Category Archives: Remote Desktop Services

W2K8 R2 RDS 4 – Installing And Confguring Remote Desktop Web Access

W2K8 R2 RDS 4 – Installing And Confguring Remote Desktop Web Access

Introduction

This section of the article provides the steps to install and configure RDS Web Access on a Windows 2008 R2 Server.

Prerequisites

In order to install and configure RDS Web Access the following prerequisites must be met :-

  • A Windows 2008 R2 Server
  • The server must be part of a Domain
  • At least one configured RDS Session Host
  • A configured RDS Connection Broker Server

Installing The RDS Web Access Role

To install the RDS Web Access Role perform the following steps :-

  • Open the Server Manager Console
  • Click on Roles and then click on Add Roles
  • From the list of available Roles select Remote Desktop Services and then click on Next
  • From the list of available Role Services select Remote Desktop Web Access  and then click on Next
  • When prompted to Add Role Services and Features required by the Remote Desktop Web Access click on Add Required Role Services
  • Click on Next
  • At the Introduction To Web Server (IIS) screen click on Next
  • When prompted to Select Role Services for the Web Server (IIS) click on Next
  • When prompted to Confirm Installation Selections click on Install

The Remote Desktop Gateway Role will now be installed on the server

Configuring RDS Web Access

The next step is to configure the RDS Web Access.  To configure the RDS Web Access perform the following steps :-

  • In a web browser go to the rdweb site on your server

E.G. http://{Your Server}/rdweb

  • When prompted logon as {Domain Name}\administrator to the site
  • Click on the Configuration tab
  • Select the source to use An RD Connection Broker
  • In the Source Name box enter in either the NetBIOS Name or theFully Qualified Domain Name of your RD Connection Broker server

E.G. RDSBroker01

  • Click on OK to apply the configuration

Populate The TS Web Access Computers Security Group On The RDS Connection Broker

The next step populate the TS Web Access Computers Security Group on the RDS Connection Broker.  To populate the TS Web Access Computers Security Group on the RDS Connection Broker perform the following steps :-

  • Logon to the RDS Connection Broker Server as an Administrative account
  • Under Administrative Tools click on Computer Management
  • In the Left Hand pane expand Local Users and Groups and then clickGroups
  • In the Right Hand pane Double Click the TS Web Access Computers Group
  • Click on Add and then click on Object Types
  • Select Computers in the list of Object Types and then click on OK
  • In the Enter the object names to select type the Computer Account of the RD Web Access server

E.G. RDSGWay01

  • Click on OK and then OK again to close the properties of the TS Web Access Computers Group

W2K8 R2 RDS 3 – Installing And Configuring A Remote Gateway

W2K8 R2 RDS 3 – Installing And Configuring A Remote Gateway

Introduction

This section of the article provides the steps required to install the Remote Desktop Gateway Role on to a Windows 2008 R2 Server.

Prerequisites

In order to install and configure a Remote Desktop Gateway the following prerequisites must be met :-

  • A Windows 2008 R2 Server
  • The server to be used must be part of a Domain

Installing The Remote Desktop Gateway Role

To install the Remote Desktop Connection Broker Role perform the following steps :

  • Open the Server Manager Console
  • Click on Roles and then click on Add Roles
  • From the list of available Roles select Remote Desktop Services and then click on Next
  • From the list of available Role Services select Remote Desktop Gateway  and then click on Next
  • When prompted to Add Role Services and Features required by the Remote Desktop Gateway click on Add Required Role Services
  • Click on Next
  • At the Server Authentication Certificate screen select whether you wish to Import a SSL Certificate, create a Self Sign Certificate, or choose one later
  • Click on Next to continue
  • At the Authorization Policies  screen select Later and then click on Next
  • At the Introduction To Network Policy and Access Servicesscreen click on Next
  • When prompted to Select Role Services for the Network Policy and Access Services click on Next
  • At the Introduction To Web Server (IIS) screen click on Next
  • When prompted to Select Role Services for the Web Server (IIS) click on Next
  • When prompted to Confirm Installation Selections click on Install

The Remote Desktop Gateway Role will now be installed on the server

Configuring RDS Gateway Authorization Policies

The next step is configure the RDS Gateway Authorization Policies.  To configure the RDS Gateway Authorization Policies perform the following steps :-

  • Open the RD Gateway Manager Console
  • Right Click on the Policies branch in the Left Hand Pane and selectCreate New Authorization Policies
  • At the next screen select Create a RD CAP and a RD RAP (recommended) and then click on Next
  • When prompted enter a name for the new RD CAP,
  • At the Requirements screen ensure that Password is ticked and add in the Active Directory User Group you wish to allow access
  • Click on Next to continue
  • On the Device Redirection screen select the devices you want to allow redirected for users
  • Click on Next to continue
  • At the Session Timeout screen select the Idle and Session Timeouts if required and then click on Next to continue
  • At the RD CAP Summary screen click on Next to continue
  • When prompted enter the name for the RD RAP and click on Next to continue
  • On the User Groups screen the User Group Membership should already be populated with the Group selected in the RD CAP Requirements screen
  • Click on Next to continue
  • At the Network Resources screen select either an Active Directory Group with your RDS Session Host servers in it or select Allow users to connect to any network resource (computer)
  • Click on Next to continue
  • On the Allowed Ports screen leave the selection as Allow connections only through TCP port 3389
  • Click on Next to continue
  • At the RD RAP Summary screen click on Finish to continue
  • At the Confirm Policy Creation  screen click on Close to complete configuring the Authorization Policies

Populate The TS Web Access Computers Security Group On The RDS Session Hosts

The next step populate the TS Web Access Computers Security Group on the RDS Session Hosts.  To populate the TS Web Access Computers Security Group on the RDS Session Hosts perform the following steps :-

  • Logon to the RDS Session Host Servers in turn as an Administrative account
  • Under Administrative Tools click on Computer Management
  • In the Left Hand pane expand Local Users and Groups and then click Groups
  • In the Right Hand pane Double Click the TS Web Access Computers Group
  • Click on Add and then click on Object Types
  • Select Computers in the list of Object Types and then click on OK
  • In the Enter the object names to select type the Computer Account of the RDS Connection Broker server

E.G. RDSBroker01

  • Click on OK and then OK again to close the properties of the TS Web Access Computers Group

Populate The Session Broker Computers Security Group On The RDS Gateway Server

The next step populate the Session Broker Computers Security Group on the RDS Session Hosts.  To populate the Session Broker Computers Security Group on the RDS Gateway Server perform the following steps :-

  • Logon to the RDS Gateway Server as an Administrative account
  • Under Administrative Tools click on Computer Management
  • In the Left Hand pane expand Local Users and Groups and then click Groups
  • In the Right Hand pane Double Click the Session Broker Computers Group
  • Click on Add and then click on Object Types
  • Select Computers in the list of Object Types and then click on OK
  • In the Enter the object names to select type the Computer Accounts of the RDS Session Host servers

E.G. RDSHost01; RDSHost02

  • Click on OK and then OK again to close the properties of the Session Broker Computers Group

W2K8 R2 RDS 2 – Installing And Configuring A Remote Desktop Connection Broker

W2K8 R2 RDS 2 – Installing And Configuring A Remote Desktop Connection Broker

Introduction

The Remote Desktop Connection Broker Role provides the ability to Load Balance user RDS sessions across multiple RDS Session Hosts and also allow reconnection of users sessions.

This article provides the steps required to install the Remote Desktop Connection Broker Role on a Windows 2008 R2 Server and configure a RDS Farm of two RDS Session Hosts.

The installation and configuration of a Remote Desktop Connection Broker has been split in to the following sections :-

  1. Installing the Remote Desktop Connection Broker Role
  2. Adding the RDS Session Hosts to the Remote Session Broker Computers Local Group
  3. Configuring the RDS Session Hosts to join the RDS Farm
  4. Configure DNS for RDS Connection Broker Load Balancing

Prerequisites

In order to install and configure a Remote Desktop Connection Broker the following prerequisites must be met :-

  • Two RDS Session Host Servers
  • A Windows 2008 R2 Server
  • The server to be used must be part of a Domain

Installing The Remote Desktop Connection Broker Role

To install the Remote Desktop Connection Broker Role perform the following steps :

  • Open the Server Manager Console
  • Click on Roles and then click on Add Roles
  • From the list of available Roles select Remote Desktop Services and then click on Next
  • From the list of available Role Services select Remote Desktop Connection Broker and then click on Next
  • When prompted to Confirm Installation Selections click on Install

The Remote Desktop Connection Broker Role will now be installed on the server

Adding The RDS Session Hosts To The Session Broker Computers Local Group

The next step on the Remote Desktop Connection Broker server is to add the RDS Session Hosts which will participate in the RDS Farm to the Session Broker Computers Local Group.  To add the RDS Session Hosts to the Session Broker Computers Local Group perform the following steps :-

  • Logon to the Remote Desktop Connection Broker Server as an administrative account on the Domain
  • Click on Start \ Administrative Tools and select the Computer Management Console
  • In the Left Hand pane expand the Local Users and Groups branch and then click on Groups
  • Open the Properties of the Session Broker Computers Group
  • Click on Add and then click on the Object Types button
  • Tick the Computers object type and then click on OK
  • In the Enter the object names to select box type in the names of your RDS Session Hosts seperated by a semi colon

E.G. RDSHost01; RDSHost02

  • Click on Check Names to confirm the names you have entered are correct
  • Click on OK to add the RDS Session Hosts to the Group and then OKagain to close the Group properties

Configuring The RDS Session Hosts To Join The RDS Farm

The next step is to configure the RDS Session Hosts to join the RDS Farm.  To configure the RDS Session Hosts to join the RDS Farm perform the following steps :-

  • Logon to the Remote Desktop Session Hosts as an administrative account on the Domain
  • Open the Remote Desktop Session Host Configuration Console
  • In the Edit Settings section under RD Connection Broker, Double Click on Member of a farm in RD Connection Broker
  • In the RD Connection Broker tab of the Properties click on Change Settings
  • In the RD Connection Broker Settings dialog select Farm Member
  • The RD Connection Broker server name box will change to allow editing, enter the server name of the Remote Desktop Connection Broker Server

E.G. RDSBroker01

  • In Farm Name box type in the name of the farm you want the server to join in the RDS Connection Broker.

E.G. RDS-Farm

N.B. On the RDS Session Host specify the Farm Name to be created and ensure that the SAME name is used for all subsequent RDS Session Hosts

  • Click on OK to apply the settings
  • On the RD Connection Broker tab Enable the Participate in Connection Broker Load Balancing option
  • Under the Select IP addresses to be used for reconnection section select the IP Address you wish to allow

N.B. You MUST select at least one IP Address on the server

  • Click on OK to apply the settings

Configuring DNS For RDS Connection Broker Load Balancing

The final step is to configure DNS for RDS Connection Broker Load Balancing.  To configure DNS for RDS Connection Broker Load Balancing perform the following steps :-

  • Navigate to the appropriate Forward Lookup Zone for your Domainand add a new Host (A or AAAA) record
  • When prompted configure the name to the same that you configured for the RDS Farm on the RDS Session Hosts

E.G. RDS-Farm as configured in the previous section

  • Enter the IP Address of the first RDS Session Host in the farm and click on OK

Perform the steps above and create a new Host (A or AAAA) record for each RDS Session Host using the Same Name

W2K8 R2 RDS 1 – Installing And Configuring A Remote Desktop Session Host

W2K8 R2 RDS 1 – Installing And Configuring A Remote Desktop Session Host

Introduction

This section of the article provides the steps required to install the Remote Desktop Session Host Role on to a Windows 2008 R2 Server.

Prerequisites

In order to install and configure a Remote Desktop Session Host  the following prerequisites must be met :-

  • A Windows 2008 R2 Server
  • The server to be used must be part of a Domain

Installing The Remote Desktop Session Host Role

To install the Remote Desktop Connection Broker Role perform the following steps :

  • Open the Server Manager Console
  • Click on Roles and then click on Add Roles
  • From the list of available Roles select Remote Desktop Services and then click on Next
  • From the list of available Role Services select Remote Desktop Connection Session Host  and then click on Next
  • At the Application Compatibility screen click on Next to continue
  • At the Authentication Method screen select whether you requireNetwork Level Authentication or not and then click on Next
  • When prompted configured the Licensing Mode you require and then click on Next
  • At the User Groups screen click on Add and add any additional AD Groups you wish to allow access
  • Click on Next and then select the Client Experience settings you wish to use and then click on Next
  • When prompted to Confirm Installation Selections click on Install

The Remote Desktop Session Host Role will now be installed on the server

W2K8 R2 RDS – Introduction And Prerequisites

W2K8 R2 RDS – Introduction And Prerequisites

Introduction

The following pages of this article provide the steps required to install and configure a Remote Desktop Services environment consisting of the following components :-

  • Remote Desktop Services Session Hosts
  • Remote Desktop Connection Broker
  • Remote Desktop Gateway
  • Remote Desktop Web Access

The installation and configuration is broken down in to the following steps which are explained in subsequent pages of this article :-

  1. Installing and configuring a Remote Desktop Session Host
  2. Installing and configuring a Remote Desktop Connection Broker
  3. Installing and configuring a Remote Desktop Gateway
  4. Installing and configuring Remote Desktop Web Access
  5. Configuring the Remote Desktop Web Access for Single Sign On

Test Environment

The test environment for this article consists of the following servers and the Roles they provide :-

  • RDSHost01 – Remote Desktop Services Session Host Server
  • RDSHost02 – Remote Desktop Services Session Host Server
  • RDSBroker01 – Remote Desktop Connection Broker Server
  • RDSGway01 – Remote Desktop Gateway & Web Access Server

All four of the servers are Windows 2008 R2 Standard Edition servers with Service Pack 1 installed and patched to the latest levels a tthe time of writing this article.

Although not part of the RDS installation for this article, Domain and Network  services are provided by an existing Windows 2008 R2 Standard Core Services Domain Controller.

W2K8 R2 RDS – Installing & Configuring A Remote Desktop Services Environment

W2K8 R2 RDS – Installing & Configuring A Remote Desktop Services Environment

W2K8 R2 – Adding Remote Desktop Services Licensing

W2K8 R2 – Adding Remote Desktop Services Licensing

This article provides the steps required to add the Remote Desktop Services (Formally Terminal Services) Licensing role to a Windows 2008 R2 server.

To add the RD Licensing role to the server perform the following steps :-

  • Open the Server Manager Console
  • Click on Roles and then click on Add Roles
  • From the list of available roles select Remote Desktop Services and then click on Next
  • Click Next to continue past the Introduction to Remote Desktop Services
  •  From the list of available role services select Remote Desktop Licensing and then click on Next
  • When prompted click on the option to Configure a discovery scope for this license server
  • Select This Domain from the list and then click on Next
  • When prompted to Confirm Installation Selections click on Install

The RD Licensing role will now be installed on the server