Vendetta

With Windows 2000 came a new piece of software called ‘Terminal Server Licensing’ that requires to be installed when you run your Windows 2000 servers’ Terminal Services in Application Mode.

The idea behind it was/is pretty straightforward. You could give a user with a non Windows 2000 based computer access to your Windows 2000 server, hence giving the user features he/she was/is not paying for. Windows 2000 based clients also need to contact it but will receive a built-in (read : free) license from the Terminal Services Licensing system.

Terminal Services on a Windows 2000 server will try to find the Licensing server in 4 ways : Domain Mode, Enterprise Mode, Workgroup Mode and Direct Mode.

• Domain Mode and Enterprise Mode require that you set up the Licensing server on a domain controller. Many (large) corporations want to keep their Domain Controllers only for a single task, controlling the domain, so it’s not always an option to install Terminal Services Licensing on them.
• Workgroup Mode equals to good old broadcast. Can’t find a Licensing server ? Yell a bit on the network and you will find it. This ofcourse limits the system to having the Licensing server in the same (V)Lan and many routers and switches could be configured to discard broadcast messages.
• Direct mode works by a registry key that points to the server holding your Terminal Services Licensing service.

Now imagine that you are in the following situation : You are migrating from an NT4 domain towards Active Directory. With it you are moving your Terminal Servers (or Citrix servers) from NT4 to AD. The Terminal Servers ofcourse require a connection with the Terminal Services Licensing service. In Domain and Enterprise Mode this would require you to set up a new Terminal Services Licensing service on one of your Domain Controllers and getting the Microsoft Clearinghouse in action to move your licenses from one domain to the other. I myself didn’t find this an option as it can take pretty long and probably will be pretty complicated. Workgroup mode relies on broadcasting so that won’t work on many networks. This leaves only the 4th option, Direct Mode.

For Direct Mode to work open the registry editor of your choice and browse to HKLM\SYSTEM\CurrentControlSet\Services\TermService\Parameters. There you add the value “DefaultLicenseServer” (REG_SZ). In the value you type the WINS entry or FQDN of the server that holds the Terminal Services Licensing service.

With this intalled you can put the Terminal Services Licensing service pretty much anywhere you want without having to worry about domain boundaries, subnets and broadcast adresses. Potential drawback could be that you are relying heavily on that single server to be up and running in order to distribute the licenses. Now this is not a complete single point of failure as Terminal Services will hand out temporary licenses that will work for 3 months should the Terminal Services Licensing service be unavailable. Also you will notice event “1010″ in your System Eventlog, this is normal and can be ignored.

Links:
Q239107 : Establishing Preferred Windows 2000 Terminal Services License Server
TechRepublic - Understanding Terminal Services licensing server discovery
EventID.Net - Event ID 1010