RSLinx Classic and Terminal Services Introduction Remote Desktop Services, formerly known as Terminal Services, uses RDP (Remote Desktop Protocol) to connect a computer to a remote computer. When connected, Remote Desktop allows a user to access applications and data on the remote computer over the network. RSLinx Classic is an application which is often used via Remote Desktop. The remote functionality of RSLinx Classic is dependent on the version of RSlinx Classic and the operating system version hosting it. Described below is the functionality RSLinx Classic can provide remotely, based on its configuration and the host operating system/service pack.
Versions 2.54 CPR9 SR1 2.56 CPR9 SR2 2.57 CPR9 SR3 Rockwell’s Software compatibility matrix can be found in the Knowledgebase AID 42682. http://rockwellautomation.custhelp.com/app/answers/detail/a_id/42682/kw/software%20co mpatibility%20matrix/r_id/109439
Document Scope Limits This document is limited to RSLinx Classic Version 2.54, 2.56, 2.57, Windows XP, 2003 Server, Vista, 2008 Server and Windows 7 RSLinx Classic does not function with Windows XP’s Fast User Switching. Rockwell’s Best Practices recommend disabling Fast User Switching in Windows XP. See AID 30279. For RSLinx Classic to be remotely accessible in Windows 2000, several Local Security Policies needed to be be changed. This is NOT the case with Windows XP and above. To obtain the functionality functionalit y listed in this document, no Security Policies have been changed from default.
-1-
Terms and Definitions Host. The computer the Remote Desktop connection is made to. Client. The computer initiating the Remote Desktop connection. Remote Desktop Connection. A Remote Desktop connection is a client computer connecting to a host computer with the intention of using applications or data stored on the host. RDP. Remote Desktop Protocol. Windows Service. A Windows Service is a long-running executable that performs a specific function and does not require user interaction. Windows Application. A Windows Application is a program or group of programs that have a specific use for the user. Session. A Session consists of all the processes and other system objects that represent a single user logon session. A session represents a security and resource boundary. Console. or Console Session. The Windows console, or console session is the session the local physical keyboard, mouse and video are connected to. OPC. OPC Data Access Automation Interface. GUI. Graphical User Interface. DTL. RSLinx Classic SDK Interface RSWho. ActiveX control which provides browse capability CP. RSLinx Classic Launch Control Panel.
Remote Desktop All features of RSLinx Classic may not be available in certain operating system/service pack configurations. Understanding how a Remote Desktop connection connects to a host machine, will aid in understanding the reasons these features may not be available. Workstation operating systems usually allow the interaction of just one user at a time. Server grade operating systems, typically allow for multiple user sessions, simultaneously. Microsoft’s method of releasing workstation and server versions of the same kernel, dictates similarities in function, between workstation and server operating systems.
The user interface portion of Windows is based on the concept of sessions. A Session consists of all the processes and other system objects that represent a single user logon session. A session represents a security and resource boundary.
-2-
The local session, is a user, who is sitting at the local keyboard, using the local mouse and viewing the video locally. When this user logins in, the user is said to log in to the console session. When a remote session is made via the Remote Desktop Protocol (RDP), RDP connects to the host and either attaches to an existing session or creates a new session.
2003 Server R2 SP2 and Earlier In Windows XP and 2003 server, services and applications run in session 0. In Windows 2003 Server applications can run in session 1 and above. XP does not allow multiple remote sessions other than session 0. Services and applications running in session 0 pose a security risk because of their elevated security privileges. The elevated privileges of services, poses a threat from malware and hackers, attempting to increase their privilege level.
-3-
When a user logs in to XP, the user is logged into session 0. Windows XP does not allow concurrent connections, therefore, if a Remote Desktop connection is made, the local user is logged off. Windows 2003 server allows multiple users to connect simultaneously . When a user makes a Remote Desktop connection to a 2003 server host, the user has a choice to create a new session or to connect to session 0. Using the /admin or /console switch will connect to session 0, logging out the local user. Without the switches, each user connects to a new, unique session and does not impact the local user (session 0 user).
Vista and later With Windows Vista, to reduce security risks, changes have been made to the way sessions function,. In Vista, as with XP and 2003, services run in session 0. However, the local user logs into session 1. Session 0
Session 1 - User 1
Service 1
Application 4
Service 2
Application 5
Service 3
Application 6
Session 2 – User 2
Application 7
Application 8
Application 9
-4-
Session 0 is now isolated and is not interactive with the desktop. Part of purpose of a session is to provide a security and resource boundary. Consider RSLinx Classic running as a service on Vista. We know that all services run in session 0 and the local user is connected to session 1. Therefore any interaction with the GUI in RSLinx Classic running as a service, is blocked by the session boundary.
Using RSLinx Classic with Remote Desktop When making a RDP connection to a host machine. The operating system of the client, does not affect the operation or functionality of RSLinx Classic on the host. However, the operating system and the installed service pack of the host and client, may affect the methods of connection to the host When a Remote Desktop Client connection is made, to a host machine, either a new session is created or it connects to an existing session. Windows XP and Vista Windows XP and Vista Home are single user operating systems. Single user operating systems only allow remote desktop connections to the default session, session 0 for XP and session 1 for Vista. Windows 2003, 2008 Server and Windows 7 Windows 2003 Vista Business, 2008 Server, and Windows7, are multiuser operating systems. Remote Desktop connections can be made to the default console session, or to a new session. On the host, if the connection request, is a console request, the Connecting to the Console session in Windows 2003, Vista Business and 2008 server, use the /console switch for Windows 2003 and the /admin switch for Vista and 2008 Server. Connecting to Windows XP and Vista Home, with or without the /console or /admin switches, the client is always connected to the console session.
RSLinx Classic RSLinx Classic features available via Remote Desktop are, OPC, DTL, RSWho, GUI and CP. The availability of these functions is dependent on the mode RSLinx Classic is running as, an application or service. RSLinx Classic has 5 interface features available to a Remote Desktop session. The five interface features are: OPC - OPC is a published standard for industrial system interconnectivity. The specifications for OPC are maintained by the OPC Foundation. OPC is based on Microsoft’s Object Linking and Embedding Technology and
-5-
uses COM and DCOM technology to exchange data on one or more computers in a client/server architecture. DTL – DTL is an Application Programming Interface (API) into RSLinx Classic’s communications engine. The DTL API’s are exposed and available through RSLinx Classic’s Software Development Kit. RSWho – RSWho is an ActiveX control which displays configured networks and devices in a window similar to Microsoft Window’s Explorer. A RSWho control exposes network browse capability to any ActiveX container, local or remote. GUI – RSLinx Classic’s Graphical User Interface (GUI) is visible interface to RSLinx Classic. The GUI is used to configure drivers, create topics, monitor status and troubleshooting information of configured drivers and OPC connections. CP – RSLinx Classic’s Launch Control Panel (CP) is a program for changing RSLinx Classic’s operating mode, application or service. The Control panel allows users local and remote to start, stop and configure the “Run as a Service” setting. The following five interface features of RSLinx Classic are often used by Remote Desktop user’s: to collect data, RSLogix upload/download, tag browsing, driver configuration and troubleshooting. The availability of these features is dependent on the operating system and the type of Remote desktop connection. RSLinx as an application When RSLinx Classic is running as an application, it uses the logged in • user’s privileges. RSLinx Classic starts as a Service by default on Windows versions earlier • than Vista. Configuring RSLinx Classic to run as an application, RSLinx Classic will continue running as an application until “Run as a Service” check box is checked and restarted, in the RSLinx Classic Launch Control Panel. Security changes in Windows 2003 Server SP1 and R2, prevent the five • interface features in RSLinx Classic 2.54 and 2.56 from functioning, when RSLinx Classic is running as an application. Windows Vista, 2008 Server and Windows 7, RSLinx Classic defaults to • running as an application. In RSLinx Classic 2.57, the five interface features, function in all versions • of Windows from XP SP2 thru Windows 7. RSLinx Classic as a service When RSLinx Classic is running as a service, the user account is local • system.
-6-
•
•
•
RSLinx Classic defaults to “Run as a service”, in Windows XP and 2003 Server. In Windows 2003 SP1 and R2, RSLinx Classic’s GUI is not available, unless connected to the console session. The GUI is not accessible on Vista, 2008 Server and Windows 7, when RSLinx Classic is running as a service.
RSLinx Classic Functionality by Operating System Windows XP SP2, XP3 All five interface features are available when a remote desk • connection is made to Windows XP SP. RSLinx Classic can be running as a service or an application. Windows XP is a single user operating system and remote desktop • connections are always made to the console session. Windows 2003 SP1, R2 RSLinx Classic 2.54 and 2.56 running as an application, all five • interface features are unavailable, unless connected to the console session. RSLinx Classic 2.57 the five interface features are available when • running as an application. RSLinx Classic 2.54, 2.56 and 2.57 when running as a service, the • GUI is not accessible, unless connected to the console session.
Vista, 2008 Server, Windows 7 •
•
•
•
•
RSLinx Classic 2.54 is not supported on Vista, 2008 Server and Windows 7. RSLinx Classic 2.56 and 2.57 support OPC, DTL, RSWho and CP in application or service mode. RSLinx Classic defaults to starting as an application. If RSLinx Classic is running as a service, there is no graphical user interface (GUI). If you need to configure RSLinx Classic, you must be in application mode. To switch between running as a service or application use the RSLinx Classic Launch Control Panel. RSLinx Classic will not start properly when it is configured to run as an administrator and you attempt to log on as a standard user. User Account Control (UAC) is a feature of Microsoft Windows Vista that helps protect your computer from damage by programs that attempt to perform administrative tasks on your computer without your knowledge. By default, User Account Control is active, and prompts you for administrative credentials, or to confirm that an executable file (*.exe) associated with a menu item, button, or other item, is safe to run. If you have User Account
-7-
Control enabled, you will be prompted to confirm your administrator privileges (enter a user name and password) when performing the following RSLinx Classic-specific tasks: o Installing RSLinx Classic o Running the Backup/Restore Utility o Registering EDS files via the EDS Hardware Installation Tool o Saving related files (for example, the event log) to the C: drive on your computer. You will be instructed to save to an alternate drive location.
• •
RSLinx Classic versions 2.54, 2.56 are not supported in Windows 7 RSLinx Classic 2.57 is supported in Windows 7
For RSLinx Classic to be remotely accessible in Windows 2000, several Local Security Policies needed to be changed. This is NOT the case with Windows XP and above. To obtain the functionality listed in this document, no Security Policies have been changed from default.
-8-
RSLinx Classic 2.54 Remote / Terminal
OS Windows XP sp2 Windows 2003 sp1 2003 sp1 /Console Windows 2003 R2 2003 R2 /Console
OPC Y Y Y Y Y
Run as service DTL RSWho GUI Y Y Y Y Y N Y Y Y Y Y N Y Y Y
CP Y N Y N Y
OPC Y N Y N Y
Run as application DTL RSWho GUI Y Y Y N N N Y Y Y N N N Y Y Y
CP Y N Y N Y
Run as application DTL RSWho GUI Y Y Y N N N Y Y Y N N N Y Y Y Y Y Y Y Y Y
CP Y N Y N Y Y Y
RSLinx Classic 2.56 Remote / Terminal
OS Windows XP sp2 Windows 2003 sp1 2003 sp1 /Console Windows 2003 R2 2003 R2 /Console Windows Vista sp2 Windows 2008 Server Server 2008 No restrict single session Server 2008 No restrict single session /Console
OPC Y Y Y Y Y Y Y
Run as service DTL RSWho GUI Y Y Y Y Y N Y Y Y Y Y N Y Y Y Y Y Y Y
CP Y Y Y Y Y Y Y
OPC Y N Y N Y Y Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
RSLinx Classic 2.57 Remote / Terminal
OS Windows XP sp2 Windows 2003 sp1 2003 sp1 /Console Windows 2003 R2 2003 R2 /Console Windows Vista sp2 Windows 7 Windows 2008 Server
OPC Y Y Y Y Y Y Y Y
Run as service DTL RSWho GUI Y Y Y Y Y N Y Y Y Y Y N Y Y Y Y Y Y Y Y Y
CP Y Y Y Y Y Y Y Y
OPC Y Y Y Y Y Y Y Y
Run as application DTL RSWho GUI Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
CP Y Y Y Y Y Y Y Y
Server 2008 No restrict single session
Y
Y
Y
Y
Y
Y
Y
Y
Y
Server 2008 No restrict single session /Console
Y
Y
Y
Y
Y
Y
Y
Y
Y
-9-
