1c terminal connection. Small but important digression

So! Having installed Windows, go to the Administrator. If everything is done correctly, we see the "Manage Your Server" window and no (!) Activation messages.

Add the "Terminal Server" role

The list of "roles" (now it is called that ;-) of our server is empty. Add a role to our server. The computer simulates the search for something there on the local network, and offers us to choose: m / y the role that we need in HIS opinion and the one that is needed in YOUR opinion. Since we no longer believe in an artificial mind and other fairy tales, and our opinion is somehow more dear to us, then we choose: Custom.

In the list of roles that appears, select Terminal Server, and click Next. Press Next again, and after OK - confirming our own readiness to restart the computer.

After rebooting, go under Administrator, and tell the terminal server installation Finish. Now: in the Managing your computer window there is a role: Terminal Server. Although it is said below that: "Since no terminal license server was found, the terminal server will issue temporary connection licenses, each of which will expire within 120 days."

This situation does not suit us in any way, for this reason we are installing a terminal license server. To do this, go to Start → Control Panel → Install and Remove Programs → Windows Components. Check the box next to Terminal Server Licensing. Click Next. After Finish.

Terminal Server Activation:

We now have a terminal license server installed. But it still needs to be activated !.

If you have a corporate proxy, you need to register it in Control Panel → Settings.

Go to Administration → Terminal Server Licensing. We see that the server found on our computer is in the Not activated state.

Right-click, say Activate server. Select the connection type Automatic. We enter our personal data (name, organization, surname, country - strictly those that were entered when installing Windows). The following page (E-Mail, address) I left blank. Click Next and wait.

Activation must be successful. It is unclear, what is the point, Microsoft put in this activation? What is it for, except for collecting statistics? After successful activation, you will be prompted to add licenses. Let's continue.

This will launch the Client Access License (CAL) Activation Wizard, which will first go back to Microsoft. Then it will ask for the type of license you want to install. I chose the Enterprise Agreement, and the next step was the magic number.

Now you need to specify the product - Windows Server. License type - per Device. The license was installed perfectly. Close the Terminal Server Licensing window.

Setting up the server

From the Administration folder, we pull out the Computer Management and Terminal Server Manager shortcuts to the desktop. It is not necessary, but it is much more convenient.

Go to Computer Management, create a group / user groups 1c.

To do this, go to Administration → Terminal Services Configuration. Remove the restriction "Restrict each user to one session" in the Server Setting. In the Connections list, select connections and configure their Properties:

Client Settings tab:

Replace the user settings for disks and printers with our own:

• connect everything (that is, the top checkbox must be unchecked, and the next 3 must be active and installed);
• Limit color depth to 16 bits;
• Deny forwarding of LPT, COM, Audio ports.

Permissions Tab:

• We add the created 1c user groups and set them the rights: Guest Access + User Access, I set the full one.

Close Terminal Services Configuration. Then we do the following:

• We go to My computer.
• Talking Propetries on drive C:
• Go to the Security tab
• Talking Advanced ...
• We remove the rights that allow the Users group to create folders and files.

Go to Control Panel → System. "Automatic Updates" tab. Disable all automatic updates completely.

Go to Administration → Local Security Settings → Account Policies → Password Polisy. We set "Maximum password age" \u003d 0 - this is more convenient.

We go to Computer Management, add ourselves as a user.
Don't forget:

• Password never expires
• Add yourself to 1c user groups.
• Uncheck "Require user`s permission" on the "Remote control" tab

We connect to the server:

We are trying to connect from another computer to the terminal server. To do this, we need to install a client on the computer. XP already has such a client: "Start → Utilities → Accessories → Communications → Remote Desktop Control".
Although, even on XP it should be reinstalled: the client in the Win2003 Server will still be newer.

The client is located in the folder: C: \\ WINDOW \\ SYSTEM32 \\ CLIENTS \\ TSCLIENT. it supports installation on Windows 98. Install it on all machines from which you want to work on the terminal server.

After starting the client, click the "Options" button. For 1c users, the following settings should be applied:

General tab:

• fill in the fields computer, username, password
• domain (if network with domains - domain name, if without domain names - server name)

Client window for connecting to a Windows terminal server

"Screen" tab:

• desktop - full screen;
  color palette - 16 bit.

"Local Resources" tab:

sound - do not play;
keys - only in full screen mode;
automatically connect to disks and printers - As you please.

"Advanced" tab:

• speed - modem 28.8 - 1 tick must remain - graphics caching.

Now these settings can be saved to a file with the RDP extension. Pay your attention to the "Save password" checkbox on the "General" tab. This checkbox is available for Win2000 and WINXP operating systems. For others, no. Unfortunately, Win9x users are deprived of the ability to save a password in an RDP file - for this reason, configure your Win9x users that, with the exception of a 1c password, they will need to type a password on Windows.

How to deal with this password is up to you. It is possible to assign 1 password to all, it is possible to generate your own password for any user. Although, it is extremely better for you to know the password of any user - it will come in handy for remote connection and session administration.

With your connection configured properly, make sure it works, and if you want to save it to an RDP file (possibly directly to your desktop).

Software installation:

From personal experience, I can say that it is worth installing as little software as possible on the server. Better to put only the most necessary, since the speed of work with the server depends on the number of programs and the load.

I would limit myself to installing the following software on the server:

• Total Commander;
• WINRAR;
• XP RUS;
• Software to help the database (for example MUSKUL).

All software was installed correctly - that is, through the Control Panel. From Office I installed only Word, Excel and Access. Disabled things like Binder and Office_Panel.

After that, it remains to go to "C: \\ Documents and Settings \\ Administrator" and "C: \\ Documents and Settings \\ All users" and correct the contents of the folders

• \\ Start men;
• \\ Start menu \\ Programs;
• \\ Start menu \\ Programs \\ Startup;
• \\ Deskto.

for unnecessary labels.

http://bazzinga.org/js/tiny_mce/themes/advanced/skins/default/img/items.gif); background-position: 0px 0px; "\u003e Install 1c: Enterprise:

Install 1c as always by running the installation.

Create a folder for storing future databases. It contains subfolders for the corresponding user groups, into which we transfer the 1c base from the old place.

We check access to the folder with 1c databases:

• Right click Propetries → Security → Advance.
• all rights must be inherited from the root of the disk: Administrators, SYSTEM and Hosts must have "Full Control", group 1c - "Read & Execute.

• Add rights for the corresponding 1c user group (which owns this base). We put all the checkboxes, except for:
  Full Control, Delete, Change Permissions, Take Ownership (for "This folder, subfolders and files")
• thus, our group with "Special" rights will appear in the list of rights

A little secret: if you want someone other than the Administrator to be able to save any of the 1c databases, you need to give this person write permissions to the file C: \\ Program Files \\ 1cv77.ADM \\ BIN \\ 1CV7FILE.LST ...

• right click -\u003e Propetries -\u003e Security -\u003e Advanced
• add rights for the 1c-Admins group: Put all the checkboxes, except for: Full Control, Delete, Change Permissions, Take Ownership

When you first start 1c, you may encounter the fact that 1c did not want to perceive its own metal security key. At startup, he thinks for a long time, and later writes: "The protection key was not found" - and falls out.

However, I have not heard about such problems from other people. Installation of the HASP driver emulator will help you. However, this is a different story!

Leave your comment!

Terminal mode of 1C operation is a special type of computing system architecture in which a terminal server is used for data processing. Terminal clients (users' computers) in this mode do not process information, but only receive the result of data processing. Only graphic data for the monitor and data from the mouse and keyboard are transmitted from the server to the client and back. As a result, the performance of 1C programs increases several times, and the load on the local network decreases.

Advantages of using terminal server 1C

In addition to the significantly increased speed of 1C programs, the transition to terminal mode has the following advantages.

• Reduced requirements for personal computers of users. With terminal access to 1C, the enterprise does not need to purchase powerful computers for each user. Only one machine should be productive enough - the server itself. Low-power computers can be used as user PCs without spending additional funds on their modernization. This moment can become key, for example, for budget organizations.
• The level of data protection is increasing. There is no need to fear that the data will be damaged or intercepted during its transfer to the terminal client. First, all traffic is encrypted. Secondly, not the information itself is transmitted, but only its graphic equivalent for the monitor. The data is stored on a secure remote server and does not travel over the network. For the same reason, data is insured against loss during network outages. This is especially important when working with a 1C database in file-server mode, sensitive to power outages.
• The time and costs for administration of the information system are reduced. On the server, you can create the required number of typical profiles with a specific set of applications. This is much faster than setting up the same number of custom PCs. In addition, administration can be remote. The system administrator can be in another city or even country, but at the same time quickly set up a workplace in 1C for a new employee.

With the transition to the 1C terminal server, the company's employees get the opportunity to work with the accounting program remotely online. The characteristics of the architecture of terminal access allow you to connect to 1C using low-speed and even weakly secure communication channels.

Terminal Server is an effective solution for companies that are faced with the problem of limited local network bandwidth. For such companies "Smart Office" offers the service

Today we will consider the choice of server hardware for a small organization for 25-30 users, with a distributed infrastructure (retail outlets, warehouse), which requires a terminal server and the 1C: Enterprise program. All employees will use these services.

Most small companies, in order to reduce the cost of equipment, prefer to minimize the amount of purchased equipment and ask administrators to "cram" all the services they requested into one physical server. The desire is understandable and forgivable, but there are nuances here.

You can organize a terminal server and use the file version of 1C there, but with such a number of users, the developer company recommends switching to the client-server version. Therefore, we also need a server for 1C: Enterprise and a database server. Let's clarify right away that it is possible to organize a terminal server, SQL server and 1C server on the same operating system, but, from the point of view of security and stability of services, this is highly discouraged. And if you still really want to use one physical server for all three roles, then we recommend using virtualization, for example, VMWare ESXi or Hyper-V.
Thus, three options emerge:

1. One server with file 1C. Bad option, we will not consider it further.
2. One server with two virtual machines.
3. Two physical servers, one terminal, the second with a database and 1C.

To solve these problems, the following server configuration can be proposed:

In case of one physical server we opted for the Dell R710, with two Xeon X5650 six-core processors, 64GB of RAM, and six drives: two SSDs in RAID 1 and four SAS drives in RAID 10.

In case of two physical servers we opted for the following configurations:

• Terminal server: IBM x3550 M3 with one Xeon E5620 processor, 32 GB of RAM and two SSDs in RAID 1, with an additional network card for two gigabit interfaces. This server also has rich upgrade opportunities, as it is dual-processor, has 18 slots for memory modules and supports up to 288 GB of RAM.
• Database Server: IBM x3250 M5 with one Xeon E3-1220v3 processor, 16GB RAM, optional SAS / SATA RAID controller, four SAS drives in RAID 10, with optional 2Gb NIC.

Why did we choose these configurations? To answer this question, let's calculate what we need to ensure a comfortable user experience in our small organization of 25-30 employees. To avoid misunderstandings: this is just one example of an inexpensive 1C implementation, and in many cases it is more expedient to choose other configurations.

CPU

From the point of view of processor time, terminal sessions do not take up a very large share. Based on the experience of implementing terminal solutions in various organizations, to maintain the comfortable work of 30 users, 4-6 physical processor cores will be enough, one core for 6-8 sessions.

For a small database, the SQL server will need one core. But we will focus on expanding the database in the future (or increasing the number of databases) and take two SQL cores.

For the 1C: Enterprise server, it is not so much the number of cores that matters as their clock speed and bus frequency. Therefore, we will lay two more cores on the 1C server.
And let's not forget that in the case of using virtualization, one or two cores will be useful to us to ensure the operation of the host operating system.

In total, we get:

• a server with two virtual machines requires 12 physical cores. Less is possible, but there should always be a margin of power. A server with two six-core processors is ideal for this.
• for a terminal server, one Xeon E5620 processor with six cores is sufficient; for a database server, a Xeon E3-1220v3 processor with four cores.

RAM

First, let's see how much RAM is needed for services:

• The Windows Server operating system only requires 2 GB of RAM for itself.
• For SQL and a small 1C database, 4-6 GB of RAM will be enough.
• The 1C: Enterprise server requires another 2-3 GB of RAM.
• We expect that each user will need 700 MB of RAM in a terminal session, then 30 users will need 21 GB.

Now let's apply this to our options.

• One server with two virtual machines requires about 40 GB of RAM.
• For a terminal server, 24 GB or 32 GB of RAM will be enough (we will take with a margin, assuming future expansion). For a server with databases, you need at least 8 GB, but this is "back to back", so 16 GB with a margin. Memory is now one of the cheapest server components.

Disk subsystem

This is the traditional bottleneck for many systems. Choosing the right hard drives is very important to keep your servers running fast. When 1C works with a SQL database, there are many read / write operations per second (IOPS). If users work on the terminal server from thin clients (i.e. fully use the terminal server as a working environment), this heavily loads the server's disk system. For example, 30 terminal server users on RAID 1, SATA 3 Gb / s, with WD Velociraptor disks feel uncomfortable when working with mail and actively surfing the Internet. For terminal servers, we recommend using SSD drives. For database servers - SAS disks assembled into fault-tolerant arrays.

In addition to drives, you should also pay attention to the disk controller. Modern servers have pretty good controllers on board, for example, HP SmartArray and DELL PERC. However, it would be incorrect to use “on-board” solutions under heavy load when maximum performance is required. Having saved a little, you can easily get a powerful server that does not pull the load at all. Therefore, the controller must be with its own non-volatile memory.

Let's consider the options for solving this problem.

• For one server with two virtual machines, it is desirable to use two RAID arrays: one will contain the files of the terminal server virtual machine, the second will contain the files of the database server virtual machine and 1C: Enterprise. It is best to use two SSDs in RAID 1 (mirror) to create the first array.

  It is better to create a second array from four SAS disks in RAID 10 (mirror + stripe), but it is also possible from two SSDs in RAID 1. The choice depends only on the cost of the disks and the server model.

• For two servers, everything is the same, only the arrays will be spread across the servers. On the terminal - RAID 1 of two SSDs, on the database server - RAID 10.

One or more servers

As mentioned above, small organizations have a rather strong desire to host all services on one server.

The benefits of using a single server and virtualization include lower power consumption and more flexible resource allocation between virtual machines. Well, the transfer of virtual machines, in which case, is much more convenient than the transfer of physical OS.

However, the two servers have more upgrade options. For example, in our version of the inexpensive IBM x3550 M3 with the addition of another processor and RAM, it turns into elegant shorts a terminal server for 50 or even more users.

Another "bottleneck" in our case, which must be taken into account when choosing two physical servers, is the exchange of data between them over the network. For virtual servers, data exchange goes through a virtual switch. Here, to increase the network bandwidth, you can install a network card with two gigabit interfaces in each server, which can be aggregated with each other and directly connect both servers with aggregated 2 gigabit links. Or use network cards with SPF + 10GBASE, but this is an expensive pleasure.

Power reserve

When calculating and choosing a server, peak loads must be taken into account. It is also imperative to remember that the database will only "swell", the amount of data on the terminal server will grow, and the number of users may increase. Many enterprises save on power reserves and, after six months or a year, face interruptions in their work and user complaints. This is the case when excessive savings leads to new costs in the future - the miser pays twice. The options we have chosen are calculated with a power reserve and the possibility of an upgrade. It is taken into account that in DELL R710 it will be possible to add two more hard drives and RAM, as well as replace processors with more efficient ones.

So, if you need to expand, or the number of services increases, then there are great prospects, and the existing servers will effectively perform their tasks for a long time. Perhaps in a year we suddenly need to double the number of users, to 60 people? You are welcome.

If you used one DELL R710 server, then you can buy an inexpensive IBM x3550 M3, raise a hypervisor on it, move a virtual machine with a database and a 1C server there, and transfer all resources to a virtual machine with a terminal on DELL. It will be fast and there is no need to “throw everything out and buy new”.
If you used two IBM servers, the x3550 M3, with the addition of a second processor and a little RAM, turns from an average to a fairly powerful machine. And in the x3250 M5, you can upgrade the processor from E3-1220v3 to E3-1285v3.

Technically, a terminal server is a very powerful computer (or cluster) connected over a network to terminal clients - which are usually low-power or outdated work computers, or specialized solutions for accessing a terminal server.

We offer a service for creating and configuring a 1C terminal server in your office, as well as, if necessary, take care of issues related to system administration of servers, maintenance and updating of 1C.

Terminal server for 1C also allows you to organize collaboration in 1C from anywhere in the world where there is Internet. Having installed Terminal Server for 1C running Windows Server ..., you can:

Transfer all 1C databases and information to a secure resource (this will allow you and your employees to always have any necessary data at hand and access them via mobile devices while out of the office);

Simplify the procedure for updating all 1C databases;

Reduce the cost of maintaining and updating the fleet of office computers, due to the fact that minimum computer power is required to work with the terminal server;

Provide prompt secure access to the terminal server for remote employees or companies (incoming accountant, auditor);

Advantages of working in 1C on a terminal server:

1. The productivity of 1C is increased. The terminal server allows several users to work with several copies of the 1C program that are running on one server. When working in a terminal, users receive only an image from the server, and signals from their keyboard and mouse are transmitted from users to the terminal server.

2. Reliability of 1C operation increases. When using terminal access to the 1C database, the resulting failure or disconnection does not harm the 1C base and will not lead to significant loss of time, since all information is stored on the server. After the failure is eliminated, the user will immediately see the same information (the same open documents, reports, etc.) as before the failure.

3. Remote access to 1C is provided. Your remote employees (remote office, warehouse, auditors, etc.) will be able to connect to the terminal server remotely via the Internet and work with a common 1C database in real time. To ensure the security of remote work, we recommend installing and configuring a separate Internet gateway with a configured VPN server that provides VPN data encryption based on SSL security keys and certificates.

4. Costs are reduced For installation, you will need a powerful enough computer (server), but powerful user computers are not required to work with the 1C terminal. Users will be able to work on weak machines (for example, thin clients), since data processing and storage is carried out on a terminal server, and user computers receive only an image.

A terminal server can be a solution to the problem for organizations where the number of users is large, but the computing power of workplaces is insufficient. Also, the configured server solves the problem of administration and installation of the 1C client.

How to set up a terminal server for 1C

For the stable operation of 1C, it is necessary to prepare a fleet of very powerful computers and servers. As the number of users and the depth of implementation of 1C products grow, the appetite for configurations increases. Sooner or later, the possibilities for improving the performance of servers, client machines, and network parameters will run out and you will have to look for other solutions to the performance problem with clients. Terminal server for 1C is one of the working ways to simplify the life of administrators and reduce the requirements for terminal clients.

Using a terminal server for 1C

If you do not use terminal servers, users' computers independently perform calculations for which information is transferred from the database to clients. This process does not depend on the type of database. This type of work requires a serious investment in order to achieve a decent level of performance on the server and workstations.

When working with a terminal server, the client computer acts only as a keyboard and monitor. The network only has to transmit signals from the user's keyboard to the server and display the result of the entered commands from the keyboard back. In this regard, the requirements for their characteristics are significantly reduced. There is no need to purchase and regularly update terminal clients and provide a high-speed connection to the server.

With the growing popularity of 1C programs and an increase in the areas in which this software is being implemented, more and more companies use the 1C terminal server. Saving on technology is far from the only reason why many organizations are leaning towards the option of working with 1C using a server.

Terminal server advantages

In addition to savings due to cheaper working clients and the network, the operation of terminal servers allows:

• Increase the speed of 1C software calculations and reduce the network load. This is critical if you have a file-based database setup. Terminal Server will be faster even with minor operations;
• Ensure the safety of data when the connection between the terminal client and the server fails. After all, not data is sent, but their display. In the event of a failure, clients can simply reconnect to the server and resume from the point at which the network failure occurred. This advantage of terminal servers is important, since 1C programs are sensitive to failures and power outages at workplaces;
• Increase the security of information in the database. It is much more difficult to make a copy of the database from the terminal server under the client, and users connect to the server under unique logins and passwords;
• Simplify the IT structure in the company, which will save time for system administrators.

In addition, the capabilities of server operating systems from Microsoft allow staff administrators to configure the ability to connect terminal clients to the 1C server, therefore setting up a 1C server is such an important issue.

Installing a terminal server for 1C

For example, let's install a terminal server for 1C in Windows Server 2012:

1. You need to go to the connection properties on the server and register the required IP address;

To check if our server is visible, try to write the ping command on the client computer<Адрес терминального сервера> on the command line;

If the ping is successful, on the server, open Server Manager and click Add Roles and Features;

Select the type of server installation - "Installing roles and components";

Select our server for 1C from the server pool and click "Next";

At the stage of choosing server roles, we need to find and check the box opposite the "Remote Desktop Services" role;

Click "Next" twice and at the stage of selecting role services on the server, you must put two daws:

In the next window, check "Automatically restart the server, if required" and start the installation of the terminal server;

After a while, the terminal server for 1C will be successfully installed.

Let's set up a server for 1C

Now we need to configure client user access to the server. For this:

1. Install 1C on the server;
2. Open "Administration". Go to "Computer Management". Go to the "Local Users" section and select "Users". Create a new user on the server;
3. In the window that opens, fill in the fields "User", "Full name", "Description", "Password" and "Confirm password";

Click "Create". Then we go to the properties of the created server user. On the Group Membership tab, add Remote Desktop Users;

Then on the server go to "Local Security Policy". Click on the left "Assign user rights" and on the right go to the properties "Allow logging in through the Remote Desktop Service";

The default server only grants access to administrators. Add users using "Add user or group ...";

When all users are listed on the server, click Apply.

The terminal server is configured and client computers can connect to it.

Connecting to a terminal server

Connection to the configured 1C terminal occurs via the RDP protocol. The Microsoft family has a built-in tool called Remote Desktop Connection. To find this tool, go to "Start" - "All Programs" - "Accessories":

In the window that opens, you must specify the parameters:

• In the "Computer" field, enter the address of the terminal server;
• In the "User" field, you must specify the name under which you want to log into this server. Naturally, for this the user must be allowed remote control;

• In the next window, you will need to enter the user password to access the server.

If the settings are correct and the data is entered correctly, a window will unfold, in which you will see a slightly modified desktop.

Further work does not differ from the situation in which 1C is installed on your computer.