+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
MIS Systems Thread, SIMS From Home running on a TS, setup help needed. in Technical; We have recently just got our VPN connection working and i want to look into letting staff run sims from ...
  1. #1

    Join Date
    Jun 2009
    Posts
    372
    Thank Post
    14
    Thanked 3 Times in 3 Posts
    Rep Power
    20

    SIMS From Home running on a TS, setup help needed.

    We have recently just got our VPN connection working and i want to look into letting staff run sims from home. Ive decided the best way would be to RDP into the school from their laptops at home and runs sims that way.

    Therefore im going to look into setting up a Terminal Server for staff to log onto as a default user and run sims and office apps only. Ive never done this before so firstly i was thinking about running it on our SIMS server seeing as nothing runs on it during the evening as everyone is at home.

    The spec of the server is; 2x 2ghz Xeon CPU with 4 gig of RAM
    Would this be sufficient and if so for how many concurrent connections do you think? It is x86 OS so if it would need more ram that would be a stumbling block.

    Ive also heard someone mention load balancing? i could do with some pointing in the right direction on how to do that and what needs to be done.

    And anything else i should be made aware of?

  2. #2


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,697
    Thank Post
    352
    Thanked 803 Times in 718 Posts
    Rep Power
    348
    Hi,

    Would recommend you don't go down the route of "default user" as you're in effect asking for it, especially if an enterprising student fires an rdp session internally plus if staff start saving stuff in Office it'll be confusing for them to then find it later.

    Set the TS up with a separate TS Profile etc so it doesn't interfere with your normal activities.

    How many users are you looking to cater for concurrently?

    And I would seriously suggest you do not use your SIMS server for this.

  3. #3

    Join Date
    Jun 2009
    Posts
    372
    Thank Post
    14
    Thanked 3 Times in 3 Posts
    Rep Power
    20
    when i say default user i meant log on the TS with those credentials but then obviously log into sims with their own account as i thought id read other schools using that method although the issue of saving documents would be worth thinking about.

    We have roughly 120 members of staff so we'd want to cater for that (although im not sure about the limitations of our VPN as it wasnt setup by us)

    And if we didnt use our SIMS server is there a rough spec you think we'd need as it might mean a completely new server in that case?

  4. #4

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,962
    Thank Post
    1,208
    Thanked 1,074 Times in 765 Posts
    Rep Power
    332
    @farquea:

    Build TS as member server in its own OU and then using loopback GPO it will be able to use AD for usernames and passwords and you can lock it down with your own GPO on that OU.

    We have 128b encryption and no allowing users to map drives or printers. When users login in we have a script which automatically runs Pulsar.exe and just pulls up the Sims login where the Staff just login in using their Sims credentials.

    Has been working really well and is very quick even with low spec staff computers/laptops.

    This is realised from a link on our website that requires a secure key which only the staff have and this then allows them to download the icon which is used to gain access to the TS login. 3 passwords and 128bit encryption no mapped drives or printers, AUP and all works well.

    Capita have it documented somewhere on their website about remote access and how it should be set up using VPN. If I find it in the meantime will post on here.

  5. #5


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,697
    Thank Post
    352
    Thanked 803 Times in 718 Posts
    Rep Power
    348
    Hi there,

    I would strongly suggest you have them use their 'own' account to log onto the system. Another reason I guess would be the 'default' user would need access to the sims drive which again if a student landed on there would ring alarm bells for me.

    There's a good thread here started by dhicks talking about speccing up terminal servers with various opinions from different people but you will not get 120 concurrent people on that single server especially (and I really wouldn't do this) if it's the SIMS server.

  6. #6

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,962
    Thank Post
    1,208
    Thanked 1,074 Times in 765 Posts
    Rep Power
    332
    @farquea:

    Found it please see attatched:
    Attached Files Attached Files

  7. 2 Thanks to bossman:

    cookie_monster (21st January 2010), farquea (21st January 2010)

  8. #7
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    Quote Originally Posted by bossman View Post
    @farquea:

    Build TS as member server in its own OU and then using loopback GPO it will be able to use AD for usernames and passwords and you can lock it down with your own GPO on that OU.

    We have 128b encryption and no allowing users to map drives or printers. When users login in we have a script which automatically runs Pulsar.exe and just pulls up the Sims login where the Staff just login in using their Sims credentials.

    Has been working really well and is very quick even with low spec staff computers/laptops.

    This is realised from a link on our website that requires a secure key which only the staff have and this then allows them to download the icon which is used to gain access to the TS login. 3 passwords and 128bit encryption no mapped drives or printers, AUP and all works well.

    Capita have it documented somewhere on their website about remote access and how it should be set up using VPN. If I find it in the meantime will post on here.


    We use Citrix Secure Gateway which uses 128Bit SSL, that should be an acceptable alternative to a VPN shouldn't it?

    Thanks.

  9. #8

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,683
    Thank Post
    1,268
    Thanked 788 Times in 685 Posts
    Rep Power
    237
    Quote Originally Posted by farquea View Post
    when i say default user i meant log on the TS with those credentials but then obviously log into sims with their own account
    No need. Have the user log in to Terminal Services with their standard Active Directory acount details, then set their SIMS account up to trust their AD account, automatically logging them in when SIMS starts. You can set up an RDP client shortcut that automatically starts the SIMS application after logon, and if you are using Server 2008 on your TS server you can set up application publishing and make SIMS look as though is running locally, so as far as the user is concerned they click on the "SIMS" shortcut, they type in their normal username and password, SIMS starts, done. This, by the way, is what Capita mean when they say "SIMS autheticates against Active Directory" or "SIMS does single sign on with Active Directory" - they actually mean the SIMS client reads the Windows USER variable and hopes for the best.

    This has been discussed before:

    SIMS under terminal services

    Hopefully that thread summarises enough of what you need to know to get SIMS working under Terminal Services.

    We have roughly 120 members of staff so we'd want to cater for that
    How many simultanious users? You will need a TS server separate to your SIMS server. Handily, we've just been discussing this, too:

    Hardware requirements for Terminal Server

    I'm guessing something like a Dell 610 with two 2GHz Xeon E5504 quad-core processors and 24GB of 1333MHz UDIMM RAM should manage maybe 30 to 50 simultanious users. That's around £1,500 before VAT and with just a basic, single disk - I figure your storage will be somewhere else on the network. I'm not particularly recommending you buy a machine off Dell, their hardware is fine but trying to get specific answers about it out of their sales people can be tricky, but their website is handy for getting a rough price for hardware.

    Seemingly 64 bit Windows offers (maybe considerably) better performance for Terminal Services, allowing you to support more users on the same hardware, but check that SIMS can run under 64 bit first (I know it couldn't last time I tried, but that was a little while ago). I am only going from information given in that other thread, though, I have no direct experience with supporting larger numbers of TS users. Our current TS server is supporting maybe 10 simultanious connections for SIMS and QuickBooks with no problems at all, and that's a 2.4GHz dual-core Core2 6600 with 2GB of RAM running 32-bit Windows Server 2003, purchased as parts from eBay.

    Quick edit: Took a while to type that post, missed Bossman's comments above - he seems to have more direct experience using SIMS over an actual VPN, I'm currently just using SIMS over local RDP (have to get someone to cough up £2,000 for SmoothWall with VPN access).

    --
    David Hicks
    Last edited by dhicks; 21st January 2010 at 10:23 AM.

  10. Thanks to dhicks from:

    bossman (21st January 2010)

  11. #9

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,962
    Thank Post
    1,208
    Thanked 1,074 Times in 765 Posts
    Rep Power
    332
    @dhicks:

    Good post my friend couldn't have put it better myself.

    Just a footnote to say that you can virtualise as we have done which works well also if you have the setup already in place.

  12. #10
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    The RemoteWorking.pdf document is a bit out of date. The section on iis security must be refering to iis5 rather than iis6 which has suffered only a small number of flaws since release certainly nothing near a monthly basis.

  13. #11

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,962
    Thank Post
    1,208
    Thanked 1,074 Times in 765 Posts
    Rep Power
    332
    @cookie_monster:

    Aye it is out of date by a few years (Just downloaded from their site a few minutes ago) but it does give the bare security essentials which are the nucleus for which way you could go.

    I think it is Capitas way of protecting themselves from a barrage of legislation which would bite them on the preverbial if they did not give advice on the matter.

    I think the crux is on security and the stronger you can make it the better obviously

  14. #12
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    Quote Originally Posted by bossman View Post
    @cookie_monster:

    Aye it is out of date by a few years (Just downloaded from their site a few minutes ago) but it does give the bare security essentials which are the nucleus for which way you could go.

    I think it is Capitas way of protecting themselves from a barrage of legislation which would bite them on the preverbial if they did not give advice on the matter.

    I think the crux is on security and the stronger you can make it the better obviously


    Yes i can see where they're coming from, it could do with a refresh though.

  15. #13

    Join Date
    Apr 2008
    Location
    Rugby
    Posts
    2
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    0
    Why not use remote app? That way users just click the Sims shortcut and it will run the Sims app and not the desktop. Stops you having to bugger about with locking the server start menus, desktops etc down.

    We have our Sims setup so that it will logon using the users credentials. Makes life so much easier and I don't have quite so many teachers doing dumb things like writing their username and password down on a piece of paper and leaving it on their desk.

  16. Thanks to davebanton from:

    superfletch (9th March 2010)

  17. #14
    superfletch's Avatar
    Join Date
    Nov 2007
    Location
    South
    Posts
    444
    Thank Post
    153
    Thanked 77 Times in 61 Posts
    Rep Power
    31
    I had a good mess around with SIMS and TS Remote App not so long ago, I didn't have long to play with it, but it seems like a really nice way to go to me. On the basis of a few days messing around I'd say it is temping to make all connections to SIMS run that way, (at least until it becomes a natively web based app).

  18. #15

    Join Date
    Nov 2009
    Posts
    16
    Thank Post
    12
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    we are trying to run Sims from a Windows Server 2008 box using RemoteApps, however when users click on the icon they get an error saying "Fault Code 3441-8525-2000" and incorrect s:\sims\connect.ini file: system.exception.

    Other apps such as Office 12 are working fine.

    Can anyone help?

    Thanks,

    Skiblet.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 19
    Last Post: 4th January 2010, 10:17 AM
  2. Replies: 6
    Last Post: 15th December 2008, 11:25 PM
  3. Advice needed on content filter setup
    By netadmin in forum Wireless Networks
    Replies: 5
    Last Post: 21st May 2008, 02:43 PM
  4. Home Drive / User Area Setup
    By burgemaster in forum Windows
    Replies: 10
    Last Post: 21st February 2008, 12:43 PM
  5. Replies: 11
    Last Post: 30th November 2007, 11:43 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •