Next, there's the Terminal Services Gateway. This feature allows users to access Terminal Services-hosted applications from a Web portal anywhere on the Internet, secured via an encrypted HTTPS channel. The gateway can send connections through firewalls and correctly navigate Network Address Translation situations that stymied the use of this technology before.

This saves corporations from having to deploy Virtual Private Network access to remote users for the sole purpose of accessing a Terminal Services machine; plus, since the data is sent over HTTPS, almost anyone can access the sessions, even at locations where the RDP is blocked by the firewall. Administrators can set connection authorization policies, or CAPs, that define user groups that are permitted to access TS through the TS Gateway machine.

Finally, in conjunction with the Remote Programs feature I just discussed, we also see in Longhorn Server the TS Web Access feature, which lets administrators publicly display available TS Remote Programs on a Web page. Users can browse the list for the application they want to run, click on it and then be seamlessly embedded in the application -- using all the features of TS Remote Programs -- while retaining the ability to launch other programs from the same Web Access site.

The service is smart enough to know that multiple programs launched by the same user should reside in the same Terminal Services session, making resource management a bit simpler, and you can even integrate TS Web Access within SharePoint sites using an included Web Part.

Active Directory: Read-only domain controllers