Blog Post

Security, Compliance, and Identity Blog
3 MIN READ

How To: Extend the TS Session Broker to Support VDI (Part 1)

MicrosoftSecurityandComplianceTeam's avatar
Sep 08, 2018
First published on CloudBlogs on Aug, 13 2008

Terminal Services is both a collection of features and a platform for the TS team’s independent software vendor (ISV) partners. As a platform, we want to make sure that our components can be easily extended to support our partners’ vision of what Terminal Services can do—and we want to be sure that people know about those extensibility points.

One of the new Terminal Services roles in Windows Server 2008 is the TS Session Broker, responsible for routing incoming connections to the right terminal server. When the TS Session Broker gets an incoming connection, it checks first to see if that user has an existing session on a terminal server in the farm. If they do, then the connection goes to that terminal server. If they don’t, then the Session Broker will redirect to the terminal server with the lowest number of sessions. (The TS Session Broker supports redirection to Windows Server 2003 terminal server sessions, but the Win2K3 terminal servers can’t participate in load balancing.) In another blog entry , we’ve explained how CredSSP can even speed the redirection process to terminal servers.

But what about destinations, such as virtual desktops, blade PCs, or even PCs? While the built-in functionality of the TS Session Broker in WS08 only supports routing connections to terminal server sessions, we’ve created a set of APIs that ISVs can use to create connection brokers for other kinds of devices. Basically, these APIs allow you to lobotomize the TS Session Broker and replace its brain—its brokering mechanism—with a new plug-in. This plug-in can contain a new set of rules that support redirection to other types of destinations. It can also provide different means of deciding the best target for new connections, such as load balancing rules based on server resources or login time.

ISVs can extend the capabilities of TS Session Broker through the IWTSSBPlugin interface. This interface includes several benefits:

· It doesn’t need an agent on the client or terminal server to support connection brokering, so there’s never anything to update.

· Plug-ins using this interface can easily interact with other Terminal Services role services, such as Terminal Services Gateway (TS Gateway) and rely on information from TS Session Broker about session and computer states (available through WMI).

· The plug-ins can manage connections with client or server devices that support RDP 5.2 or later.

The IWTSSBPlugin interface can:

· Return the ID of the server to which TS Session Broker should direct the incoming connection.

· Direct an incoming connection to an external computing resource.

· Notify the plug-in that a change occurred in the server environment.

· Notify the plug-in that a change, such as a logon, logoff, disconnect, or reconnect, occurred in a user session.

You can learn more about the methods for the IWTSSBPlugin interface at http://msdn.microsoft.com/en-us/library/cc644955(VS.85).aspx and Roman Porter will include some code samples in a follow-up blog entry.

Finally, here’s a question to everyone reading this: When it comes to Terminal Services as a platform, what other extensibility points would you find useful?

Published Sep 08, 2018
Version 1.0
No CommentsBe the first to comment