Windows 7 Terminal Services Configuration

Optimizing RDP client/server for casual use. Make it use less bandwidth. Get higher throughput and adaptive transfers.

To do this navigate back to Terminal Services Configuration. Once there, look in the right pane to see a list of connection types that are available for your Terminal Server. The lifeblood of Terminal Services is now called 'Remote Desktop Connection', which can be run by typing the following command into the 'Run' box of Windows 2000, XP, Vista, and 7: mstsc Cool Fact: Although the program is now called Remote Desktop, the command is still mstsc because it means M icro s oft T erminal S erver C lient, because it. Configuration To customize the settings of your Windows Terminal, select Settings in the dropdown menu. This will open the settings.json file in your default text editor. (The default text editor is defined in your Windows settings.). A service is something a program does in Windows — specifically, a program that starts automatically whenever the computer starts. Most services are things that Windows does, and most of those services are tasks that you don’t need to have running in your computer. To disable a service, follow these steps: Open the Control Panel. A step by step guide to build a Windows Server 2019 Remote Desktop Services deployment. I posted this before based on Windows Server 2012 R2 RDS and thought it was high time to update this post to a more modern OS version. I will provide all the steps necessary for deploying a single server solution using the GUI tools.

Back in 2011 I wrote a blog post on optimizing RDP in Windows 7. I’ve been thinking of updating that post for some time, and now finally got around to it.

Since sometime around 2000 I have been working remotely over RDP. It is my preferred way of working since it allows me to have one main computer and my laptops are just a terminal. I have worked on low bandwidths, high bandwidths and everything in-between. For the most part the default settings served me well, but in some cases you may want to optimize it a bit further – and this is where this guide may be of help.

If you do not want to dig into the dirty details then just follow this list.

  1. Open up UDP port 3389 in your firewall/port forwarder. Both TCP and UDP should be open.
  2. Open Group Edit: gpedit.msc
  3. Navigate to “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session Host”
  4. Set “Configure compression for RemoteFX data” to “Enabled” and “Optimized to use less network bandwidth” (if you have enough RAM, or “Balances memory and network” or “Optimized to use less memory” if not.)
  5. If you always connect through LAN/VPN then disable host-to-client encryption: Go to “Security” and set “Set client connection encryption level” to “Low level”. (Warning: Do not do this if you are not on a secure network.)
TerminalEnable terminal services windows 10

Enable UDP

Terminal

Of course you have to open/forward TCP port 3389 to enable RDP. Since RDP 8.0 (came as an update to Windows 7 and Windows Server 2008 R2) there has been some additional improvements to the protocol. Notably an UDP connection has been added for adaptive/lossy transfer. Microsoft describes it as: “This feature offers advanced techniques such as intelligent and adaptive UDP transports, network loss tolerance, and recovery to provide a fast and fluid experience to users on a WAN.” The immediate effect I spotted when opening the UDP port was that sound and picture was synced in videos, and that I could run a fullscreen 1080p (cartoon) video smoothly over a remote connection. The video was encoded in lower quality than its source, but it still played and the RDP connection worked smoothly.

Terminal services configuration windows 10

Enable/forward UDP port 3389. Meaning that you will have both TCP and UDP port 3389 open/forwarded to your RDP host.

PS! If it is unclear what “enable/forward” means: The ports have to be opened in any firewall (local or on network), and in the case of NAT the port has to be forwarded.

PS2! This feature is default set to “on”. For information about this feature and where you can disable it on the host computer go here.

Configure compression

Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostRemote Session Environment”.

In “Configure compression for RemoteFX data” change the compression level to what suits you best. Note that “Do not use an RDP compression algorithm” will use a lot of bandwidth. Set this to “Optimized to use less network bandwidth” if you suspect bandwidth is your bottleneck.

Up to Windows 7 this option was called “Set compression algorithm for RDP data”.

Configure encryption

Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSecurity”.

The setting “Set client connection encryption level” allows you to change the encryption level of your connections. For most cases it is strongly recommended to keep encryption enabled. Setting it to “Low level” will encrypt data sent from the client to the server (mouse/keyboard), while not encrypt data sent from the server to the client. The setting “Client Compatible” will attempt to negotiate the strongest supported encryption by both ends. The setting “High level” (recommended) will use 128-bit encryption in data both sent and received.

Windows 7 Terminal Services Configuration Manager

Note that decrypting data is not a CPU-intensive operation, therefore encryption has very little/no impact on the client.

Terminal Services Configuration Windows 7

  • If you minimize your RDP window (on the client) it will not use any bandwidth. Useful if you are working over a metered connection (mobile).
  • Default setting is for the client to cache bitmaps. This is nice for slower connections, but on a LAN connection it can quickly lead to slowdowns when reading/writing cache on disk.
  • It could be worth checking out other vendors
    • Ericom Blaze RDP Accelerator http://www.ericom.com/ericom_blaze.asp
    • Riverbed https://splash.riverbed.com/thread/5874 (network level compression, requires disabling RDP compression and encryption)

If you are the admin of a RDP host server and you want to put certain limitations on your users there is a whole set of options you can change. To mention some:

  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostConnections”
    • Restrict users to a single RDP session
    • Limit number of connections
    • Automatic reconnection
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostDevice and Resource Redirection”
    • Disable audio/video redirect
    • Limit audio quality
    • Disable clipboard, COM/LPT-ports, drives, plug and play devices and smart card redirection
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostPrinter Redirection”
    • Disable/configure printer redirection (printing from RDP to local printer)
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostProfiles”
    • Enforce and limit roaming profiles for RDP users
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostRemote Session Environment”
    • Limit colors, resolution, number of monitors
    • Start a program on connection
    • RemoteFX settings for virtual hosts
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSecurity”
    • Always prompt for password
    • Require encryption
  • Under group policy “Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSession Time Limits”
    • Configure session timeouts

If your desktop host is a Windows 7 or higher running as a HyperV virtual machine guest OS then you can enable RemoteFX. RemoteFX requires a compatible graphics card, and in short it gives your RDP session into the virtual host access to GPU hardware. For example I successfully started Battlefield 4 by RDP’ing into a Windows 8 virtual guest OS. It ran remotely (around 20Mb network connection) and it was very laggy (around 10 fps), but it did run nevertheless.

Windows 7 Terminal Services Configuration Number

Note that RDP settings for RemoteFX is a separate set of options located side-by-side with the options described above.