RDS / Terminal services: run multiple xming sessions on one server

Jan 11, 2022 | Powershell, Scripting and programming, Server administration, Technology | 0 comments

Introduction

Xming is an application that is used in conjunction with PuTTY on Windows to remotely access X11 graphical window interfaces on Linux. It’s an old application but a great one. Typically, it would be run as a single instance on one computer. However, my aim is to run it on a RDS session host server running Windows 2019. Several dozen students may need access to it concurrently. This

Problem

Xming is fine when running it as a single instance / a single invocation of the process on a single computer. But it wasn’t really designed to be run on a server where several dozen users might access it similtainiosly. There is a way of running several instances of it by specifying a server number. But the problem with RDS is that it would introduce a security risk if I was to allow end-users to specify their own command parameters when running an executable.

Investigation

A quick Google search took me to this blog post from 2008. From there I found that there were command switches that enabled the process to run several times on the one server. However there are problems with implementing this in a user-friendly way for use on remote desktop services.

  1. Users shouldn’t have access to independently modify the parameters / arguments passed to any executable.
  2. A unique server number must be used for each server or the person already using that number would be kicked out.
  3. Incrementing the number based on the number of currently running instances of the xming process wouldn’t work. Take the example of 12 concurrent users of the process. User 5 logs off. There are now 11 users. A new user logs on so the count returns to 12. The number 12 is already in use but the user doesn’t know that so the person on number 12 is kicked off because the new person get’s 12 instead. Less than ideal!

Solution

The approach I took was to write a script that would associate every person who logs in with a unique number. Then each time they log in they will be allocated that same number.

$File = “c:\temp\tempuserlist.txt”
$Username = whoami
$CSVFile = import-csv $File | where-Object { $_.name -eq $Username }
If ($CSVFile -eq $null) {
$CSVFile = import-csv $File | Select-Object -Last 1
[int] $count = $CSVFile[0].Count
$Count ++
$details = [pscustomobject]@{
name = $Username;
count = $Count
}
$details | Export-Csv -Path $File -NoTypeInformation -Append
}
else {
[int] $count = $CSVFile[0].Count
}
Start-Process -FilePath “C:\Program Files (x86)\Xming\Xming.exe” -ArgumentList “:$Count -clipboard -multiwindow”

You now need to advertise PowerShell as an application, change the alias of PowerShell then also change the icon so that users think they are clicking on Xming. That’s easy enough as well. I assume that if you are reading this, you are already aware of how to set up an application in RDS. So I’ll focus on the step required to change the Icon of the PowerShell application so that it matches the icon of the Xming application.

  1. Open PowerShell as an administrator on the session host server where Xming is installed.
  2. Use the following command. Replace the connection broker and the collection name with the values from your environment.
    Get-RDRemoteApp -ConnectionBroker rds-con-01.ad.dcu.ie -CollectionName GenericStudent -alias “powershell” | set-rdremoteapp -ConnectionBroker rds-con-01.ad.dcu.ie -CollectionName GenericStudent -iconpath “C:\Program Files (x86)\Xming\Xming.exe” -IconIndex 0

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.