be located on a single computer a terminal server. This computer also has an I/O server to connect the WindowViewer sessions to the plant process. Each WindowViewer session may be the same InTouch application or a different one. They can communicate with each other and run as they would in a traditional client-server environment. The primary difference is that now InTouch is operating in a server-centric environment where all the processing is performed on the terminal server. As the architecture expands and more components are added, you need to consider the impact of such an arrangement. Knowing if a server-centric environment is appropriate for your application is the first step in the deployment process. Terminal Services requires a fair share of up-front planning and ongoing maintenance. Your existing InTouch applications may need to be modified before running on a terminal server. There must also be greater consideration for fault tolerance and availability as multiple InTouch nodes will be affected if the server goes down.

17 Introduction to Terminal Services for InTouch 17 There are many benefits to implementing Terminal Services for InTouch, but the degree of benefit will depend on your particular application. Terminal Services for InTouch has a sweet spot for applications that have traditionally been deployed in client-client and client-server environments. If you have a stand-alone InTouch node and do very little configuration, you will most likely find little value in implementing Terminal Services for InTouch. The benefits tend to also drop as the complexity of InTouch applications increase. Highly complex applications frequently have graphical and distributed I/O requirements that will burden the terminal server and associated network. Due to the protocol nature of Terminal Services, most I/O servers will not work on the client (local) computer. However, Terminal Services is not an all-or-nothing solution. Industrial applications that do not fit within the scope of a server-centric environment can be left to run on the operator's desktop. For example, if you need an I/O server to be running on the client computer, then keep the I/O server on the operator desktop and only move the InTouch application to the terminal server. This flexibility allows PCs to operate as both thin and fat clients simultaneously. Business Justification and Project Approval Many organizations that have made the decision to implement Terminal Services typically explain their decision in terms of business drivers. Although not all organizations focus on the same set of drivers or give them all the same degree of consideration, a well-implemented Terminal Services deployment will often confer benefits upon the user that exceed those planned for during the initial decision-making process. To help increase your chances for project approval, consider the following points: Create a project team and regularly communicate to all affected parties. The best way to achieve this is by using milestone-based planning.

18 18 Chapter 1 Review the capabilities and sample industrial scenarios for Terminal Services for InTouch. Clearly define the scope of the project and stick to it. Knowing what you can accomplish up-front will prevent possible disappointments later in the project life cycle. Consider the initial capital and long-term costs associated with the project. Frequently, initial capital costs are the same for both Terminal Services and traditional installations. True savings are realized as support and maintenance response times are improved. Realize that this is not a desktop deployment. If you have previously configured a domain controller, you have a pretty good idea on the effort that is required to deploy a terminal server. You should, therefore, spend a significant time planning. By understanding the capabilities of Terminal Services and the effort to provide them, you should be able to deliver what you promise. The first point is perhaps the most important. Implementing Terminal Services to run InTouch will most likely change the role of the operator workstation in your organization. Accordingly, there will be a change in how InTouch and other applications are delivered and supported on the plant floor. A significant success factor for your Terminal Services implementation will be to minimize the changes in how users must work. Although very little change should be necessary for the operator, it will have a much greater impact on the people who support the system. You should have their buy-in before submitting your project proposal. The bottom line is the Terminal Services for InTouch saves money, effort, and time. By following the points above, you should be able to provide a clear and honest business plan for the executive who will ultimately appropriate the necessary funds. Good Luck! Industrial Scenarios The first task in the deployment process is to determine what business and technical issues Terminal Services for InTouch will address. Review the industrial scenarios in this section to familiarize yourself how Terminal Services for InTouch might benefit your organization. The scenarios will be illustrated with a fictitious manufacturing company called MagTape, Inc. Scenarios are presented in italics. MagTape, Inc. (MTI), was founded in 1981 to manufacture magnetic tape cartridges. The operation involves several processes, each one independently controlled. Some processes use InTouch operator interfaces, while others still use hardwired control panels. A recent Operations Improvement Strategy now requires greater information to be shared among the operators. This will be accomplished by upgrading the hardwired control panels and providing plant-wide access to process data. MTI's engineering director is particularly concerned about the following issues related to real-time control that may impact the cost and reliability of such a project:

19 Introduction to Terminal Services for InTouch 19 Additional support costs. The cost of maintaining and supporting the existing operator interfaces has been increasing at an accelerating rate. Computers that will replace the hardwired control panels must be as maintenance-free as possible. Added hardware expenses. To avoid additional costs, a group of spare Windows 98 computers should be used. Limited access for mobile operators. Certain operators spend most of their time transporting raw materials throughout the plant. To improve their awareness of process activity, these mobile operators must have access to the same data available in the control rooms. Impact of hardware failures. Hardware failures and their impact on the process must be minimized. Operator Interfaces must also have the flexibility to take control of a particular area if the local workstation goes down. At the direction of the CEO, MagTape's engineering director has funded an Infrastructure Renewal Project to determine how these issues could be resolved with minimal impact to MTI's operations and bottom line. Centralized InTouch Management By running InTouch applications on a terminal server, only one InTouch runtime program needs to be installed. Service packs, upgrades, and other related maintenance requirements are also done only once just on the terminal server. All operators are therefore ensured that they are using the current version of InTouch. Accordingly, the costs and challenges of updating workstation machines, especially for remote workstations, are significantly reduced. MTI can therefore reduce labor costs associated with software maintenance. Only one computer (configured as a terminal server) requires InTouch and its applications to be installed. The new operator interfaces can be Windowsbased Terminals or other thin client computers.

20 20 Chapter 1 Beyond viewing the process, MTI can also remotely modify applications. They simply need to connect to the terminal server launch WindowMaker. The task of maintaining the same application version among different repositories is no longer necessary. WindowMaker does not currently support multiple users. Only one person may edit an application at any one time. If another person concurrently launches WindowMaker for the same application, it may become corrupt and/or unpredictable machine operation may result. Reduced Hardware Costs Terminal Services Clients run on the following platforms: Windows CE-Based Terminals Windows for Workgroups 3.11 Windows 95 Windows 98 Windows NT 3.51 or later. Windows 2000 Note Adding Citrix MetaFrame and/or ACP ThinManager increases the available client types to non-windows-based workstations, including UNIX, Linux, and industrial display panels. Consult the associated vendor to verify Wonderware support for a particular non-windows-based operating system. With the integration of InTouch and Terminal Services, you can deploy the latest applications in a fully server-centric mode. By removing the processing and data storage tasks from the client machine, you can greatly extend the life of your existing hardware. In some cases, the need to replace may not occur until the computer physically breaks down. Terminal Services for InTouch and 3 rd party industrial panel displays can also provide an economical alternative for process visualization in harsh environments. The increased cooling requirements and stronger construction typically make industrial panel displays more expensive than their desktop counterparts. With Terminal Services, industrial hardware costs are reduced because you no longer need high-powered processors, extra memory, floppy or CD-ROM drives. Many industrial panel displays now provide the ability to boot and connect to a terminal server from ROM, and therefore, do not require the added expense of a hard drive. No moving parts also extends the life of hardware because MTBF (mean-time-between-failure) is improved. MTI can therefore experience the new features of FactorySuite and Windows 2000 with their existing Windows 98 computers. If MTI requires more robust hardware to replace the control panels, they can install industrial-grade computers. These machines only require the minimum components to run the emulation software, and therefore, can be purchased at a significantly reduced price.

21 Introduction to Terminal Services for InTouch 21 Remote Access Operators and other end-users gain access to a terminal server over any Transmission Control Protocol/Internet Protocol (TCP/IP) connection including Remote Access, Ethernet, the Internet, wireless, wide area network (WAN), or virtual private network (VPN). Due to the reduced bandwidth requirements of the RDP/ICA protocol, Terminal Services extend the capabilities of InTouch to users who would otherwise be unable to access the FactorySuite. Wireless networks have traditionally been unable to support the large amount of process information for real-time monitoring and control. With Terminal Services for InTouch, applications can run with the same response time and performance as their counterparts directly connected to the local area network (LAN). MTI can therefore support real-time monitoring and control for their mobile operators. The client terminals need only the emulation software to connect to the terminal server. They can then simply launch WindowViewer to monitor the operation of choice.

22 22 Chapter 1 Internet Access Using Microsoft's new Terminal Services Advanced Client (TSAC), remote users can access a terminal server over the Internet. TSAC is based on the RDP 5.0 feature set, but comes in the form of an ActiveX control. The ActiveX control can be downloaded and executed within Microsoft Internet Explorer (I.E 5.0), allowing remote users to experience full InTouch with super-thin clients. Microsoft Point-to-Point Tunneling Protocol (PPTP) provides secure access to a private network for users operating over a public medium, such as the Internet. MTI can therefore support real-time monitoring and control for their mobile operators with either the Terminal Services Client software or by simply launching a web browser and downloading the TSAC ActiveX control.

23 Introduction to Terminal Services for InTouch 23 Increased Availability Network Load Balancing Services is a feature of Windows 2000 Advanced Server that enhances the availability and scalability of applications. It provides constant support to end-users by redirecting the connection from a failing or offline server to a backup. After necessary maintenance is completed, the offline computer can transparently rejoin the cluster. Remote Control is a feature of Terminal Services that provides the ability to take control of another workstation in the event of a client hardware failure. Remote Control also provides an easy way to train operators and monitor operations without being physically next to the terminal. MTI can therefore be confident that even though failures may occur, their impact on production will be a minimum. Remote Control enables a workstation to immediately take over another that has failed. By adding a second server and installing Network Load Balancing, all the sessions are protected. Wonderware strongly recommends that you consult a Microsoft professional and perform adequate testing before deploying load balancing into production. ACP ThinManager 2.3 or later supports server fail-over for both Windows 2000 Server and Advanced Server.

24 24 Chapter 1

25 Project Planning 25 C H A P T E R 2 Project Planning This chapter provides you with a planning model to properly deploy Terminal Services for InTouch. It also provides architecture guidelines for running applications on a LAN/WAN network and how to integrate with the FactorySuite and third party software. Contents Deployment Planning Model Identifying Key Team Members Defining Vision and Scope Assessing Risk Documenting Your "As-Is" Environment Creating a Functional Specification "To-Be" Creating/Approving the Physical Design Building the Master Project Plan Deployment Planning Model Terminal Services for InTouch requires a fair share of up-front planning. The important thing to remember is that this is not a desktop deployment. If you have ever installed a domain controller, you have a pretty good idea of the effort involved. You should follow Microsoft's Solutions Framework deployment-planning model for designing and implementing Terminal Services for InTouch. The following flowchart offers a simplified view of the approach. It highlights the major activities and tasks and their associated milestones and key deliverables that are important for the entire project team. Although the activities leading to each milestone have a logical progression, they need not take place in the order stated. Different team members can perform activities concurrently, to leverage resources of people, time, and money. Use your best judgement and knowledge of the application to deciding the optimal time to work on any specific activity. To maximize project efficiency, however, you should not change the sequence in which the four milestones are reached.

26 26 Chapter 2 The roadmap provides a high-level overview of the deployment process. It includes: Activities that are necessary to complete the project deliverables and advance to the next milestone. Resources that are necessary to complete each activity and create project deliverables. Deliverables resulting from activities that are necessary to complete a timely and effective project. Use this roadmap to gain a comprehensive visual perspective of how your team must prepare itself to undertake this project. Gray highlighted areas in the left column denote the four milestones, and are explained below. For more information on the Microsoft Solutions Framework deploymentplanning model and sample documents, refer to the Microsoft's Resource kit for Windows A Note About Documentation Just like electricians who deliver electrical wiring diagrams at the end of a job, you should provide reference material upon completion of this deployment. The roadmap contains many documents, but none are as important as the ones needed for the support professional who may need to rebuild a machine or make minor modifications. Documenting vendor profiles, network topology, computer setup, security settings, program configurations, and so on, are key deliverables for a complete project. Don't forget the supporting documentation!

27 Project Planning 27 Deployment Process Flowchart

28 28 Chapter 2 Milestone Deliverable Activity Vision/scope approved (Envisioning phase) Project plan approved (Planning phase) Scope complete/first use (Developing phase) Vision/scope document The vision statement provides a conceptual foundation for the entire project. The project scope defines specific parameters and features of project implementation. An opportunity cost analysis is conducted. Risk management plan This plan provides a high-level view of risks that could occur throughout the project with parallel mitigation plans. The risk management plan is revisited during each of the succeeding phases and milestones. Bugs and issues database This database is a repository in which all issues that arise during the project are logged and resolved. The bugs and issues database is revisited during each of the succeeding phases and milestones. Functional specification Physical Design Master project plan Master project schedule Pilot server Postmortem This specification identifies business and technical design requirements, including any proposed products and technologies. The functional specification describes specific project deliverables and the final release product. This document details the work that will take place. It is a compromise between the goals of the project and the constraints of technology, finance, and time. This plan provides the essential elements needed to implement and track the actual project and describes the project from business, technical, application, and implementation perspectives, including all tasks needed to complete testing and piloting. The schedule provides the essential elements needed to track time-sensitive deliverables. The goal is to test terminal server and InTouch applications in a controlled environment, but engaged in real-world activity. This involves building a test lab, identifying a Pilot Group, and documenting use cases. The pilot deployment concludes with a meeting to determine if the test server met project requirements.

29 Project Planning 29 Milestone Deliverable Activity Release (Stabilizing/ Deploying Phase) Server deployed throughout the environment Deployment assessment A stable, scalable process visualization infrastructure For the most part, the full deployment process resembles the pilot deployment process, but on a larger scale. Operators and support staff should be trained at this time. During and after the deployment, communicate with the project overseers to report progress and gauge overall satisfaction. The result of a successful deployment will be a satisfied customer or management unit, the satisfactory achievement of all primary deployment goals, and a process visualization infrastructure that can be adequately maintained and scaled for the future. Keep the test lab running after the deployment to test new applications and any significant changes you want to make to the server or network Identifying Key Team Members Terminal Services for InTouch will change the role of the client desktop in your organization. A successful implementation starts with building a team with people who have the right expertise for the job, who are empowered to use their expertise, and who are held accountable for results in their areas of responsibility. The team should include a mixture of people who can promote buy-in and maintain continuity throughout the deployment. Seven distinct roles must be filled and are outlined in the table below. There need not be a one-one relationship for each role. Team Member Rule Skill Set Executive Sponsor Provide leadership, money and Familiarity with the FactorySuite and human resources Terminal Services Assure changes are adopted into the company culture from the top down Understanding of business drivers Project Manager Drives critical schedule decisions Familiarity with the FactorySuite and Terminal Services System Integrator Represents the engineers who will be designing and installing the system Familiarity with project management tools Experience in FactorySuite components and how to apply them in a Terminal Services environment Experience in Microsoft operating systems, and networking technology

30 30 Chapter 2 Team Member Rule Skill Set Testing and Validation Ensures all issues are known before deployment Familiarity with applications and operating systems Logistics Management Training End-user Performs scalability analysis and performance testing Ensures a smooth rollout of product or service Helps identify and meet end-user needs and desires Represents the operator and people responsible for maintaining the system Familiarity with the process and related operations Familiarity with the organization's system and network infrastructure Good relationship with the system integrator and vendors Good understanding of the delivery schedule Good understanding of the FactorySuite and Terminal Services Ability to write clear and useful technical documentation Experience training users Good understanding of the operations Good relationship with the operators, maintenance and management Defining Vision and Scope The vision statement is an expansive view of the proposed deployment. It describes the top business reasons for deployment and broadly defines the overall results of successful completion. For more information on how MTI used business drivers to justify Terminal Services for InTouch, see "Industrial Scenarios" in Chapter 1, "Introduction to Terminal Services for InTouch," Scope defines the portions of a vision that can actually be accomplished within the project constraints. The project scope provides boundaries for the vision statement by specific details that include business reasons for deployment, features, resources, and schedule framework. By understanding the capabilities of Terminal Services and the effort to provide them, you should be able to deliver what you promise.

31 Project Planning 31 The scoping process should be S-M-A-R-T: Specific, Measurable, Achievable, Result-based, and Time-oriented. The table below provides a more detailed definition of S-M-A-R-T. Action Specific Measurable Achievable Results-based Time-oriented Definition Specifying results to be achieved (for example, what action will be taken or what application will be deployed). Clearly specifying what will be achieved (for example, the number of seats deployed or the number of business units completed). Identifying what the enterprise will achieve by this action (for example, plant-wide access to process data). Establishing realistic outcomes based on company resources and project parameters. Setting a realistic time frame to achieve specific goals (for example, will commence on X date and complete on Y date). Assessing Risk Risk identification and ranking is the first step in the proactive risk management process. It provides the team with information it needs to bring major risks to the surface before they adversely affect the project. Possible risks in deploying Terminal Services for InTouch are: Not testing sufficiently, or not allotting enough time for testing. Failing to account for the behavior and interaction of existing programs that may not be multi-user compliant. Failing to accurately determine the scalability of current and future applications. Failing to understand end-user expectations. Not providing adequate security to protect system files and applications. Failing to adequately train personnel who are responsible for maintaining the system. Risk is composed of two factors: probability and impact. Risk probability is the likelihood that an event will actually occur. Risk impact is the severity of adverse effects on operations, safety, cost, or the ability to continue with the project. Once identified, the risk is rated (e.g., high, medium, or low) based on its probably and impact, and a corresponding mitigation plan developed. The assessment is then entered into a risk assessment matrix. This matrix should be a living document, updated whenever there is a change, and included in deployment status reports.

32 32 Chapter 2 Sample Risk Matrix Impact Probability Risk Description Owner Date Mitigation High High Some of the existing applications were not designed to operate within a Terminal Services environment. High Low Routers are configured to filter port Medium Low May not be able to use existing Windows 98 computers. Testing mm/dd Testing will need to profile the various applications to determine whether or not they are compliant. Project Manager System Integrator mm/dd mm/dd Configure routers to allow connections through port. Evaluate available protocols and match with hardware requirements. Documenting Your "As-Is" Environment Before beginning the deployment process, it's a good idea to survey the existing infrastructure to create a baseline for improvement and help you determine how the new technology will fit in. This is especially important if you are migrating existing InTouch applications to a terminal server. Terminal Services for InTouch will change the role of the operator interface in your organization. This will come a change in how InTouch applications are delivered to the operator, how they are used, and how they are maintained. These changes in process are known as Business Process Redesign (BPR). An important point with BPR and your terminal server deployment is minimizing the change in how the operators must work, and their ability to perform day-today functions. A starting point for BPR is determining what your process visualization capabilities and requirements are today. This is known as the as-is model. When documenting your "as-is" model, include both technical information and operator interface requirements. By documenting the existing technical environment, the team can make a more educated decision on the ability of the system to support the deployment, and what additional hardware/software may be necessary. Documenting LAN Information The local area network (LAN) has become a popular control network. A LAN is almost always confined to a single plant. Even though the low bandwidth requirements for RDP and ICA will place a relatively insignificant burden on the infrastructure, you will want to ensure all identified users are able to connect to the terminal server. Understanding the data flow patterns for the applications that you will be putting on the terminal server, their required resources, and the network path they travel will help determine if any modification is necessary.

33 Project Planning 33 Terminal Services supports only TCP/IP connections between the TS client and server. If other protocols are in use, such as IPX or NetBEUI, you must add TCP/IP. You will still be able to IPX or NetBEUI as the transport protocol for non-terminal server traffic, such as network file or printer sharing. Documenting WAN Information A wide area network (WAN) is the interconnection of geographically dispersed buildings extending beyond a single area. By deploying TS clients at remote office locations and only sending the RDP or ICA traffic across the wide area, you can realize the same bandwidth savings as in the LAN. If the WAN consists of frame relay connections, distinguish between committed rates and burst rates. Determine if filters have been implemented on the routers or firewalls that may prevent clients from remotely gaining access to terminal server. Check to make sure that the RDP port (port 3389) is not blocked at the firewall and that access to the specific corporate segments is not limited to certain Internet Protocol (IP) or Internet work Packet Exchange (IPX) network addresses. If these blocks are in place and they prevent remote connections, the team must address them during deployment. Documenting Internet Information The new Terminal Services Advanced Client (TSAC) enables remote users to access a terminal server over the Internet. The main difference between Internet and other networks is security implications. If your organization uses a firewall, determine if it is a packet-level or an application-level firewall. Packet-level firewalls are easier to configure for new protocols. If an application-level is used, check with your Internet Service provider (ISP) if they can define a filter for the RDP protocol. Document the method the network uses to connect to the Internet. This will help you determine how much bandwidth is available to terminal server. Depending on the frequency remote users will access a terminal server, your team should know the costs and availability of a permanent connection to the Internet. Documenting the Operator Interface No matter how powerful and robust your server is, or how well you have designed your environment, in the end the success of your project will be measured by the usability of the client. Knowing the needs of the end-user and the environment where the operator interface will be located is critical to a successful project. In order to set the expectations of the users, you will need to be able to measure what they have and use today with what you intend to deliver. These measurements are known as benchmarks. Benchmarks are used to draw comparisons between the "as-is" and the "to-be" models and highlight areas where expectations can be exceeded, can be met, or are deficient. Representative benchmarks include:

34 34 Chapter 2 Access to programs other than InTouch Time delays to process information or query databases Size and quality of video displays Special interface requirements such as touch screens, keyboards, or sound Access to a disk drive Local printing Environmental hazards User security permissions and rights You also need to identify any I/O devices that are connected to the operator interface. Generally, I/O devices local to the client computer are not supported. The exception is a low throughput device at the client (such as a hand scanner or low bandwidth serial device). Using the client for demanding I/O devices can have a negative impact on the InTouch application. Connecting all of the I/O to the server solves this problem, but it may not be practical, especially if your terminal server system is replacing a system that used distributed computers to collect and update data points around the plant. There are two options if I/O devices cannot be moved to the terminal server: 1. Use a desktop replacement where only the InTouch application is moved to the terminal server. The I/O server remains on the local computer and runs as normal. 2. Use an ACP Enabled Thin Client. These clients support special drivers including high-speed serial, Profibus, ControlNet, and DeviceNet. For more information on ACP Enabled Thin Clients, see the ACP documentation at Finally, document system security and user profiles. You will most likely add more security on the terminal server, but operators should not perceive any loss in permissions or rights. Keeping familiar procedures and practices is the key to minimizing BPR. Documenting Logical Design Logical design is a high-level understanding of the business and operational requirements without considering the technology used to achieve them. It describes what events occur when an operator or process performs some action. Most often, there is no correspondence between the logical architecture and the physical topology of the system. The purpose of documenting the current logical design is to express any business requirements that must remain when migrating to a server-centric environment. The system integrator then has the responsibility to develop a physical design that attempts to meet each business requirement (existing and proposed) while applying the constraints of technology, finance, and time.

35 Project Planning 35 Creating a Functional Specification "To-Be" The functional specification is the next step after documenting the environment. It is a high-level explanation of how Terminal Services for InTouch will be designed and what it will do. The functional specification should be considered a blueprint for the deployment process and presents goals that have been agreed by all team members. However, the team should not treat the functional specification as something written in stone. It should be a living document that the team updates regularly to reflect changes in scope or schedule. The functional specification should ensure that what the team wants to achieve is what is required by the business. When you can directly relate the outcome of the deployment process to business goals, you have your to-be model. The "to-be" model is a set of target measures that you will work to achieve. Most measures will be quantifiable, like the number of seconds to launch InTouch, while others will be more subjective, such as operator satisfaction as a result of improved stability. The "to-be" data collection will most often come from your pilot users. By comparing this data against the benchmarks, you can determine whether you are ready to proceed with your implementation. Creating/Approving the Physical Design A physical design is part of the design process in which you collect the information you have gathered about the current state and the goals that have been identified, and use this information to develop a plan for deploying Terminal Services for InTouch within the limits set forth in the vision/scope document. The physical design builds upon the logical design and functional specification by applying real-world technology constraints, including any implementation and performance considerations. It is a compromise between the needs of your business and the limitations of the computer. This is also the point at which the team can estimate human resources, costs, and schedules.

36 36 Chapter 2 Choosing a Domain Setup The first part of developing the physical design involves planning the position of Terminal Services within your enterprise. Terminal Services need not be on a Windows 2000 domain to function. Without a domain, however, users must have separate accounts on every terminal server. This limits scalability and makes it more difficult to administer groups of users. Industrial organizations without many users can typically use a single domain. For more information on setting up Windows 2000 Server domains, see your Windows 2000 documentation Note If you add Terminal Services to a domain that uses DHCP, keep the client IP addresses fixed. WWLogger, SuiteLink and Network Load Balancing all rely on permanently assigned IP addresses to identify clients. Install Terminal Services as a stand-alone server. We strongly recommend that you not run Terminal Services on any computer that also acts as a database server (such as IndustrialSQL Server), RAS server, PPTP server, or domain controller. Terminal Services is designed to perform like Windows 2000 Professional at the end-user level, and it will not assign top priority to critical domain-level processes. Installing Terminal Services on any of these servers can significantly degrade performance.

37 Project Planning 37 The location of the terminal server will mostly depend on how information flows from the plant floor. Unlike the traditional client-server relationship in which the desktop client is communicating directly with the I/O servers and databases, terminal server creates an indirect communication path from the client to the terminal server and then to the destination server. This is demonstrated below, which depicts the data flow and bandwidth requirements between the TS clients and terminal server. IndustrialSQL Server and the I/O servers are no longer in direct communication with the clients. Instead, clients communicate with them only through the terminal server. This way, the high bandwidth requirement exists only between the terminal server and the other servers. The bandwidth requirements between the clients and terminal server are much lower. The RDP and ICA protocols offer similar performance, and on average have a utilization of approximately 20Kbps per user session.

38 38 Chapter 2 Expanding to the WAN By deploying TS clients at remote locations and only sending the RDP or ICA traffic across the wide area, you can realize the same bandwidth savings as on a LAN. The functional difference between a WAN and LAN is that the WAN requires switches to route information to the destination. The figure below illustrates the best use of such a network. Only the RDP and ICA traffic traverses the wide area connections. All the bandwidth-intensive processing requirements are located at the same physical location as the high-speed switching backbone. The information you gathered while documenting your "as-is" environment is now very critical to understanding bandwidth requirements, latency issues, and data flow requirements. Note Printing considerations are important! When assessing Terminal Services across a WAN (and to some extent a LAN), you need to pay particular attention to the location of printers and how clients have been configured to access them. If an operator prints to a local printer that resides on the operator's LAN but across a slow link from the server running Terminal Services itself, the print job is spooled across the slow link to the printer. This adds to the bandwidth requirements for Terminal Services because the network is required to handle print traffic as well as keystrokes, mouse events, and screen updates.

39 Project Planning 39 Choosing a License Server The Terminal Services Licensing service is a separate entity from Terminal Services. In most large systems, the license server will be deployed on a separate server although it can be co-resident on the terminal server in some smaller systems. Regardless of where it resides, Licensing is a low-impact service. It requires very little CPU or memory for regular operations, and its hard disk requirements are small, even for a significant number of clients. The license server must be discoverable by the terminal servers. For a Windows 2000 domain, this means the license server must be deployed on a domain controller. The terminal server will discover the license server by enumerating its domain controllers and checking for Terminal Services Licensing. It is also possible to deploy a license server in a Windows 2000 network on a site basis. This approach, known as the enterprise-licensing configuration, can be selected at installation. It will allow any terminal server in the same physical site to discover the Licensing service, even across domain boundaries. This configuration does not support discovery from remote sites within the network. Note In determining the location of a license server, discoverability is the most critical factor. A domain, site or workgroup hosting terminal servers must also host a license server. For critical applications, there should be at least two discoverable license servers to ensure high availability. Once a terminal server has discovered a license server it will continue to use that as long as it is available. The terminal server will communicate with its default license server about once an hour to assure it is still present. If it cannot find the default license server, the terminal server will seek another provider.

40 40 Chapter 2 Note Terminal Services Licensing only runs on Windows 2000 Servers, and only manages licenses for Windows 2000 Terminal Services. Integrating with the FactorySuite Terminal Services for InTouch is the only Wonderware product currently supported on a terminal server. Other components of the FactorySuite must be installed on a separate computer. The following describes limitations you will encounter when integrating Wonderware products with Terminal Services for InTouch: NetDDE is limited to console (server) use only, because of the \\node\application topic!item naming convention. Since several sessions share the same node, NetDDE cannot differentiate between sessions. A client will not connect, even if it is the first user to connect to NetDDE. If DDE is selected for a particular Access Name, SuiteLink will be used. This will impact the ability to communicate to certain I/O servers and Microsoft Office products (such as Excel) that depend solely on DDE. For these situations, a tagname server can be used. A tagname server is an application that contains only InTouch QuickScripts and tagnames. By running it on the console or separate machine, you now have the ability to communicate using both DDE and SuiteLink. An instance of WindowViewer running on the terminal server acts as a tagname server. The tagname server uses NetDDE to communicate to the I/O server using DDE, and SuiteLink to communicate to the desired session. The sessions, therefore, have an indirect connection to the DDE I/O server.

41 Project Planning 41 For more information on how to configure a tagname server, see "Creating a Tagname Server Application" section of the InTouch User's Guide. Note The diagram above shows a common network for both the clients and normal data traffic. Based on the "as-is" LAN analysis, you may need to separate the networks or install switched hubs to provide adequate bandwidth. SPC Pro, InTrack, and InBatch are currently not supported. However, you can still access data using any database query tool or ActiveX control. AlarmSuite Logger must be disabled on the terminal server. AlarmSuite does not support multi-user configuration. You must use a tagname server on a separate computer to log alarms to the database. However, you can use AlarmSuite ActiveX controls in the WindowViewer sessions to query and display alarms. I/O servers must be Windows 2000 Server Ready to run on a terminal server. They must run on the console and not as a session. All other I/O servers must be installed on a separate computer as shown above. IndustrialSQL Server cannot import tagnames from InTouch running as a session. IndustrialSQL Server accepts only one Tagname.x database from each node. Use a tagname server to aggregate the tags you want stored and import these tags. The tagname server may run on the terminal server console or on a separate computer.

42 42 Chapter 2 The terminal server acts as an application server, running the WindowViewer sessions. A separate computer acts as a data server, running IndustrialSQL Server, I/O servers, and if necessary, a tagname server. In this situation, you need a tagname server to import Memory or System tagnames to IndustrialSQL Server. Note The diagram above shows a common network for both the clients and normal data traffic. Based on the "as-is" LAN analysis, you may need to separate the networks or install switched hubs to provide adequate bandwidth. Choosing the Right Client Available client computers range from desktop replacements to industrial display panels. They all connect to terminal server using a small client program installed on disk or in firmware. The choice of which client platform to use depends on the currently installed base and operator interface needs. Your client computer must be able to communicate to terminal server using the RDP or ICA protocol. ACP Enabled Thin Clients embed a version of ICA. A feature comparison among the three options is shown below: Note The column marked ACP+ICA means that both ACP ThinManager and Citrix MetaFrame (ICA) are installed on the terminal server. Feature Description RDP ICA ACP+ ICA Clients 32-bit client for Windows based PCs (Windows x x 95, Windows 98, Windows NT N/A 1 Workstation/Server 3.51, Windows NT Workstation/Server 4.0, Windows 2000 Professional/Server) 16-bit client for Windows for Workgroups 3.11 x x N/A 16-bit client for older versions of Windows and x N/A the MS-DOS operating systems Windows CE-based client (Windows-based x 2 x N/A Terminal Standard and H/PC Pro) UNIX client, Macintosh client, Java client x N/A Browser client x 8 x x 10 Thin client enabling for x86 based PC platforms x 14 Transport Protocols Network connections TCP/IP x x x SPX, IPX, NetBEUI, and Direct Asynch x Connect client over local area network (LAN) x x x Connect client over wide area network (WAN) x x x 11 Connect client over dial-up, ISDN, xdsl, VPN x x x 11 Dial-up connection directly to the server without using a dial-up service such as RAS x

43 Project Planning 43 Feature Description RDP ICA Audio System beeps x x x Support for stereo Windows Audio (system and x x 12 user) Local Printing Printing to a local printer attached to a PC client x x N/A Printing to a local printer attached to a WBT x x N/A Printing to a local printer attached to a thin client x x x Local Drive Mapping Local I/O Cut and Paste User-centric session access Application Publishing Load Balancing Failover Remote Control Bitmap Caching Local drives accessible from server-based applications Redirection of server COM ports (COM port remapping) High speed serial transfer module (up to 115 KBps) Touch screen support out of the box (Elo and MicroTouch) Profibus module DeviceNet module ControlNet module Cut and paste of text/graphics between client and server Cut and paste of files/directories between client and server Client remembers previous user's logon name for each connection Connect to an active or disconnected session using a different screen resolution than the original session Connect directly to an application (InTouch) rather than an entire desktop Server-based applications resize and minimize on a Windows PC similar to local applications Advertise server-based applications directly to client desktops Pooling of servers behind a single server address and for increased availability Client connects to alternative terminal server if its terminal server fails Automatic failover without operator intervention x 4/7 x x 13 x 3 x x x x x x x x x x x 4 x x x x x x x N/A x 5 x 5,6 x 5,6 x X 5 x 5,6 x Viewing and interaction with other sessions x x x Optionally cache display bitmaps to disk for improved performance ACP+ ICA x x N/A x

44 44 Chapter 2 Feature Description RDP ICA Encryption Automatic Client Update Pre-configured Client Client Management Multiple-level encryption for security of client communications Multiple-level encryption on all Windows CEbased terminals Administrative means for updating client connection software from the server Predefined client with published applications, IP addresses, server names and connections options Auto-creation of clients Remote administration Remote reboot Auto-replacement Remote initiation of touch screen calibration OCX for client management embeds into Wonderware x x 6 x 6,13 1. Not Applicable 2. Windows CE RDP 5.0 client is available with WBT Standard 1.5. Consult your WBT manufacturer for availability. H/PC RDP 5.0 client is not currently available. 3. Available with 3rd party add-on from NCD. 4. Using Windows 2000 Server Resource Kit utilities. 5. Requires Windows 2000 Advanced or Datacenter Server, or 3rd party addon from NCD or Clusterisis. 6. Requires optional Load Balancing Services or SecureICA Services in addition to Citrix MetaFrame. 7. Uses Windows native networking. 8. Using the Terminal Services Advanced Client Web package. 9. Using Microsoft Systems Management Server, Intellimirror management technologies or 3rd party utilities in conjunction with the Terminal Services Advanced Client MSI package. 10. ACP Enabled thin clients are already connected when the browser loads. 11. Connects over WAN or dialup using TCP/IP. 12. Requires Citrix MetaFrame. 13. Release To Be Announced. 14. Vendors currently include: Advantech, Ann Arbor, Christensen Displays, Contec, HMW, Nematron, and Xycom. x x 9 x x x x x ACP+ ICA x x x x x x

45 Project Planning 45 Improving Reliability Moving InTouch applications and related software to a terminal server will save time and money, but will also increase your dependency on a single piece of equipment. Your risk identification will not only include possible failures that can interrupt access to terminal server but the chance that the server itself will fail. A single point of failure is any component in your environment that can block data or shutdown a critical operation. Maximum reliability is achieved when you: Minimize the number of single points of failure. Provide mechanisms that maintain service when a failure occurs. The table below lists common points of failure in a server environment and describes whether you can protect the point of failure by using load balancing or by using a third party solution. Failure point Load balancing Other solutions Network hub N/A Redundant networks Power outage N/A Uninterruptible power supply (UPS) Server connection Fail-over N/A Disk Fail-over Hardware or software RAID, to ensure against the loss of specific data on a specific computer and to provide for uninterrupted service. Other server hardware such as CPU or memory Server software such as the operating system or specific applications Wide area network (WAN) links such as routers and dedicated lines Fail-over Fail-over N/A Spare components such as motherboards and small computer system interface (SCSI) controllers (any spare components need to exactly match the original components, including network and SCSI components). N/A Redundant links that provide secondary access to remote connections Network Load Balancing Services is a feature of Windows 2000 Advanced Server. The principal goal of load balancing is to provide increased reliability. A cluster of two or more terminal servers ensures that if one fails, another computer will be available. Tip Use servers that are engineered, built, and tuned specifically for thinclient computing. Unisys ES Series servers are such computers. For more information, refer to their web site, Note ACP ThinManager 2.3 or later also includes fail-over capability. You can configure multiple terminal servers so that one is a primary server and the rest are secondary servers. If the primary fails, terminals will automatically connect to the secondary.

46 46 Chapter 2 For information on how to configure load balancing, see "Network Load Balancing" in Chapter 3, "Deployment," Building the Master Project Plan All members of the project team contribute to the project plan by producing planning and scheduling documents describing how they will create the system or service as defined in the functional specification. The project plan includes approach, dependencies, assumptions, and budget information and refines the agreement of the vision/scope document between the team and customer. The project team should have a number of major deliverables ready before the project plan is completed and the Project Plan Approved Milestone is reached. These major deliverables include: The environment analysis should contain a comprehensive assessment of the technical infrastructure as it currently exists. The functional specification should provide the beginning of the deployment plan. The physical design should detail the actual plan of action. The risk assessment should be updated with current information. After the team has created the master project plan and started the project, they should update the data on a regular basis. The project team should also review the project plan regularly to determine if the project is on time and on budget.

47 Deployment 47 C H A P T E R 3 Deployment This chapter provides you with the necessary steps to deploy Terminal Services for InTouch and how to modify your existing applications to run in a servercentric environment. It also includes instructions to remotely control sessions and how to install Network Load Balancing for improved reliability. Contents Deploying a Pilot Terminal Server Server Hardware Requirements RDP Client Hardware Requirements Installing Terminal Services Terminal Services Licensing Defining Security Changing a Desktop into a RDP Client Installing Terminal Services for InTouch Modifying Applications Running WindowViewer Running WindowMaker Assessing the Pilot Deployment Deploying Terminal Server Throughout your Environment Network Load Balancing Terminal Services Advanced Client Best Practices Deploying a Pilot Terminal Server The goal of the Scope Complete/First Use Milestone is to test Terminal Services for InTouch in a controlled environment and to begin the deployment process by installing a pilot server into a group engaged in real-world activity. Validating the physical and logical designs is perhaps the most important task in the deployment process. Failure to properly test applications and architectures could lead to costly mistakes or could inhibit critical tasks.

48 48 Chapter 3 The ideal environment for validating your design is a test laboratory that simulates the environment of the actual deployment as closely as possible. The test lab will function as a miniature version of the organization itself, enabling the team and the assigned pilot group to see Terminal Services for InTouch in action before deployment. Good group communication is a vital part of a successful pilot deployment. Before deployment begins, establish the communication framework your team and pilot group will be using. The Bugs and Issues database should be used to track and resolve issues during this phase. The first step in the pilot deployment involves preparing a test lab. The test lab will consist of one or more terminal servers and a number of client terminals. The physical design should be used as a guide to specify hardware and software requirements. Server Hardware Requirements Terminal Services for InTouch must be installed on a new Windows 2000 Server or Advanced Server. Do not upgrade from a Windows NT system. The following table provides recommended hardware platforms based on "Best Practices" outlined in this guide. They should give you good performance with a representative InTouch application. Recommended Hardware Based on "Best Practices" CPU 1 Physical Memory Virtual Memory 2, 3 4 Number of Clients Pentium III 450 MHz 384 MB 960 MB 5 Pentium III 500 MHz 1024 MB 2560 MB 15 Pentium III 700 MHz 2048 MB 5120 MB Multi-processors can improve performance. 2. Add 128 MB RAM for Windows 2000 Advanced Server. 3. Memory requirements depend on application load and the number of users connected. RDP will need MB per user running InTouch, while ICA will require slightly more. 4. Virtual memory (page file size) should be 250% of the physical memory. Note A good way to estimate how many users a server can support is to measure system performance with two to five users on the system, and then scale the results. For more information on analyzing system performance, see "Monitoring Performance." For more information on optimizing the operator's experience, see "Best Practices."

49 Deployment 49 Hard Disk Space One or more hard disks with a minimum of 2 GB on the partition that will contain the system files. The use of RAID, Redundant Array of Inexpensive Disks, will help prevent loss of data and server downtime. Networking 10/100Mbps network adapter card. Network that uses the TCP/IP protocol. Other Drives CD-ROM drive A high-density 3.5 inch disk drive as drive A, unless: The computer supports starting the Setup program from a compact disc. You are installing Windows 2000 over a network. Accessories Keyboard, mouse (or other pointing device) and a monitor (VGA or better). View with resolution of 800X600 or higher. A UPS (Uninterrupted Power Supply). Note Before you install Windows 2000, verify that your hardware is on the Windows 2000 Hardware Compatibility List (HCL). Because Microsoft provides tested drivers for only those devices that are listed on the Windows 2000 HCL, using hardware that is not listed on the HCL may cause problems during and after installation. You can find the most recent version of the HCL on the Internet at Examining Peripheral Devices that Affect Performance Peripheral devices can also affect the performance of a server running Terminal Services: Hard disks. Disk speed is critical for terminal server performance. Small computer system interface (SCSI) disk drives, especially devices compatible with Fast SCSI and SCSI-2, have significantly better throughput than other types of drives. Network adapter. A high-performance network adapter is recommended, especially if users require access to data that is stored on network servers or client/server applications such as Wonderware InTouch. Using multiple adapters can significantly increase network throughput.

50 50 Chapter 3 RDP Client Hardware Requirements Clients that run Terminal Services are not required to have much processing power. For example, a Pentium with 32 MB of RAM and a VGA video card is sufficient. Therefore, it is very easy to integrate Terminal Services into a network that has older computers and equipment. Note Using a standard VGA card may limit your display size and color depth. There will be some performance considerations depending on the model of the client you are using. For example, a device that uses Microsoft Windows CE as its operating system will not operate as quickly as the same device would if it used Linux. Installing Terminal Services You can install Terminal Services on the server during Windows 2000 Server Setup, or you can install Terminal Services after Setup through Add/Remove Programs in the Control Panel. For detailed instructions on installing Terminal Services, see the installation instructions in the ReadMe file on your Terminal Services software CD. Terminal Services Licensing Licensing requirements are based on the installed software products and the number of clients that will be connecting to a terminal server. Once you have enabled Terminal Services Licensing on a machine, the next step is to activate the license server and install appropriate client access licenses (CALs). License Purchase Each client requires one of the following licenses to gain access to the terminal server: Terminal Services Client Access licenses (TS CALs). These licenses are purchased for known, non-windows 2000 devices connecting to a terminal server. Built-in Licenses. Clients that are running the Windows 2000 operating system are automatically licensed as Terminal Services Clients. Temporary licenses. When a terminal server requests a client access license and the license server has none to give, or if a license server has not yet been discovered, it will issue a temporary license. A terminal server will accept connections from unlicensed clients for 90-days. This period is known as the license server grace period.

51 Deployment 51 Note Terminal Services Licensing is in addition to other licenses that might be needed, such as FactorySuite licenses, operating system licenses, and any BackOffice family Client Access Licenses. If you purchase ThinManager from ACP, it only includes the necessary licenses to run ThinManager and Citrix Devices. The licenses mentioned above are still required. Activate a License Server A license server must be activated in order to certify the server and allow it to issue client licenses. A license server is activated using the licensing wizard, which is located in the Terminal Services Licensing tool. There are four connection methods to activate your license server: Internet, Web, Phone, and Fax. Internet is the quickest and easiest. All four methods access the Microsoft Clearinghouse, which is a facility to activate license servers and to issue client license key packs to the license servers that request them.

52 52 Chapter 3 To activate the license server 1. Start up the Terminal Services Licensing program by clicking Start on the Windows Taskbar, pointing to Programs, pointing to Administrative Tools, and then clicking Terminal Services Licensing. The Terminal Services Licensing dialog box appears. 2. On the Action menu, click Activate Server. 3. The Licensing Wizard welcome screen appears. 4. Click Next. 5. Choose your connection method (explained above). 6. Follow the instructions in the wizard. Install Licenses Installing licenses supports the same four methods of license server activation. When you install licenses, you will be asked for information regarding your purchase of the licenses. Depending on how you obtained your licenses, the information requested may include your Microsoft Enterprise or Select Enrollment Agreement number, your Microsoft Open License and Authorization numbers, or your 25-character License Code if you are a retail customer. The License Code can be found in your Microsoft License Pak (MLP) packaging. When installing a License Code from an MLP, choose Other as your licensing program when prompted. If you obtained your licenses from a program or a method not listed above, please consult your program documentation for more information.

53 Deployment 53 Client Licensing After you have installed your licenses, the license server can begin deploying them. The terminal server initiates the actual client license distribution. When a client attempts to connect to a terminal server, the terminal server will check that the client is fully licensed. A client that possesses a valid CAL or a client that is running Windows 2000 operating system will be allowed to connect, with no need for the terminal server to communicate with the license server. If a client has no license, or has an expired temporary license, the terminal server requests a permanent TS CAL for the client. The license server than checks its database. If it has a TS CAL available, it will mark that license as taken by that client and remove it from the available pool. A certificate for that license is sent to the terminal server, which then pushes this certificate down to the client where it is stored. The client will present this certificate on subsequent terminal server connections as proof of license. Any terminal server will accept the certificate. License Recovery Issued TS CALs lost from the client device due to events such as hard disk failure, inadvertent reformatting, device swap-out, or un-issued licenses lost due to a license server crash will need to be re-issued by the Clearinghouse. To get the licenses re-issued, use the phone connection method to contact a Microsoft Terminal Services Licensing customer service representative. The customer service representative will require the License Server ID to re-issue the licenses. For more information regarding Terminal Services Licensing, see tslicensing.asp Defining Security A proper security implementation is a critical component of any computerbased control system. The default security of the Windows 2000 operating system is not nearly sufficient for any production deployment. Of course, security is not simply to protect against malicious attack, but more often from human error. Often, a major problem is introduced by a simple mistake. On a terminal server, you can not afford to provide the operators with the opportunity to make such mistakes. Because of the multi-user nature of Terminal Services, we strongly recommend that you consult with a Windows 2000 Security professional. Without proper security, users can have access to any directory and file on the server, including important system files and InTouch applications.

54 54 Chapter 3 Session Security Connection settings and security control not only access to a terminal server through the Terminal Services Client, but also how a user can interact with other users on the server. Connection security is managed through regular Windows 2000 users or groups. We recommend that you never control client connection access through individual user accounts even when dealing with only a single server. The administrative work required is much greater than that for using groups. Accordingly, the following local groups should be defined: WW_Admins Members of this group will have administrative connectivity rights on the terminal server. They will be able to perform all functions on other sessions including logging off, disconnecting, and resetting any session. WW_Users Members of this group will have only user connectivity access on this server. This is the preferred choice for operators. WW_Users_RC Members of this group will have user connectivity access in addition to the ability to remotely control other users. This group is optional, and accommodates users who require this privilege, such as support engineers. To create terminal server local groups 1. Click Start on the Windows Taskbar, point to Programs, point to Administrative Tools, and then click Computer Management. The Computer Management dialog box appears.

55 Deployment In the Tree, under Local Users and Groups, right-click the Groups folder. 3. Click New Group. 4. Add the three recommended local groups. After the local groups have been created, the next step is to configure the connection security for these groups. The tool that you will use to manage connection settings and security is the Terminal Services Configuration program. To configure connection security 1. Click Start on the Windows Taskbar, point to Programs, point to Administrative Tools, and then click Terminal Services Configuration. The Terminal Services Configuration dialog box appears listing all of the created connection types for the terminal server in the right pane. Note When configuring security, make sure that you set the security for each of the connection names that exist. Setting them for one will not automatically set them for all. 2. Double-click RDP-Tcp. The RDP-Tcp Properties dialog box appears.

56 56 Chapter 3 3. Click the Permissions tab to activate the Permissions property sheet. Note The RDP-Tcp Properties property sheet provides global settings that override individual user settings. If you are having problems getting a particular user setting to work (such as auto-logon), remember to refer to this window to determine if there is a conflicting global setting. 4. Select all the listed groups except SYSTEM, and then click Remove. The default groups are not appropriate for managing access to your terminal server for the following reasons: Administrators group This group is granted full control for connections. Although the local Administrator certainly needs access to the server, we prefer not to use this group to assign this right. The main reason is because the Administrators group automatically includes the Domain Admins group when the terminal server is added to a domain. Such administrative users should not have full control of this server. Users group Under most circumstances, you will not want to have any user accessing the terminal server. If you wanted to restrict a user's access for any reason, the only way to do so would be to remove them from the Domain Users group, which would also restrict them from accessing other non-ts domain resources.

57 Deployment Add the three recommended groups mentioned earlier, assigning them the following permissions: Group WW_Admins WW_Users WW_Users_RC Permissions Full Control User Access Special Access (User Access + Remote Control) To set the privileges for the WW_Users_RC group, begin by assigning it the User Access privileges. Then click Advanced to view the Access Control Settings for RDP-Tcp dialog box. Select WW_Users_RC and then click View/Edit. Check the Allow box for Remote Control. 6. Click OK. User Account Management Windows 2000 user account options are valid for Terminal Services. Organizational policy should guide you on the appropriate settings for passwords, time restrictions and auditing.

58 58 Chapter 3 To configure users to access a terminal server 1. Click Start on the Windows Taskbar, point to Programs, point to Administrative Tools, and then click Computer Management. 2. In the Tree, open the Users folder under Local Users and Groups. Double-click a desired user to open the ASTCLIENT205 Properties dialog box. 3. Click the Member Of tab to activate the Member of property sheet. 4. Remove any default groups and add the appropriate Wonderware group and the Power Users group. Note Terminal Services for InTouch supports only two security groups under the Windows 2000 operating system: Administrators and Power Users. Wonderware strongly recommends that you do not allow users to connect to a terminal server with administrative rights. Such users have global access to all user files, and the ability to shutdown the server (even by mistake).

59 Deployment 59 Changing a Desktop into a RDP Client Once the server connections have been configured and user accounts created, the next task is to configure the desktop computers as TS clients. Client Installation Disks Windows 2000 includes the Terminal Services Client Creator administrative tools with which you can create installation disks for the client software. After the software is installed on the client, the client will be able to connect to a server running Terminal Services. To create client installation disks 1. Open Terminal Services Client Creator. 2. Select the type of Terminal Services client software that you want to create. There are three options: Terminal Services for 16-bit windows (requires 3 disks) Terminal Services for 32-bit x86 windows (requires 2 disks) Terminal Services for 32-bit Alpha windows (requires 2 disks) 3. Insert a disk into the destination drive. 4. After copying the files to the disks, close the Create Installation Disk dialog box, or click OK to create more disks. Client Connection Properties After you have installed the Terminal Services Client software on a client device, you will need to configure the connection properties. The Client Connection Manager is a simple tool for connecting to a terminal server. The preferred approach is to connect immediately upon logon to the local desktop. To configure client connections 1. Click Start on the Windows Taskbar, point to Programs, point to Terminal Services Client, and then click Client Connection Manager. 2. On the File menu, and then click New Connection. The Client Connection Manager Wizard will start.

60 60 Chapter 3 3. Click Next. The first Client Connection Manager Wizard dialog box appears. 4. In the Connection name box, type a description for your connection and the actual name or IP address of the server.

61 Deployment Click Next. The second Client Connection Manager Wizard dialog box appears. 6. Select the Log on automatically with this information option, if you want this connection to automatically log on to the server. 7. In the User name, Password, and Domain boxes, type the desired logon information. Tip Only enter user names that are members of the Power Users group. These users have adequate permissions to run InTouch, but are restricted in accessing system files and shutting down the server. Note If the terminal server connections have been configured to not allow automatic logons, this information is ignored.

62 62 Chapter 3 8. Click Next. The third Client Connection Manager Wizard dialog box appears. The third Client Connection Manager Wizard dialog box allows you to select the screen resolution for the session, and whether or not it will open full screen. The maximum screen resolution you can select cannot exceed what your desktop is currently configured for. You can always select a resolution smaller than what you currently have. Selecting Full Screen will completely hide the local desktop behind your terminal server connection. You will not have a title bar, nor will you be able to minimize your session. You will still have the ability to switch to any applications that are running locally, but you will not have direct access to the local desktop. Tip Select Full Screen with the same resolution as your current desktop resolution. If a lower resolution is selected, the unused space will appear simply as a black border.

63 Deployment Click Next. The fourth Client Connection Manager Wizard dialog box appears. The fourth Client Connection Manager Wizard dialog box provides connection options to improve the performance of the session. 10. Select the Enable data compression option if you will be connecting to a low-speed network such as a dial-up or Internet. 11. Select the Cache bitmaps option to store commonly used bitmaps, like the one used to display the Start button, in a file on the client computer. This improves performance by minimizing the amount of display information that must be passed over a connection. You should have 10MB of free hard-drive space to support this feature.

64 64 Chapter Click Next. The fifth Client Connection Manager Wizard dialog box appears. 13. The fifth Client Connection Manager Wizard dialog box allows you to specify whether you are going to be running a complete desktop on the terminal server, or whether you will run a specific application. For now, accept the default to open a desktop. Tip Before deploying the pilot server, start InTouch using this connection and select the desired application to run. Afterwards, you can enable the Start program option to only run WindowViewer. To configure the connection to automatically start WindowViewer, see "Configuring Start Program."

65 Deployment Click Next. The sixth Client Connection Manager Wizard dialog box appears. 15. The sixth Client Connection Manager Wizard dialog box allows you to change the icon for the connection that is being created and also to specify the program group where a shortcut to this connection will be automatically created. Tip Select the Startup program group to automatically connect after the operator logs-on to the desktop. This will resemble WindowViewer running as a service. Remember that the operator can disconnect from the terminal server and log-off from the local desktop with WindowViewer still running on the server. The next time the operator logs-on, they will return to the InTouch application as if they never left. 16. Click Next. A dialog box displaying a brief summary of the new connection you have created appears. 17. Click Finish to complete the connection setup. Installing Terminal Services for InTouch To install the Terminal Services for InTouch, you must log on to the server running Terminal Services by using the built-in Administrator account.

66 66 Chapter 3 Note If you have already installed a Non Terminal Services version of InTouch, it is not possible to upgrade to a Terminal Services version of InTouch. It is, however, possible to upgrade from a previously Terminal Services version of InTouch to the latest version. For detailed instructions on installing Terminal Services, see the installation instructions in the ReadMe file on your Terminal Services software CD. Modifying Applications Once the pilot terminal server has been deployed, the next step is to install and test the applications. Validation is best achieved with the help of a pilot group, which is made of qualified individuals who will show a tangible improvement or benefit. They should possess a relatively high-level of technical expertise so they can understand and report issues and describe how to reproduce them. Software Testing and Validation Software testing is always important, but is especially true for Terminal services. The impacts of a poorly tested application unleashed into production are an order of magnitude greater than those in a standard desktop. This is why testing and piloting is stressed so much more than they might be during a regular desktop deployment.

67 Deployment 67 After you have the applications installed on the test server, you should run some initial testing. At a minimum, verify that you can log on to the server for every user, inspect security settings, and launch InTouch. Continue only when the team is comfortable that the terminal server is working properly. When the application is working properly for the single user, the next step is to increase this to two to five users. The reason for this is to ensure that the software continues to function when multiple instances are being run on the same computer. After the application has successfully gone through multi-user testing, the last task is to examine the load that InTouch will introduce. This can actually be started during the single-user testing because sever performance problems may be noticed immediately. It is at this point that benchmarks from the "as-is" deployment phase can be evaluated to determine if the intended benefits can be realized.

68 68 Chapter 3 Known Issues and Limitations The following table describes the limitations and suggested work-around you may need to implement when running applications on a terminal server. Wonderware is aggressively resolving many of these issues in the next release. Feature Supported? Comment AlarmSuite Logger No Use a tagname server (separate computer only) DDE to an I/O Device or MS Office 2000 (for example, Excel) DDE from MS Office 2000 (for example, Hot-link configured in Excel) No Yes Use a tagname server (console or separate computer). This includes DDE QuickScripts: WWExecute(), WWpoke() and WWRequest() Excel and InTouch must be running in the same session Historical Trending Yes Use a tagname server or NAD to log values. Multiple sessions may read the same historical files InBatch No In work - to be supported in a future release InControl Yes InControl must run on the console, and requires v7.1 Patch 03 or later. InSQL Active Controls (OLE DB) Yes InSQL should be on a separate computer InTouch Alarm Logger No In work - to be supported in a future release InTrack OLE Automation No In work - to be supported in a future release "Playsound" QuickSript Yes Requires Citrix MetaFrame Retentive tags Yes Must use NAD SPC Pro No SQL Access (ODBC) Yes Database should be on a separate computer SuiteLink to an I/O Device or another InTouch application. Yes When communicating to another view session, include the terminal server Node name and append the IP address of the desired session to the Application name. For example, view

69 Deployment 69 Starting Local I/O InTouch cannot start I/O servers in a terminal server environment. To avoid receiving an "Initializing I/O" error message when WindowViewer starts, turn off the Start Local Servers option on the WindowViewer General property page. Note Depending on the sequence that view sessions start, you may need to execute the IOReinitialize QuickScript. Remember ALL servers (I/O devices or view applications) must be running before starting an application that reads values from these servers. Script Execution Because all applications running on a terminal server use a single timing reference (server clock), there is a chance that scripts may not execute during abnormal CPU loading. Abnormal CPU loading can be caused by excessive video processing or when several applications have the same script triggers defined (such as an End-of-Shift event). It is possible, therefore, that if the server is busy processing scripts from many clients, it may not start a script on another client during the interval when the timer would normally start the script. This may cause the script on that client to not execute.

70 70 Chapter 3 To ensure proper script execution, combine scripts with common triggers and move them to a single application, such as a tagname server. This is one of the primary reasons for pilot deployment. Pilot deployment gives you an opportunity to perform "what-if" scenarios and determine if your hardware selection is adequate. Converting Color Palettes The current version of Terminal Services supports up to 8-bit color depth (256 color) graphics. Many InTouch applications make use of bitmap images that are 16-bit (65,536 colors) or 24-bit (1,677,216 colors) color depth. Attempting to display these higher color depth graphics at 256 colors will result in a dithering effect. Dithering is the computer's attempt to substitute the subtle variations between colors in a 16 or 24-bit image with one of the 256 colors available in the 8-bit palette. Note Citrix MetaFrame supports 16-bit color depth. If your image uses a large color palette, you may want to consider MetaFrame to maintain the quality of the display. Keep in mind, however, that an increase in color depth will increase network traffic, as more data needs to be transferred to the clients. To prevent the images from being displayed improperly, you can convert them using an image manipulation program. Adobe's Photoshop or Jasc's Paint Shop Pro are ideal for this purpose. Paint Shop Pro is available with a 30- day free evaluation download from the Jasc site at: To modify bitmaps within InTouch using Paint Shop Pro 1. Open Paint Shop Pro. On the File menu, point to Preferences, and then click File Format Associations.

71 Deployment Select the Windows or OS/2 Bitmap (*.bmp) option. (This option forces any file with the *.BMP extension to launch Paint Shop Pro instead of Microsoft Paint.) 3. Click OK to close Paint Shop Pro. 4. Start WindowMaker with the application that you want to modify. 5. Open the window that has the desired bitmap to be modified. 6. Right-click the bitmap object and select Edit Bitmap to launch Paint Shop Pro. The status bar in the lower right of the application window shows the size, color depth and file size of the graphic. 7. Click Color, Decrease color depth, 256 color (8 bit).

72 72 Chapter 3 8. Choose Standard/Web-safe palette, and the Error diffusion reduction method. 9. Click OK. Note that the status bar now displays the decreased color depth of the graphic and smaller file size. 10. Close Paint Shop Pro and click Yes when prompted to save the bitmap. Remember to save the window before closing WindowMaker.

73 Deployment 73 Running WindowViewer Running InTouch applications from a terminal server is no different than running them on a standard desktop. The multi-user functionality of Terminal Services for InTouch allows you to individually configure InTouch for every client. Configuration details are stored in the client's home directory. This is also the best place for NAD files because only the connected client can gain access their home directory. Home directories for Terminal Services Clients

74 74 Chapter 3 Selecting an Application Each client can run the same or different application. Simply connect to the terminal server as the client you want to configure, and launch InTouch Application Manager (INTOUCH.EXE). Configure InTouch as you would normally. Any changes are saved in the client's home directory. Note You will need to configure InTouch for every client that will connect to the terminal server. Configuring NAD for Terminal Services Network Application Development (NAD) is the preferred architecture on terminal servers. It is required for Historical Trending and Retentive Tagnames. NAD provides a separate application folder for every user, and if NTFS is used, adequate security. For more information on how NAD works, see Chapter 3, "Building a Distributed Application" in your online InTouch User's Guide. To configure NAD 1. From a client workstation, connect to the terminal server. The logon should be configured to view the session desktop. 2. Open the client's home directory. This is the corresponding user name folder in C:\Local Documents and Settings.

75 Deployment Create a new folder called NAD. Example: C:\Documents and Settings\Client202\NAD 4. Start the InTouch program (intouch.exe). The InTouch Application Manager dialog box appears. 5. Click the Node Properties tool or on the File menu, click Properties. The Node Properties dialog box appears with the App Development property sheet active. 6. Turn on the Enable Network Application Development option. 7. In the Local working directory box, type the path of the NAD directory you just created. 8. In the Polling period (sec) box, type the appropriate seconds for the polling period. 9. Select the appropriate Change Mode option. 10. Click OK. Repeat this procedure for every client that will be running InTouch. Configuring Start Program Wonderware strongly recommends that sessions only run InTouch. User profiles and the Client Connection Manager, both can be configured to start WindowViewer upon connection. Running only InTouch will avoid the confusion of a desktop within a desktop, and best resembles WindowViewer running as a service on standard desktops. The Client Connection Manager method is described below.

76 76 Chapter 3 Note Configure InTouch before automatically launching WindowViewer. The desired application must be selected, and NAD configured correctly. To automatically start WindowViewer upon connection 1. From a client workstation, start up the Client Connection Manager. 2. Right-click the connection you want to modify, and click Properties. The Properties dialog box appears with the General property sheet active. 3. Click the Program tab to activate the Properties dialog box. 4. Select the Start the following program option. 5. In the Program path and file name box, type the appropriate path for view.exe. 6. Click OK. The next time you log-on, WindowViewer will start the last application selected.

77 Deployment 77 Running WindowMaker WindowMaker is not designed for a multi-user environment. Only one person may edit an application at any time. If you ensure applications cannot be simultaneously modified, there are some noteworthy benefits of using WindowMaker in a Terminal Services environment. Remote configuration and Rapid Application Development using studio applications are two such benefits. Remote Development By launching WindowMaker in a session, you can modify applications as if you are sitting right at the development node. Remote development provides an easy way for off-site engineers to update applications without travelling to the site. The low bandwidth requirements of RDP make this far more efficient than modifying applications locally, and then downloading the files. Rapid Application Development Clipboard redirection is a feature of Terminal Services that allows users to cut and paste between applications running on the local machine and those running on the terminal server. If the local machine has WindowMaker installed, clipboard redirection can copy and paste any InTouch object. This enables Rapid Application Development by providing standard InTouch applications (referred to as studio applications) that others can easily access. Clipboard redirection is an alternative to WindowMaker's Import command. Architecture of a studio deployment is shown below:

78 78 Chapter 3 Studio applications include industry or company-standard graphics, scripts and window templates. They are stored on a terminal server and set for READ- ONLY so that any modifications are strictly controlled. A developer working on an application in the same office or across the world has immediate access to these studio applications. To copy/paste between a studio application and local application 1. From the client machine, connect to the terminal server, and launch WindowMaker with the desired studio application. Size the window so that it just covers half of the client's desktop. 2. On the client desktop, launch WindowMaker with the local application. Size the local application so that it covers the other half of the client's desktop. 3. On the local application, perform a Copy and Paste on any object to activate the local Windows clipboard. You only need to do this once. 4. On the studio application, open the desired window and right-click on the object you want to copy, and click Copy. WindowMaker running in a Session WindowMaker running locally

79 Deployment On the local application, right-click anywhere on the destination window. Click Paste to paste the object from the studio application to the local application.

80 80 Chapter 3 6. Position the object to the desired location. The copied object will include any animation links and tagnames that were part of the original object. Just like the Import command, tagnames will be converted to placeholder tagnames. For example, when a discrete tagname is copied, the tagname is prefixed with the three characters?d:. These tagnames will then need to be defined in the local tagname database. Assessing the Pilot Deployment The pilot deployment concludes with an assessment of the process produced by the deployment team with the assistance of the pilot group. This assessment is usually conducted in the form of a postmortem meeting. Use this meeting to discuss such things as any unresolved bugs, technical issues or problems that came up during the process, and information related to the risks identified earlier in the deployment. Present this information to the organization responsible for overseeing the deployment of Terminal Services for InTouch. The Scope Complete/First Use Milestone can then be achieved. Characteristics of a successful pilot deployment include: End-user satisfaction as indicated by the pilot group feedback A positive status report that the project team can present to management Permission to continue with the full deployment No major, unresolved application incompatibilities that prevented the pilot deployment from proceeding as planned.

81 Deployment 81 Deploying Terminal Server Throughout your Environment The last goal in the deployment process is the Release Milestone, which uses the knowledge gained in the other three milestones to complete the deployment and to prepare the infrastructure for ongoing maintenance and support. Having completed the pilot process, you are now prepared to move to a fullscale deployment. For the most part, the full deployment process resembles the pilot deployment process, but on a larger scale. Training end-users and those responsible for supporting the system should take place during this phase. Training too early when problems still exist will most likely create fear, uncertainty and doubt. If you have planned the project well and carried out the pilot successfully, the full deployment should proceed with few unexpected surprises or problems. Tip If you have existing InTouch applications, keep them on the desktop, and train the users on how to switch back and fourth between the terminal session and client desktop. This will minimize the impact on production if a problem occurs. The result of a successful deployment will be a satisfied customer or management unit, the satisfactory achievement of all primary goals, and an infrastructure that can be adequately maintained and scaled for the future. Providing Maintenance and Support Hopefully, the test lab is still functioning, and adequate supporting documentation has been provided. Use the test lab to train new users and to test any significant changes you want to make on the production machines. Remember to always disconnect all users from the server and prevent inbound connections from being established (for example, from an ACP Enabled Thin Client) before installing any new software. Monitoring Performance Detecting a processor bottleneck in Terminal Services is similar to detecting processor bottlenecks in Windows 2000 Server and Professional, but the baseline values for the counters may differ. Use the performance monitoring tools to monitor system performance and the effects of configuration changes on system throughput. Among the most important measurements for performance monitoring are: Processor utilization Hard-disk I/O rates Memory utilization Pagefile activity Network utilization

82 82 Chapter 3 Task Manager Task Manager provides information about programs and processes running on your computer. It also displays the most commonly used performance measures for processes. Use Task Manager to monitor key indicators of your computer's performance. You can quickly see the status of the programs that are running and end programs that have stopped responding. The default setting only shows processes running on the console. Select Show processes from all users to include processes running in sessions. Performance Monitoring (MMC snap-in) System Monitor and Performance Logs and Alerts are available snap-ins for the Microsoft Management Console (MMC). They provide detailed data about the resources used by specific components of the operating system and by server programs that have been designed to collect performance data. Graphs provide a display for performance-monitoring data, logs provide recording capabilities for the data, and Alerts send notification to users by means of the Messenger. Terminal Services adds the Terminal Services and Terminal Services Session objects and their counters to the set of objects you can observe using System Monitor. The most significant counters for evaluating server and network performance are the following:

83 Deployment 83 Processor\ % Processor Time is the percentage of time that the processor is executing a non-idle thread. It can be viewed as the percentage of the sample interval spent doing useful work. This counter displays the average percentage of busy time observed during the sample interval. Generally, it should be less than 85 percent. System\ Processor Queue Length is the instantaneous length of the processor queue in units of threads. All processors use a single queue in which threads wait for processor cycles. After a processor is available for a thread waiting in the processor queue, the thread can be switched onto a processor for execution. A processor can execute only a single thread at a time. Windows Terminal Services can sustain a processor queue length of 10 to 12 threads per processor and still provide acceptable performance. It is important to note that the processor queue length is an instantaneous count, not an average over the time interval. Processor\ Interrupts/sec is the average number of hardware interrupts the processor is receiving and servicing in each second. This value is an indirect indicator of the activity of devices that generate interrupts, such as the system clock, the mouse, disk drivers, data communication lines, network interface cards and other peripheral devices. You can use this counter to identify any device drivers that may be consuming an unusually high amount of processor time. A dramatic increase in this counter value without a corresponding increase in system activity indicates a hardware problem. Memory\ Available MBytes is the amount of physical memory available to processes running on the computer, in Megabytes. Add more on-board RAM if available memory drops below 4Mbytes. Memory\ Pages/sec is the number of pages read from or written to disk to resolve hard page faults. (Hard page faults occur when a process requires code or data that is not in its working set or elsewhere in physical memory, and must be retrieved from disk). This counter displays the difference between the values observed in the last two samples, divided by the duration of the sample interval. Generally, more than 20 pages/sec indicates a problem. Network Segment\ % Network Utilization indicates how close the network is to full capacity. The threshold depends on your network infrastructure and topology. If the value of the counter is above 30 to 40 percent, collisions can cause problems. Note You must install the Network Monitor Driver in order to collect performance data using the Network Segment object counters. Terminal Services Session\ Private Bytes is the current number of bytes this process has allocated that cannot be shared with other processes. Process\ % Processor Time for each instance of view. This will show the percentage of processor time for each view instance. Process\ Handle Count for each instance of view. This will show the current number of handles being used for each view instance. Process\ Private Bytes for each instance of view. This will show the amount of memory that each instance is currently using.

84 84 Chapter 3 Note When viewing Process counters, instances of view will be differentiated by a number based on the start-up sequence. For example, view is the first instance started, view#1 is the second, view#2 is the third, and so on. Remote Control Remote Control is a feature of Terminal Services that allows one session to temporarily control another user's session. An engineer, for example can help troubleshoot the system without being physically beside the operator. The engineer can interact with the operator and execute commands on their behalf. Response time to resolve problems can therefore be improved. Note You can also remotely control ICA-based clients using the Terminal Services Manager utility. However, you cannot remotely control an ICA-based client from an RDP-based client, or vice versa. You must have adequate permission to remotely control another session. See "Defining Security" for more information. Remote Control from the console is currently not supported. To remotely control an operator workstation 1. Start up Terminal Services Manager. 2. Right-click the session you want to monitor, and then click Remote Control. The Remote Control dialog box appears. 3. Select the Hot keys you want to use to end a remote control session.

85 Deployment 85 Tip The default hot key is Ctrl+* (using * from the numeric keypad only). 4. Click OK. Before monitoring begins, the server warns the user that their session is about to be remotely controlled, unless this warning is disabled. Your session might appear to be frozen for a few seconds while it waits for a response from the user. When you want to end remote control, press Ctrl+* (or whatever hot key you have defined). Network Load Balancing Network Load Balancing Services (NLBS) is one of the clustering technologies available with Windows 2000 Advanced Server. A cluster is a group of independent computers that work together to run a common set of applications or services and provides an image of a single system to the client. With NLBS, you can enhance the availability of scalability of InTouch applications. Note Wonderware strongly recommends that you consult a Microsoft professional and perform adequate testing before deploying load balancing into production. Stand-by Server Option The following procedure will configure a stand-by terminal server. Normal operation has all InTouch applications running on one machine in the cluster (shown as the primary host in the figure below). If the server or network fails, sessions will freeze for roughly 10 seconds before acknowledging a disconnection. At that time, operators need to simply re-launch the connection. NLBS will automatically redirect all the log-ons to the stand-by server. When the primary machine is placed back into service, operators should log-off and launch their sessions again. Sessions will be directed to the primary host.

86 86 Chapter 3 Note If the operator disconnects by mistake, that session may become orphaned. See "Disconnection Timeout" for more information. Installation Caution! Installing NLBS is relatively straightforward. Howerver, incorrect settings may cause unpredictable operation or very poor performance. Familiarize yourself with Microsoft documentation on NLBS before following these instructions. Start with two terminal servers configured exactly the same. Both should be updated when applications are modified, or when users are added. In other words, one is a clone of the other. The only difference is that each has a unique IP address (NLBS calls them "dedicated" IP addresses). You will need to provide a virtual IP for the cluster (NLBS calls this the "primary" IP address), and choose which machine will be the primary host. Note Log-off all clients before installing NLBS. To install Network Load Balancing 1. On the Primary Host, open Network and Dial-up Connections.

87 Deployment Right-click the Local Area Connection on which load balancing is to be installed, and then click Properties. The Terminal Services Properties dialog box appears with the General property sheet active. 3. Select Network Load Balancing in the Components checked are used by this connection list.

88 88 Chapter 3 4. Click Properties. The Network Load Balancing Properties dialog box appears with the Cluster Parameters property sheet active. 5. Type a Primary IP address, Subnet mask, and Full Internet name to represent the cluster in their respective boxes. The Primary IP address must be a static IP. The full Internet name is used only for remote administration and is used as an identifier for the cluster. 6. If you are using a single network adapter, select the Multicast support option to allow the network adapter to handle traffic both for the cluster and dedicated IP address. Note Use two or more network adapters whenever possible. A second network adapter can boost overall network performance and speed-up access to back-end databases.

89 Deployment Click the Host Parameters tab. Host parameters configure the cluster machine's native IP settings and how the cluster loads. 8. In the Priority (Unique host ID) box, type a 1 (one). The Priority (Unique host ID) setting is used to determine which server in the cluster is considered the manager that receives incoming requests and routes them to other serves in the cluster. The server with the lowest ID performs this task. 9. Select the Initial cluster state option to start NLBS immediately when Windows 2000 is started. 10. In the Dedicated IP address box, type the actual machine IP address. The Subnet mask should also be same as the machine's subnet mask.

90 90 Chapter Click the Port Rules tab to activate the Port Rules property sheet. Port Rules allows you to configure individual machines in the cluster. The rules determine how the cluster balances the load among the machines in the cluster with rules for percentage-based balancing as well as specific ports being sent to specific machines in the cluster. 12. Remove any predefined rules. By default, NLBS serves all ports and this setting is sufficient. 13. Click OK to return to the Local Area Connection Properties dialog box.

91 Deployment Click Internet/Protocol (TCP/IP), and then click Properties. 15. Confirm that the dedicated IP address and Subnet mask matches the IP address and Subnet mask defined for this machine. 16. Click Advanced. The Advanced TCP/IP Settings dialog box appears with the IP Settings property sheet active.

92 92 Chapter Type in the Primary IP address for the cluster, and then click Add. You now have an IP address that the virtual IP can bind to. 18. Click OK. The Local Area Connection Properties dialog box reappears. 19. Click OK.

93 Deployment Repeat this procedure for the stand-by machine. Everything is the same except for the Host Parameters. Enter a 2 (two) for the Priority (Unique host ID), and the correct Dedicated IP address, as shown below: Now that the two machines are configured as a cluster, clients have the option to connect directly to one of the machines, or to connect to the cluster. To connect to the cluster 1. From a client workstation, open the Client Connection Manager.

94 94 Chapter 3 2. Right-click the connection you want to modify, and then click Properties. The Properties dialog box appears with the General property page active. 3. In the Server name or IP Address box, type the Primary IP address for the Server name. 4. Click OK. Administration Tools NLBS comes with a command line utility: WLBS.EXE. This utility allows you to view and refresh setting made in the dialogs in the live cluster. The most important ones are describes below: The command line for the Network Load Balancing control program (Wlbs.exe) has the following syntax: wlbs command [cluster [:host] [remote options] ] Command start stop Action Starts cluster operations on the specified hosts attempting to join the cluster. This enables all ports that may have been previously disabled. Stops cluster operations on the specified hosts leaving the cluster.

95 Deployment 95 Command query Action Displays the current cluster state and the list of host priorities for the current members of the cluster. The possible states are: Unknown --The responding host has not started cluster operations and cannot determine the cluster's state. Converging -- The cluster is currently attempting to converge to a consistent state. Prolonged convergence usually indicates a problem with cluster parameters. If this occurs, check the event logs on the cluster hosts for Network Load Balancing messages warning you about the source of the problem. Draining -- The cluster has converged, and the responding host is draining active connections prior to stopping cluster mode. Converged as default -- The cluster has converged, and the responding host is the current default (the highest-priority host without a drainstop command in progress). The default host handles network traffic for all of the TCP/UDP ports not covered by the port rules. reload (local only) Converged -- The cluster has converged, and the responding host is not the default host. Reloads the Network Load Balancing driver's current parameters. Cluster operations on the local host are automatically stopped and restarted if necessary. If an error exists in the parameters, the host will not join the cluster, and a warning is displayed. If this should occur, open the Network Load Balancing Properties dialog box to fix the problem. Disconnection Timeouts As a general recommendation, establish a standard timeout for disconnected sessions. This is especially important when utilizing load balancing. There is a chance that sessions may become orphaned if the operator improperly logs-off a terminal server. Orphaned sessions will hold resources that could be freed up for use elsewhere. To enable a timeout for a disconnected session 1. Click Start on the Windows Taskbar, point to Programs, Administrative Tools, and then click Terminal Services Configuration. 2. Double-click RDP-Tcp to open the RDP-Tcp Properties dialog box.

96 96 Chapter 3 3. Click the Sessions tab to activate the Sessions property sheet. 4. Select the Override user settings option. 5. In the End a disconnected session box, type the number of minutes you want to elapse before ending a disconnected session. 6. Click Apply.

97 Deployment 97 Terminal Services Advanced Client Microsoft's Terminal Services Advanced Client (TSAC) is a Win32 -based ActiveX control that can be used to run Terminal Services sessions within Microsoft Internet Explorer. By using TSAC, you can now run full-featured InTouch applications across the Internet, with the same performance and speed as if you were on the local area network. Benefits The downloadable ActiveX control provides almost the same functionality as the full Terminal Services Client, but is designed to deliver this functionality over the Web. The TSAC provides the following benefits: Run sessions within Internet Explorer. Terminal emulation software does not need to be installed on the client machine. Only Internet Explorer 4 or later and an URL address pointing to the terminal server is necessary. Quick and easy access to terminal servers. The TSAC is especially useful for fact, on-demand access to terminal servers. URL addresses can contain optional fields, such as username and screen size, to make accessing different terminal servers as simple as clicking on a "Favorites" link.

98 98 Chapter 3 Installation Common interface. The common look and feel of Internet Explorer make it a preferred GUI for viewing MS Office applications, browsing plant information, or doing trend analysis using ActiveFactory or SuiteVoyager. The TSAC is a free ActiveX control available from the Microsoft website. It must be installed on a computer running Internet Information Services (IIS) version 4.0 or later. This dependency applies to the Web server only. Users can download the control and view a session from any supported web browser (Windows 32-bit versions of Internet Explorer 4.x, 5.x, or 6.x). Note For the most recent information or to download the TSAC, visit default.asp How to Use Once the TSAC is installed on the Web server, users can point to a default login page and/or pass specific user information to initiate a terminal server session. Three sample Web pages are installed in the TSWeb directory. These pages can be run as they are, or they can be modified. Note For information on how to configure and use the sample pages, please refer to the Microsoft Terminal Services ActiveX Client Control Deployment Guide.

99 Deployment 99 Default.htm. Default.htm is a sample logon page that is designed to collect terminal server connection information from the user. You access the default page by the following URL: Where MyWebServer is the computer name or IP address of the Web server. Connect.asp. Connect.asp is a sample page that contains the actual ActiveX client control, which hosts the terminal server session. By design, Connect.asp does not run alone, but must be called with the following parameters: &Username=MyUser&Domain=MyDomain&rW=800&rH=600 Where MyWebServer is the computer name or IP address of the Web server, MyTSServer is the computer name of the terminal server, MyUser is a valid logon name, and MyDomain is the name of the computer that has the logon name defined. Note To use the sample page, Active Server Pages (ASP) must be enabled on the Web sever. If your Internet access goes through a Firewall, make sure to open TCP port 3389.

100 100 Chapter 3 Securing Web-based Applications Beyond the safety and liability issues of remotely controlling a process, the Internet has an increased risk of unauthorized access. The Internet is a public medium, and any connection may inadvertently expose sensitive information and/or damage systems by malicious acts. To adequately protect your terminal server and the process it controls, you should develop a sound information security (INFOSEC) policy. Your INFOSEC policy should include Physical Security, Network Security, Application Security, and Security Auditing. Physical Security Physical security addresses the operating environment of your servers and connected client systems. Place your terminal server in a protected room that is free from physical threat and adverse conditions. Make the room available only to authorized (trusted) personnel. Develop a schedule to back-up data and publish procedures on how to restore it. Evaluate your risk if the terminal server goes down. Hardware protection such as surge suppressors, uninterruptible power supplies, and redundant servers will help keep your system running. Network Load Balancing or systems with Assured Availability will mitigate the chance that a component failure will stop production. Network Security Network security addresses the data transfer between the terminal server and client computers. Provide adequate computer log-on security. For more information, see "Defining Security." Enable medium (or higher) encryption. Encryption prevents spoofing, which refers to any unauthorized attempts to intercept an address, user identification, partial or even total transmission of data. Terminal Services provides multilevel encryption. All levels use the standard RSA RC4 encryption model

101 Deployment 101. Level Low Medium(default) High Description This level secures all data sent from the client to the server by using either a 56-bit or 40-bit key. A Windows 2000 terminal server uses a 56-bit key when Windows 2000 clients connect to it, and a 40- bit key when earlier versions of the client connect. This input-only encryption is used to protect sensitive data, such as a user password. This level secures data sent in both directions (from the client to the server and from the server to the client) by using either a 56-bit or a 40-bit key. A Windows 2000 terminal server uses a 56-bit key when Windows 2000 clients connect to it, and a 40- bit key when earlier versions of the client connect. Use medium encryption to secure sensitive data as it travels over the network to display on remote clients. If you are located in the United States or Canada, you have the option to select the high level. High encryption affects all data sent in both directions, but encrypts using the non-exportable 128-bit key. To enable encryption 1. Click Start on the Windows Taskbar, point to Programs, point to Administrative Tools, and then click Terminal Services Configuration.

102 102 Chapter 3 2. Double-click RDP-Tcp. The RDP-Tcp Properties dialog box appears. 3. Click the General tab to activate the General property sheet. 4. Select the appropriate Encryption level. Application Security Application Security addresses the security embedded in your InTouch application, IndustrialSQL Server, and other sensitive information systems. Use the $Operator tagname to provide security within the InTouch application. By applying security to your application, you can control specific functions that an operator is allowed to perform by linking those functions to internal tagnames. For more information on the $Operator tagname, see the "Using InTouch Security" section in Chapter 2 of your online InTouch User's Guide. Replace the GetNodeName() QuickScript with the new TseGetClientId() QuickScript to identify the client computer. When using Terminal Services, GetNodeName() returns the name of the terminal server, not the name of the client computer.

103 Deployment 103 Add a password to the SQLServer system administrator (SA) account. When you install IndustrialSQL Server, an all-powerful "sa" login ID is created with an empty password. Do not use this account to access data. Use the default login IDs (for example, wwuser), instead. For more information on database security, refer to the "Managing Security" chapter in the IndustrialSQLServer Administrator's Guide. Security Auditing Security Auditing addresses the ability for you to monitor intrusion attempts. If you suspect that your system is under any sort of attack, then you can enable logging for an array of auditable events. By default, security logging/auditing is disabled because it usually requires excessive processing resources. We, therefore, recommend that you initially select only a few events to monitor. Caution! Security Auditing requires significant resources. Make sure to enable auditing when you evaluate your pilot server, or you may undersize the hardware. To configure auditing, refer to the Audit Policy, which is part of the Windows 2000 Local Security Policy. Additional Information For further exploration of these and related security considerations, please refer to the following resources: National Computer Security Center (NCSC) "Rainbow Books" Common Criteria (CC) for Information Technology Security Evaluation Microsoft Privacy & Security Fundamentals: Security htm Windows 2000 Security Technical Overview Default Access Control Settings in Windows Best Practices You can maximize the operator's experience with Terminal Services for InTouch by following these recommendations: Always use Add/Remove Programs when installing software. Never perform an auto-install from CD ROM. Use the TSSHUTDN command before shutting down the server. This forces a proper client log-off and shutdown.

104 104 Chapter 3 Use an NTFS file system on all volumes. NTFS provides greater security for users in a multi-session environment who access the same data structures. Use static IP addressing. WWLogger, SuiteLink and Network Load Balancing all rely on permanently assigned IP addresses to identify clients. Run InTouch full screen and as the only program. See "Configuring Start program." Run one InTouch session per client and use a unique user account for each session. Multiple instances of WindowViewer on a client are possible, but keep in mind that all the sessions will have the same IP address, and therefore, you will not be able to poke values to a particular view session. Back up your license server regularly. Include at least the System State, plus the Lserver directory. By default, this is %windir%\system32\lserver. Run only InTouch on the terminal server. Other software products running in sessions or on the console may cause performance degradation. Place the terminal server in a secure place, protected from industrial hazards and operator interaction. Use standard InTouch graphics instead of bitmaps in designs. InTouch standard graphic objects are vector-based, and are ideally suited for a terminal session. Raster-based graphics (*.BMP), however, require much more information to display. Bitmap objects should be smaller than 200 x 200 pixels. Avoid animated graphics. Animated graphics can slow down the screen refresh rate on the client, creating an impression of diminished performance. Always have something changing on the screen. This keeps a steady communication between the server and client. If the connection breaks, the server will detect the failure and mark the session as disconnected. Consider showing the current time or some form of heartbeat. Use NAD. See "Configuring NAD for Terminal Services." If you provide access to the session desktop, disable Active Desktop and smooth scrolling. Minimize the use of cascading menus, particularly the Start menu. Place shortcuts on the desktop and keep the Programs submenu as flat as possible. Avoid using bitmaps in wallpaper; in Display Properties set Wallpaper to None on the Background tab, and select a single color from the Appearance tab. Enable file sharing on client computers, sharing drives with easily identifiable names like "drivec." Be aware of the security implications involved. Train users to use Terminal Services hot key sequences. There are a few important differences in the hot key sequences used in a Terminal Services client session than in a Windows 2000 session. These hot key sequences only apply to desktop replacement clients. A comparison table is shown below:

105 Deployment 105 Terminal Services Hot key Sequences Task Typical Terminal Services Open application selector and move selection to the right ALT + TAB ALT + PGUP Open application selector and move selection to the left ALT + SHIFT + TAB ALT + PGDN Switch between running ALT + ESC ALT + INS applications Open Start menu CTRL + ESC ALT + HOME Right-click running application's Task Bar button ALT + SPACEBAR ALT + DEL Open Windows NT CTRL + ALT + DEL Security window Toggle the client screen between full-screen mode and windowed mode CTRL + ALT + END CTRL + ALT + BREAK

106 106 Chapter 3

107 107 Index A Access Name 40 ACP 51 ACP Enabled Thin Client 34 ACP Enabled Thin Clients 42 ACP ThinManager 20, 23, 42 Activate a License Server 51 Activating the license server 52 ActiveX 22 Administration tools 14, 94 Administrators group 56 Application server 14, 42 Architecture for a DDE I/O Server 40 Assessing Risk 31 Assessing the Pilot Deployment 80 Automatically starting WindowViewer upon connection 76 Automation Control Products (ACP) 7 B Benefits 15 Best Practices 103 BPR 32 Bugs and Issues database 48 Building the Master Project Plan 46 Business Process Redesign 32 C CALs 50, 53 Centralized deployment of programs 12 Centralized Management 12 InTouch 19 Changing a Desktop into a RDP Client 59 Checklist: Setting up Terminal Services for InTouch 8 Choosing a License Server 39 Choosing the Right Client 42 Citrix Devices 51 Citrix MetaFrame 20, 42 Citrix Systems 7 Client RDP hardware requirements 50 Terminal Services client access license 50 Client Connection Manager 75 Client Connection Properties 59 Client Installation Disks 59 Client Licensing 53 Common points of failure 45 Components Administration tools 14 Licensing service 14 Multi-user kernel 14 Remote Desktop Protocol 14 Terminal Services Client 14 Configure Client connections 59 Connection security 55 NAD for Terminal Services 74 Start Program 75 Users to access a terminal server 58 Connection methods 51 Connection security 55 Connection Wizard 59 Connectiong To the cluster 93 Console 8 Converting Color Palettes 70 Copying and pasting between a studio application and local application 78 Creating client installation disks 59 D Data access 12 Data flow and bandwidth requirements for TS Clients 37 Data server 42 DDE 40 Dedicated IP address 89 Defining Vision and Scope 31 Deployment 47 Assessing the Pilot 80 Characteristics of a successful pilot deployment 80 Pilot Terminal Server 47 Planning Model 25 Terminal Server throughout your Environment 81 Test lab 48 DHCP 36 Disconnection Timeouts 95 Disk speed 49 Distributed computing 12 Documenting Internet Information 33 LAN Information 32 Logical Design 34 The Operator Interface 33 WAN Information 33 Your Environment 32 Domain Setup 36 E Embedded NT 15 Enable data compression 63 Enabling a timeout for a disconnected session 95 Enterprise-licensing configuration 39 Environment analysis 46 Examining Peripheral Devices that Affect Performance 49 Expanding to the WAN 38 F Fat clients 12, 17 Full Internet name 88 Functional specification 35, 46

108 108 H Hardware Costs 20 Hardware Requirements 48 HCL 49 Historical Trending 74 Home directories for Terminal Services Clients 74 Host Parameters page 89 I ICA 8, 33, 84 Protocol 37, 42 Traffic 38 Identifying Key Team Members 29 Improving Reliability 45 Industrial Scenarios 18 IndustrialSQL Server 42 Initial cluster state 89 Installing Licenses 52 NLBS 86 Terminal Services 50 Internet Access 22 Internet Protocol 33 Internet work Packet Exchange 33 IPX 33 ISP 33 K Known Issues and Limitations 68 L LAN 21, 38, 42 Information 32 Printing Across a LAN 38 LAN/WAN network 25 License server 39, 51 Activating 52 Licenses Client 52 Installing 52 Microsoft License Pak 52 Recovery 53 Server client access 50 Terminal Services client access 50 Licensing Service 14 Load balancing 45 Local Area Connection Properties 90 Local printer 38 Local Users and Groups 55 M Manufacturing Information Portal 13 Memory Available MBytes 83 Memory Pages/sec 83 Messenger 82 MLP 52 Modes of Operation Application server 13 Remote Administration 13 Modifying Applications 66 Modifying bitmaps within InTouch using Paint Shop Pro 71 Monitoring Performance 81 MTBF 20 MTI 20, 23 MTTR 15 Multicast support 88 Multi-user kernel 14 Must Know Terminology 8 N NAD 73, 74 NetBEUI 33 NetDDE 40 Network adapter 49 Network Load Balancing 23, 47, 85 Control Program 94 Installing 87 Network Segment % Network Utilization 83 NLBS 85 Installing 86 O Override user settings 96 P Performance Monitoring (MMC snap-in) 82 Peripheral devices 49 Permissions 56 Physical design 35, 46 Point-to-Point Tunneling Protocol 22 Port Rules 90 PPTP 22 Primary IP address 88, 92 Printing 38 Across a LAN 38 WAN 38 Privileges 57 Process counters 84 Process % Processor Time 83 Process Handle Count 83 Process Private Bytes 83 Processor % Processor Time 83 Processor Interrupts/sec 83 Providing Maintenance and Support 81 R Rapid Application Development 77 RDP 8, 14, 33, 37, 42 RDP Client 59

109 109 RDP client hardware requirements 50 RDP traffic 38 RDP/ICA protocol 21 RDP-Tcp Properties 56 Remote Access 21 Remote Administration 14 Remote Control 23, 84 Remote Desktop Protocol 14 Remote development 77 Remotely controlling an operator workstation 84 Retentive Tagnames 74 Risk assessment 46 Risks in deploying Terminal Services for InTouch 31 Running WindowMaker 77 Running WindowViewer 73 S SCADAlarm 13 Scalability 12, 15 Script Execution 69 Security 53 Session 54 Selecting an Application 74 Server Client Access license 50 Server fail-over 23 Server Hardware Requirements 48 Server-centric environment 16 Server-centric mode 20 Session 8 Session Security 54 Shadowing 84 Simple Terminal Services for InTouch Deployment 16 Software Testing and Validation 66 Stand-by Server Option 85 Starting Local I/O 69 Subnet mask 88, 89, 91 SuiteLink 40 SuiteVoyager 13 System tagnames 42 System Processor Queue Length 83 T ThinManager 51 Timeouts 95 Total Cost of Ownership 11 Transmission Control Protocol/Internet Protocol (TCP/IP) connection 21 TS CAL 14 TSAC 22, 33 U User Account Management 57 Users group 56 Using network adapters 88 V VGA card 50 Viewing process counters 84 Viewing the process 20 W WAN 38 Information 33 Wide area bandwidth 38 Windows 2000 Hardware compatibility List (HCL) 49 Server CAL 14 Terminal Services 13 Terminal Services client access licenses 50 WindowsCE 15 Wireless networks 21 Task Manager 82 TCO 11 TCP/IP 21, 33 Technical Support 10 Terminal server local groups 54 Terminal Services 8 Advanced Client 33 Client 14 Client Access license 50 Creating client installation disks 59 Hot key Sequences 105 Session Private Bytes 83 Test lab 81 Testing Process 66 Thin client 8, 12 Thin-Computing and Process Visualization 11

110 110 Index