Remote Desktop and Terminal Services

Remote Desktop Connection allows you to connect to a windows system and display a full graphical desktop just like sitting in front of the actual machine. The desktop is shown in a window on the local machine, although all the applications run on the remote system. In some respects it is similar to the X-Windows system on Unix but uses a different network protocol known as RDP (Remote Desktop Protocol).

The department provides a number of multi-user servers (terminal servers) which anyone can use to run windows applications. It is also possible to connect to ordinary windows desktops if they are suitably configured. Access from the internet must be through a gateway system to ensure that the desktops are protected from attack from the internet. Please see the notes on how to connect via the Physics Remote Desktop Gateway in the Connect to your Physics Windows Desktop From Outside The Department section below.

Please note that you will need to use the RDP Gateway (rdp-gateway.physics.ox.ac.uk) to connect to termserv4 & termserv5.

NOTE also that you do not need to use VPN to connect via RDP and indeed it will work better if you do not use VPN

Connecting to TERMSERV4 \ TERMSERV5 via the RDP Gateway for Windows Clients

Type Remote Desktop into the Search Icon.

Configure logon settings.

Enter termserv4.physics.ox.ac.uk or termserv5.physics.ox.ac.uk into the Computer field and then Type in your Physics account name.

General.jpg

Configure connect from Anywhere.

Select the advanced tab.

Advanced.jpg

Select the Settings tab and then enter the values circled below.

RD Gateway Settings.jpg

List of Windows Terminal Servers available in Physics

TERMSERV3\TERMSERV4\TERMSERV5 - General Use Terminal Servers

TERMSERV3 - Windows 2012 R2 Installed ( Use when Office 2016 Required )
TERMSERV4 - Windows 2019 Installed
TERMSERV5 - Windows 2019 Installed

If one terminal server is heavily loaded or unavailable for some reason simply use the other.

Please see below for a list of application software that has been installed and updated.

Application Software Installed on TERMSERV4 and TERMSERV5

7-Zip
EndNote X9
Inkscape 0.92.4
LibreOffice 6.3.4.2
Mathematica
MATLAB R2019b
MikTex
Mozilla FireFox
Mozilla Thunderbird
Notepad++
NI LabVIEW 2019 (64-bit)
Nuance PDF Converter Enterprise 8
Office 2019
Office 2019 - Visio
Office 2019 - Project
Origin 2019b
PuTTY release 0.73 (64-bit)
Scansoft PDF Professional
Sophos Anti-Virus
WinSCP

Please email itsupport@physics.ox.ac.uk ( Subject-Terminal Server - Software Request ) if you require any additional software (Central Budget funds permitting ) to be installed.

Please note that CorelDraw does not work on a Windows Terminal Server. Software has to be specifically written to work on a Windows Terminal Server so not all software is compatible.

We cannot install the Creative Cloud Suite on the Windows Terminal Servers due to licensing restrictions.

Undergraduate Windows Terminal Servers

Teaching Course Terminal and RD Gateway Server

neo.physics.ox.ac.uk is the Windows 2016 Terminal and RD Gateway Server for Physics Undergraduates.
Access is restricted to the University's network connections only. For example if at home connect to the University's VPN service before using the Remote Desktop Client. Do not use any other Terminal server, client or gateway unless specifically instructed to do so.

See Common Connection Problems from Windows Clients and Connect to your Physics Windows Desktop or Other Protected Machine From Outside The Department section's further down the page if you have difficulties configuring your Remote Desktop client to connect and have the University's VPN service active. When configuring the Remote Desktop Client both the Remote Gateway server and client are both neo.physics.ox.ac.uk other than this all settings are the same.

Experimental clients

Some experiments are on line, for these you will be informed which windows client connect to but the RD Gateway server is still neo.physics.ox.ac.uk. Do not use rdp-gateway.physics.ox.ac.uk.

Please note the following time limits

Disconnected sessions are closed after 15 minutes.
Idle sessions are closed after 1 hour.
Active sessions are limited to 12 hours.
Once time limits have been reached and the session closed this will delete any unsaved data, save your data at regular intervals to your home directory (H:).

Linux Terminal servers (accessible internally or through gateway methods below)

linuxts

Connecting to "linuxts" is the recommended way to get a Linux environment. When a new version of Ubuntu passes all of our criteria, linuxts will be updated to that new version.

Windows clients please right click and save the following file to your desktop here. When downloaded, double click this to launch microsoft remote desktop.

The username for the gateway server is physics\
The username for linuxts is

linuxts

This is a Linux terminal server for "Office" tasks. It is running Ubuntu version 20.04. You may log onto it and we welcome comments and suggestions. Windows clients please right click and save the following file to your desktop here. When downloaded, double click this to launch Microsoft remote desktop.

The username for the gateway server is physics\
The username for linuxts is

What it is for

Is to be used when a Linux Application is needed on timescales of a few minutes to a few hours. Has secure access to shared and backed-up storage. More information can be found here. You should find it a reasonable replacement for a native Linux desktop for office work. It is not for "Scientific computing", i.e. long running or CPU/network intensive use. We are happy to consider any additional software for installation that fits within the remit of this server. Most sub-departments already have cluster compute resources for "Scientific computing" use.

More information can be found here.

Linux in Particle Physics

Currently the CentOS 7 Linux machines "pplxint10" and "pplxint11" are configured for remote access. To connect, please see the section "Connect to your Physics Windows Desktop or Other Protected Machine From Outside The Department".

The particle physics machines require you to have a particle physics login account in addition to your normal PHYSICS account.

Please see the PPUnix pages for more information

Linux in Theoretical Physics

The machines called "tplxintN.nat.physics.ox.ac.uk", where N = 1 to 5, are available for intensive compute use. They are running Ubuntu version 20.04. Please connect using x2go as per these instructions

It is also recommended that you read the following page to troubleshoot any issues here.

Connect to your Physics Windows Desktop or Other Protected Machine

Connecting from Windows is made possible with Microsoft's Remote Desktop Client which is installed by default with all recent versions of windows. This client provides the most functionality, allowing disk drives and printers to be mapped from your client into the remote desktop server so it's much easier to transfer files and to print from your remote applications to your local printers.

To connect to systems other than the terminal servers you will need your Physics account added to the local Remote Desktop Users group for the desktop you wish to connect to. Please email itsupport@physics.ox.ac.uk including the name of the desktop.

From a Windows Client

To improve security and allow connections to all desktops on our local network, clients should be configured to connect via the Remote Desktop Gateway system. When using the windows Remote Desktop Client, it is easy to configure this so that the connection through the gateway is transparent. You'll find the Remote desktop client under the 'start/all programs' folders or below that in accessories (depending on the version that's installed). Start the client and and click on the Options button and the following should appear

rdp_win10_conn.png

Here, this has been set to connect to a desktop system using a physics network account. You should replace "mydesktop" with the name of your computer, which is written on a sticker on the front. "mydesktop" is just an example. You will need to use fully qualified domain name(FQDN) of your computer add .nat.physics.ox.ac.uk or .physics.ox.ac.uk after the name of your computer for example mydesktop.nat.physics.ox.ac.uk.

Now click on the advanced tab. You should see a section entitled Connect from Anywhere. Click on the settings button and fill in the fields as follows
rdp_win10_gate.png


IMPORTANT:
The configuration is for the case where you will log into the remote server using your physics network credentials. If you need to use a different account on the remote server you must untick the box at the bottom with text similar to "Use my TS/RD gateway credentials for the remote computer". Click OK etc to return to the General page and save your configuration so that you don't need to do this setup for each session.

Common Connection Problems from Windows Clients

Can't find computer

Error Message Displayed:

Remote Desktop can't find the computer for example "termserv4". This might mean that "termserv4" does not belong to the
specified network. Verify the computer name and domain that you are trying to connect to.

This is due to the full name of the terminal server not being entered if outside of the Department.

Users only type the following:

termserv4

Resolution : Type the name of the full terminal server system computer address i.e. termserv4.physics.ox.ac.uk or termserv4.nat.physics.ox.ac.uk.

Unknown user

Error Message Displayed:

The credentials that were used to connect to termserv4 did not work. Please enter new credentials.

Users enter their username without specifying a domain.

e.g. - Username : harrisexample

Resolution : Enter the following in the username field:

PHYSICS\harrisexample

or

harrisexample@physics.ox.ac.uk

From a Linux client using Remmina

Remmina is a remote desktop client for Linux that should be preinstalled in your linux desktop or laptop.

The screenshots below guide you through the set-up.

Launching Remmina

If you do not have a Remmina icon visible, click on the "Activities" entry (top left of the screen) and type in "Remmina". Click on the Remmina icon.

remmina-client-v2_0.png

Add a connection: Click the "+" button on the top left to add a new connection.

remmina-client-add-termserv-00.png

Configure Remmina Basic Settings Tab :

Basic settings tab: Select the RDP Protocol and you MUST use 24 bit color or less. Do NOT select remote-fx. You can optionally store your user name, password and a preferred resolution. When connecting to your Windows desktop, complete the Domain as "PHYSICS".

remmina-termserv-01-basic (002)_2.png

Configure Remmina Advanced Settings Tab :

Remmina Advanced tab: it is a good idea to adjust the quality. Choosing "Good" works well over standard home broadband. Set security to "Negotiate" (you may try "NLA" if that does not work.)
Set Gateway type to "auto" and fill in the Remote Gateway server (rdp-gateway.physics.ox.ac.uk), Remote Desktop Gateway username (your Physics username), Remote Desktop Gateway password (your Physics password), and the Remote Desktop Gateway domain (PHYSICS).

remmina-termserv-02-advanced (002)-Arrowed_1.png

Click "Save and connect" and then open the connection you have just created.

remmina-termserv-00 (002)-Saved-Connect-open.png

Enable your Linux Desktop for remote access

These instructions are written for Ubuntu Precise. There are three/four distinct steps to getting this working initially.

  • Contacting IT support to configure the machine for xrdp (but normally this is installed as standard).
  • Configuring your client software to use a gateway from outside the department
  • Starting a new session.
  • Optionally configuring the remote machine for desktop sharing to reconnect to an existing session.

There are two security considerations.

  1. You must configure a password when sharing out your desktop. The instructions are below.
  2. We prevent anybody outside the physics department from connecting by forcing all connections to go through the RDP gateway or over an ssh tunnel. Instructions are in the section "Connect to your Physics Windows Desktop or Other Protected Machine From Outside The Department"

Starting a new graphical session remotely

You may need to ask IT support to enable remote (xrdp) access to the Linux machine.

When you have xrdp installed on the machine you want to connect to, configure the machine you want to connect from using the "Connect to your Physics Windows Desktop or Other Protected Machine From Outside The Department" section above. Set your client application so that it uses 16 bit colours (also called "High colour"), and set the security to RDP if the option exists. You may also need to turn off sound. You will now be able to connect to your Linux machine.

When presented with a screen that looks like the below, you should select sesman-Xrdp from the list (the default) and enter the user name and password that you use to log in to the machine. By default, this will start a new connection, so you wont be able to see your existing windows if you are already logged on.

sesman-Xrdp session: This is the simplest to get running (works out of the box). With this option, you wont be able to see and control the programs started in front of the machine in the office, but will have normal access to the machine otherwise.

In order to connect to the local session and control programs you started in the office, you will need to set up desktop sharing.

Set up desktop sharing

You may need to ask IT support to enable remote (xrdp) access to the Linux machine. Note that desktop sharing will only work well for single-user machines.

  1. open the desktop sharing application by pressing the windows/super key and starting to type "desktop sharing". Open desktop sharing: Open desktop sharing on Ubuntu precise
  2. Click "allow other users to view", "allow other users to control" and Tick the "require the user to enter this password". Select a strong password to protect your desktop. Configure desktop sharing
  3. Click "close"

When you leave the office, leave your machine switched on and your desktop logged in with the screen locked. When you connect from home, select "console" from the xrdp menu (shown below).

Select console to control the same session that you were running in front of the machine the department: Desktop sharing must be configured first, and you must be logged in already while being sat in front of the PC. With this option, you will be able to see and control the programs started in front of the machine in the office.

Connection Problems From Linux Clients

rdesktop certificate error

If you receive the following error when trying to connect with rdesktop:

disconnect: Internal licensing error.

Then use the following command instead to connect to the terminal server:

rm -f .rdesktop/licence.host ; rdesktop -u user -d PHYSICS -g workarea -T "Termserv4 rdesktop" -a 24 termserv4.physics.ox.ac.uk

Connection Problems to Linux desktops or servers

I cannot connect at all

With a windows client, check you have the RDP gateway setting correctly configured.

With a Linux client, check you have the ssh gateway setting correctly configured.

When I connect, all I see is a black screen

Set your remote desktop client to use 16 bit colours (High color) and reconnect.
You may also be seeing lock screen, so click in the window and wiggle the mouse to prompt for the unlock password.

When I connect, all I see is a blank "Ubuntu purple" or solid grey screen

It is probably trying to use Ubuntu in 3D, which doesn't work over this software emulated desktop environment (Xvnc). Delete any existing xsession files.

rm -fr ~/.vnc rm ~/.Xsession ~/.xsession

Then fix, open or create $HOME/.xsession on the remote Linux machine and fill it with the following content for a Ubuntu machine set up by IT in the physics department:

exec xrdp-xsession

or on Ubuntu Precise (12.04):

exec gnome-session --session=ubuntu-2d

Next type killall Xvnc, or reboot the machine.

Desktop sharing is not working

Note that desktop sharing will only work for single-user machines. Check your configuration it as in the "desktop sharing" section above. You can open a temporary graphical session and run "vino-preferences" to get the desktop sharing GUI up.

If it is still not working, vino-server may have crashed. Open up a terminal session to the remote machine and run /usr/lib/vino/vino-server --sm-disable

I did not log on to the machine before I left the office

The only option is to start a new session. Save and close your work when you exit.
You can re-connect to a remotely started session, but only if you make a note of both the resolution and colour settings. These can be displayed if you type "ps aux | grep Xvnc" on the remote machine and picking out the geometry and depth settings, e.g:

Xvnc :12 -geometry [b]1600x900[/b] -depth [b]16[/b] -rfbauth ....

Connecting from Mac

Microsoft produces a free version of Microsoft Remote Desktop which is available from the App Store or via the Self Service application.

Use the following instructions to set it up in the Physics department:

  1. Download and install Microsoft Remote Desktop
  2. Open Microsoft Remote Desktop from the Applications folder and click on the New (+) button and select Add PC.Screenshot 2020-03-12 at 15.14.25_1.png
  3. Enter a PC name. The PC name is the name of the PC you wish to connect to (e.g. termserv4.physics.ox.ac.uk or ppwt123.nat.physics.ox.ac.uk).
  4. Enter a Friendly Name. The Friendly Name is what you wish to call the connection (e.g. Physics Terminal Server). It is not used by the client except to show you which connection is which. Screenshot 2020-03-12 at 15.21.13.png
  5. Click the Gateway drop down menu and click "Add Gateway"Screenshot 2020-03-12 at 15.22.43.png
  6. In the Add A Gateway menu enter the following
    • Gateway Name: rdp-gateway.physics.ox.ac.uk
    • Friendly Name: Physics RDP Gateway

    Click Add a User account with your Physics account username and password and click AddScreenshot 2020-03-12 at 15.28.44.png

  7. Select "Physics RDP Gateway" in the Gateway field
  8. Untick Byass for local addresses
  9. If you wish, enter your Physics username and password in the User account section or select Ask when required.
  10. Select any other preferences you may have for the remote desktop session (e.g. select Full Screen)
  11. Click the Save ButtonScreenshot 2020-03-12 at 15.33.54.png
  12. Click on the name of the remote desktop session that you have just created to start the Remote Desktop session and enter your physics username and password if prompted.Screenshot 2020-03-12 at 15.40.57.png

Physics Terminal Server General Usage Notes

  • Please remember that you are sharing a system with a number of users. CPU intensive tasks should not be run on the Physics Terminal Server.
  • When you log into Termserv4 you will not receive the same settings ( desktop \ printer setup ) as you do when you log into your Centrally Managed Windows desktop. The server has been configured in this way as many users of the Terminal Servers weren't able to log in as they saved too much data into their windows profile. Please see profile quota for further details.
  • Do not try and install software on the terminal severs. You do not have the necessary rights to do this and you may cause the server to be taken offline to be repaired.
  • If you require software to be installed on the Terminal Servers then please email ITsupport@physics.ox.ac.uk
  • Acrobat Professional still doesn't create PDF documents reliably on the TERMINAL SERVERS so if you need to generate a PDF document from a Microsoft application then please use the save as PDF option in Office 2019 (on Termserv4).

Printing to a Local Printer when using Remote Desktop Connection

You may print on to your local home printer when using remote desktop connection to other systems.

To make a local printer available in a Remote Desktop session:

  • Click Start, point to All Programs, point to Accessories, point to Communications, and then click Remote Desktop Connection.
  • Click Options in the Remote Desktop Connection dialog box.
  • Click the Local Resources tab.
  • Click Printers in the Local Devices box.
  • Click Connect.

After you establish the remote connection and log on to the remote computer, the local printer that is connected to the client becomes the default printer for any programs that are running on the remote desktop. If the client has more than one printer attached to it, the default printer for the computer becomes the default printer on the remote desktop; however, all local printers are available.

Categories: Printing | RDP | Remote Access | terminal server