You're better of using more and smaller TS VM's per host. Given that SMP is a lie with todays Nehalem cpus, which are actually NUMA, scheduling a 4vcpu or larger VM will take more resources from the host. Might not be noticable if the host isn't loaded but also see the flexibility point that Andrew makes.
-Anders On Thu, Nov 11, 2010 at 3:03 AM, David Lum <david....@nwea.org> wrote: > Andrew this is actually my thinking. Licensing is quite cheap (under $2K > for 100 seats), a purchase req got submitted this week - I am fortunate that > $2K is quite small beans in light of the other costs of this move. > > My next question is - given an 8CPU 64Gb RAM host system (times two), does > it make sense to have more than 1 TS Server VM per physical host? ESX is the > VM host softwware, so I don't know if it make sense to have 1 monster 64-bit > VM per physical system or have 2-3 per. I'm thinking one big TS VM per side > saves overhead of additional VM systems. > > Thoughts, comments? I do have the 2008 TS Resource Kit and while excellent, > it doesn't cover VM's thoroughly enough to answer that question. > > I have TS Web access working internaly, and a basic TS 2K8 server up, the > practice I don't have is TS Gateway. I think I can get there in 3-4 weeks > and have some testing time, but we'll see... > > Dave > > > > ------------------------------ > *From:* Andrew S. Baker [asbz...@gmail.com] > *Sent:* Wednesday, November 10, 2010 2:58 PM > *To:* NT System Admin Issues > *Subject:* Re: Terminal Server or VPN? > > Sometimes you don't really have a choice, as it makes good business sense > to allow it. > > A VPN can be configured to allow appropriate-only access. It does not have > to be synonymous with a free-for-all connection. > > The TS solution has licensing implications, as well. Hopefully, 5 weeks is > enough time for you to get the nuances of this solution in place. I would > recommend ensuring that the VPN is a viable plan B, in case there are some > issues. I can almost foresee that you'll be supporting both on the 17th... > > > *ASB *(My XeeSM Profile) <http://xeesm.com/AndrewBaker> > *Exploiting Technology for Business Advantage...* > * * > > > > On Wed, Nov 10, 2010 at 4:49 PM, Malcolm Reitz <malcolm.re...@live.com>wrote: > >> I would never, ever, allow non-company-managed PCs to connect to our >> VPN. As you think, that’s just asking for all kinds of trouble. >> >> >> >> Since most of your home users won’t have MS Office on their home PCs, >> they’ll get more done if you give them TS access to your standard corporate >> suite of applications. I’m not sure how you could give the users RDP to >> their actual desktop PCs if the PCs are in a moving van headed to your new >> offices. >> >> >> >> -Malcolm >> >> >> >> *From:* David Lum [mailto:david....@nwea.org] >> *Sent:* Wednesday, November 10, 2010 15:17 >> *To:* NT System Admin Issues >> *Subject:* Terminal Server or VPN? >> >> >> >> In a few weeks (Dec 17th) we’ll be having a massive “work from home” day >> (200-ish users, because we’re moving our office to a different city) and we >> have the option of standing up some Terminal Servers or just running with >> VPN. Most users are expected to just want MS Office apps and Internet >> Explorer. Several (a couple dozen) will also want RDP access to their >> desktops. >> >> >> >> We have 3 TS servers now (1 2K8, 2 W2K3) but have the capability to stand >> up more 2008 TS servers. I have no experience setting up TS farms or getting >> them available for ability to his via Internet, although both of these >> appear to be pretty straightforward. I am also under the impression that TS >> via Internet uses less bandwidth than a straight-up VPN connection. >> >> >> >> VPN is already established but we’ll certainly have many users using their >> home PC that don’t currently have VPN configured and would much rather have >> them connect via Terminal Server than install, configure and then connect an >> unknown system - from a security/patched/AV standpoint - to VPN. >> >> >> >> I think it’s kind of six of one half dozen of another as far as overall >> effort, but I REALLY don’t want unmanaged home PC’s connecting via VPN… >> >> *David Lum** **// *SYSTEMS ENGINEER >> NORTHWEST EVALUATION ASSOCIATION >> (Desk) 971.222.1025 *// *(Cell) 503.267.9764 >> >> >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin