Terminal Server and the 2048 Open File Limitation

• Microsoft Windows NT Server version 4.0, Terminal Server Edition

SYMPTOMS

To maintain compatibility with existing Server Message Block (SMB)-based products (for example, Windows NT 3.x and 4.0, Windows 95), Terminal Server's use of SMB has not been modified from Windows NT Server 4.0. This can cause a problem if many Terminal Server users connect to a single network share, either on the Terminal Server or elsewhere on the network. The potential problem is an SMB limitation of 2048 open file handles.

RESOLUTION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

This behavior has been modified in SP4 to allow each Terminal Server client to maintain a separate virtual circuit. The new functionality is not enabled by default.

To enable the new functionality, follow these steps:

1. Ensure that the server is at or above SP4.



2. From the server, run Registry Editor (Regedt32.exe).



3. From the HKEY_LOCAL_MACHINE subtree, go to the following key:

   \SYSTEM\CurrentControlSet\Services\Rdr\Parameters




4. On the Edit menu, click Add Value.



5. Add the following:

   Value Name: MultipleUsersOnConnection
   Data Type: REG_DWORD
   Data: 0




6. After you make this registry change, quit Registry Editor and restart the server.

MORE INFORMATION

Windows NT normally multiplexes all file requests sent to a single server over one virtual circuit. This saves resources on the client and on the server. Different user account credentials are sorted by a locally unique identifier (LUID) and by SessionId on Terminal Server. These identifiers are used to receive credentials from the server for that user. Each request to access a specific file supplies this server credential handle. This allows multiple users on the workstation (really security contexts since Windows NT can have services access the network with different accounts) to share the virtual circuit and have their own security reflected on the server. This is known as User Level Security in SMB terminology.

The SMB data structures reserve 11 bits for the file handle value. This reserve results in the 2048 files per connection. Terminal Server aggravates this problem, as many users may be simultaneously connecting from Terminal Server to the same share. It is consequently much easier in Terminal Server to reach the file open limit than in Windows NT.

Since the limitation is 2,048 open files per connection and all users will use the same connection, a file-intensive application may fail when the limit is reached. The Server Manager on the server that is hosting the share will show that the files are opened by the Terminal Server's computer name, since files are opened with a null user name even though security is checked through user name and credentials.

Theoretically, a Terminal Server with 200 users simultaneously using the share would be limited to 10 open files per user.

Additional query words:

Keywords :
Version : winnt:4.0
Platform : winnt
Issue type : kbprb