Services Utility: Terminal Services Service
|Display Name (?):|| Terminal Services|
|Short Name (?):|| TermService|
|Executable (?):|| svchost.exe|
|Library (?):|| termsrv.dll|
|Depends On (?):|| Remote Procedure Call (RPC)|
|Supports (?):|| Fast User Switching Compatibility, Terminal Services User Mode Device Redirector|
|Description (?):|| Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.|
|OS (?):|| 2000 Professional, XP Home/Professional, Vista Home/Business, NT4 Server, 2000 Server, Server 2003, Vista Server|
The Terminal Services service is used in allowing users to remotely access a Windows based machine under an authenticated user's credentials. Historically this service was used for multiple users to share a server (or cluster). This allowed each user their own virtual desktop so they could perform tasks local to the server itself as if it were on their computer. In this situation the client would be considered a terminal and the server would be called a terminal server. The original features provided by this service were similar to those provided by Citrix servers or X Servers. However, with newer versions of Windows it provides additional features that are very useful.
With Windows XP and Windows Server 2003 this service has been extended to a few new features such as Remote Desktop, Fast User Switching and Remote Assistance. The concept of Remote Desktop is to allow a user or users (1 for XP Pro and 3 for a server version) to remotely control the computer in question. This allows you to use your computer from a different Remote Desktop enabled computer as if you were sitting in front of it, and it even allows you to play sound across the Internet and transfer files between the computers. And the client in a Remote Desktop session can be all modern versions of Windows, although it is preinstalled to XP, and even Mac OS X. It should be noted that the port number of Remote Desktop is 3389. Sadly there is no easy way to change this and they bury the setting to change this port in the registry. But, you can find it in HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp under the value called PortNumber. This is a DWORD that should already exist and the decimal value is the listening port number. For security I would suggest changing this value to a high port that would not normally be scanned. To initiate a connection to that port in remote desktop use the IP or DNS and then a colon followed by the port (site:port). Please note that you need to restart the Terminal Services service in order for the port change to take effect, but I suggest just restarting the computer to do it.
Fast User Switching uses the Remote Desktop technology to allow multiple local users to have their own program profiles that do not interfere. The purpose is to have multiple family members (although it could be used in small business settings) have their own profiles that remain logged in while someone else uses the computer. The downsides are that other user programs will consume memory even when in a different profile, and some programs do not handle being executed under multiple profiles gracefully, but Windows will normally notify you of this. This feature cannot be used when part of a domain as this feature requires the Welcome login, and a domain requires the standard NT login.
And then there's Remote Assistance that allows a user to offer someone else access to their computer through Remote Desktop. The difference here is that instead of authenticating to your computer the client must be invited to take control of the user's computer through several different means. You can either invite someone through Microsoft Messenger (the chat program) or through an email attachment. It should be noted that the invitation has an expiration that is adjustable by the sending user, and it also makes use of a password to verify the integrity of the client.
If the computer in question is only used locally by a single user (fast user switching) that doesn't make use of external remote control support (remote desktop, remote assistance or terminal services) then this service can be safely disabled. There is no way to terminate this process from within the services console as the button is grayed