I have been saying this in nearly all my posts on Windows Server 2012 that Microsoft is making big efforts to mark its name in cloud computing and Remote Desktop Services in Windows Server 2012 is no exception. It seems that even this component was designed keeping in mind the concept of cloud computing & virtualization.
In my previous post "Installing Remote Desktop Services as Role Based (http://www.adshotgyan.com/2014/10/installing-rds-as-role-based.html)", we talked about on how to install and configure Remote Desktop Services using the old conventional way
In this post, we will go through a new way of installing and configuring the Remote Desktop Services
My Lab
- Domain Controller : DC1
- Member Server : MS1 (On this server we will install the Remote Desktop Services Roles)
To verify that the Roles are not yet installed, click on Tools and you wont find anything named Remote Desktop Services or Terminal Services
To install the Roles, Open Server Manager, Click on "Manage" and Select the option "Add Roles and Features"
Now... Wait...
This time we will select the second option "Remote Desktop Services Installation" as opposed to "Role Bases or Feature Based Installation" which we selected in our earlier post "Installing Remote Desktop Services as Role Based (http://www.adshotgyan.com/2014/10/installing-rds-as-role-based.html)"
Deployment Types
- Standard Deployment
- Quick Start
Standard Deployment
A standard deployment will install the following components:-
- Remote Desktop Connection Broker
- Remote Desktop Web Access
- Remote Desktop Session Host
Quick Start
A quick start deployment will automatically do the following:-
- Install the Remote Desktop Session Host role service on this server
- Install the Remote Desktop Connection Broker role service on the same server
- Install the Remote Desktop Web Access role service on the same server
- Create a Session Collection called QuickSessionCollection
- Add Domain Users security group to the collection to allow that group access to servers in the collection
We will be using the Standard Deployment
Deployment Scenario
- Virtual Machine Based Desktop Deployment
- Session Based Desktop Deployment
As I said in the beginning on this post that Microsoft is keeping Cloud Computing and Virtualization in mind while designing the new products, this screen and the options mentioned here is a prime example of the same
Cloud Computing and Virtualization are two sides of the same coin, you simply cannot keep them apart. A cloud cannot be built without virtualization
Virtual Machine Based Desktop Deployment
Session Based Desktop Deployment
This will use RD Session Host to deliver a Desktop AND/OR RemoteApps on Remote Desktop Session (RDP Sessions)
For now, since we are not creating virtual machines, we will choose the option "Session Based Desktop Deployment"
Once selected, the wizard will list the components (Also known as Role Services where Role here would be the remote Desktop Services and the following will be its services) which will be installed
- Remote Desktop Connection Broker
- Remote Desktop Web Access
- Remote Desktop Session Host
RD Connection Broker Server
Formerly known as Terminal Services Session Broker (TS Session Broker) it has three major functions:-
- Load Balancing
- Re-connection of User`s Session
- Provide access to RemoteApp and Desktop Sessions
Load Balancing : Suppose we have three Remote Desktop Host Servers (Terminal Servers). There are 300 users in my domain who will require remote connections to these servers. When these 300 users will connect to the Remote Desktop Servers, either of these things will happen:-
- All the users are connected to the same Remote Desktop Server... In that case, I have my full sympathy for that poor Remote Desktop Server. Not only he has to bear all the load, at the same time he will die of jealously seeing that two of his counterparts are relaxing and doing nothing...
- All the user`s connections are random. So users are redirected to Remote Desktop Servers randomly.. Again... One thing which will matter the most is "Luck"... What if Saturn is against Remote Desktop Server 1... The same situation will arise which happened above... All connections will be established on the Remote Desktop Server 1 or at least majority of the connections on Remote Desktop Server 1 and the other two servers again enjoying very less work...
(Any resemblance to real persons, living or dead, is purely coincidental.... :) )
- All the connections are evenly distributed... Wow... That`s the ideal situation.. Now this is the job of RD Connection Broker. To allocate user`s connections evenly across all the servers....
Re-connection of User`s Session : Imagine, I was going to Shimla (India) in a toy train (See you got some additional info beside knowing about Remote Desktop Services, now you know that there is a train to Shimla (India))
I was connected to a Remote Desktop Server and had opened some applications. Now all of a sudden the train passed through a tunnel (btw there are 103 tunnels on that route... wow you got to know more, I think you might be able to get all the info about that train by the time this post will be over :) )
Now this is not news to you that while the train will pass through the tunnel, network connectivity will / may be lost. Untill and unless I happened to be a very close relative of Sunil Mittal who might have got a special tower installed for me on that tunnel, I will also lose the internet connection and the session with the Remote Desktop Server as well.
When the train came out of the tunnel, the signal will be restored. But wait... What happened... Where are the applications on which I was working... hmm... You know what.. I think this time I got connected to Remote Desktop Server 2 and previously I was connected to the Remote Desktop Server 1... :(
So does it mean that I have to start over again... And what if before I complete my work the next tunnel comes and the signal is lost again.... Poor me...
Anyways... To help me with this situation, we have the RD Connection Broker Role which "Remembers" the user name and the name of the server to which the user was connected at the last disconnected session so that when the session is restored, the user will be connected back to the same old server... Cool na... (I think Microsoft fed Almonds and walnuts to its Remote Desktop Connection Broker Role that why his/her (I don't wanna be biased and use "his" everywhere else the females reading this post will feel offended :P ) memory retention is so strong)
In the screen below, you have to select the Server Name for the RD Connection Broker Role and then click on the Arrow so that this server will be selected
RD Web Access Server
Formerly known as Terminal Services Web Access (TS Web Access)
A user connects to a RD Web Access Server which in turn connects to the RD Connection Broker. The RD Connection Broker returns all the applications which a user will have access to and then the RD Web Access Server will make those applications available to the end user either on a web page or on the start menu (Windows 7) or RemoteApps Desktop Connections (RADC) (Windows 8)
In the screen below, you have to select the Server Name for the RD Web Access Server Role and then click on the Arrow so that this server will be selected
RD Session Host Servers
Formerly known as Terminal Services Configuration
The RD Session Host Server host all the applications which a user uses. These applications are installed and run on this server.
You can use these application by using a full remote session on the server using RDP or these applications can be published using RemoteApp
In the screen below, you have to select the Server Name for the RD Session Host Server Role and then click on the Arrow so that this server will be selected
Now the server is selected for all the roles
Select "Restart the destination server automatically if required". This is not mandatory but if you are like me who need a coffee shot after every few minutes then you can select this option so that while the server reboots, you can get a cup of "Black Coffee" :)
In Progress.....
And here all the roles are installed
Now, In the Server Manager, In left pane, you will get a new option "Remote Desktop Services"
When you click on Remote Desktop Services in the left pane, you get three options on the right pane:-
- Overview
- Servers
- Collections
Click on "Overview" and you will see a very neat diagram
This diagram consist of six components of Remote Desktop Services
(Also known as Role Services where Role here would be the remote Desktop Services and the following will be its services)
- RD Web Server
- RD Gateway
- RD Licensing
- RD Connection Broker
- RD Virtualization Host
- RD Session Host
Now if you look at the diagram, you will find that out of six icons listed (one for each role feature of Remote Desktop Services), two are GREEN in color. Why? (oh no no... these roles are not environmental friendly)
It because they are not add in this "Deployment"... A new word in Windows 2012 Server...
Click on this Green Icon for "RD Gateway"
And this will open this wizard
Click on the right arrow key to Install RD Gateway Role on this Server
A certificate is required to be installed on the RD Gateway.. This is because the job of RD Gateway is to allow connections from internet to its RD Host Servers. Now if these connections are not secure then it can harm your internal domain. So a certificate is required on this server
The wizard will create a self signed certificate
Installing........
Installed....
Do the same for RD Licensing... (Remember, it is NOT mandatory to install RD Gateway and RD Licensing Role... It depends on your requirement)
If you look at the diagram, you will now notice that all the six role services are grey in color.. So does it mean that all of these services are installed.. ?
No... Look again...
The Role Service "RD Virtualization Host" has a dotted line instead of a solid line... Which means that this service was not required... And why was it not required.. Because we have not selected the virtual machine based desktop deployment and instead selected the session based desktop deployment
Servers: - It will list the name of the server(s) on which the Remote Desktop Services Role is Installed
Collections :- And here comes the most exciting new feature of Remote Desktop Services in Windows Server 2012
What is a collection..? A Collection is a collection of Remote Desktop Services roles service (RD Web Server, RD Gateway, RD Licensing, RD Connection Broker, RD Virtualization Host, RD Session Host) on a particular server. Simple.. :)
What used to be a "Farm" in Windows 2008 is a "Collection" in Windows Server 2012
One RD Host Server can be added to only one collection
Currently there is no collection created by default... Remember, Installing the Role Services (RD Web Server, RD Gateway, RD Licensing, RD Connection Broker, RD Virtualization Host, RD Session Host) will NOT create a collection.
Click on the Overview Tab and then click on "Create Session Collections"
Else, click on "Collections" tab on left pane and then click on "Tasks" on right pane and then choose the option "Create Session Collection"
Create Collection Wizard....
Give it a Name...
Select the name of the "RD Host Server" and then click on the right arrow...
Now once you have added this server in this collection and you create another collection, then on this page for the new collection, this server will not be listed as this has already been added in a collection
Who all can have access to this collection (Or the RD Host Server)
Enable User Profile Disk (UPD)....
I really wanted to move on to the next slide but since its UPD, I cant stop myself from saying few words on it
Without discussing the difficulties that you might get while working with UPD, the key point to discuss here is, what exactly is UPD...
UPD or the User Profile Disk is configured on a Remote Desktop Session. It is a replacement for Remote Desktop User Profiles. It creates a disk (VHD) for every user in which user data / profile is stored
For now, I will disable UPD
In progress...
Done...
We now have a new "Collection"
The new collection will have the following options in the right pane
- Properties
- Connections
- RemoteApp Programs
- Host Servers
Lets have a look into the properties of this collection
Collection Properties :-
- General
- User Groups
- Session
- Security
- Load Balancing
- Client Settings
- User Profile Disks
User Groups
Users / Groups who are added here will be able to connect to the RD Host Servers
Sessions
List the session settings for the RD Host Server
Security
List the security settings for the connection to the RD Host Server
Load Balancing
Controlling how many sessions can be created on a RD Host Server when there are more then one server. So you can specify the relative weight and the session limit for each RD Host Server. So if I specify the session limit to 10, then only 10 active connections can be established on this server
Also, the relative weight will govern the priority to be given to a RD Host Server
Client Settings
Just the redirection settings for the connections on the RD Host Server
User Profile Disks
During the wizard if you have disabled the User Profile Disk option then you can enable it from this window. Also, if you have enabled the User Profile Disk in the wizard then also you have to do the configuration for the User Profile Disk from here
Now, lets go back to the Collections option
The above all properties were for any collection which you have created. here, you have the properties for the whole deployment which you can change
Edit Deployment Properties
- RD Gateway
- RD Licensing
- RD Web Access
- Certificates
RD Gateway
Do you want to use RD Gateway or not and if yes then would you like it to be detected automatically or you want to manually configure it
RD Licensing
Licensing Mode : Per User or Per Device
Specify a license server
Certificates
You can create / configure certificates for RD Connection Broker / RD Web Access and RD Gateway
Once all this is done, now lets have a look at the different snap-ins available for different Remote Desktop Services
Unfortunately, only three span-ins are available
- RD Licensing Diagnoser
- Remote Desktop Gateway Manager
- Remote Desktop Licensing Manager
RD Licensing Diagnoser
This is the same as what is used to happen in Windows 2008
It list any warning / errors on the RD Licensing Server or if the RD Host Server is able to find and connect to the RD Licensing Server
Remote Desktop Licensing Manager
I guess the only snap-in in relation to Remote Desktop Services which hasn't changed since Windows 2003... :)
In my previous post "Installing Remote Desktop Services as Role Based (http://www.adshotgyan.com/2014/10/installing-rds-as-role-based.html)", we talked about on how to install and configure Remote Desktop Services using the old conventional way
In this post, we will go through a new way of installing and configuring the Remote Desktop Services
My Lab
- Domain Controller : DC1
- Member Server : MS1 (On this server we will install the Remote Desktop Services Roles)
To verify that the Roles are not yet installed, click on Tools and you wont find anything named Remote Desktop Services or Terminal Services
To install the Roles, Open Server Manager, Click on "Manage" and Select the option "Add Roles and Features"
Now... Wait...
This time we will select the second option "Remote Desktop Services Installation" as opposed to "Role Bases or Feature Based Installation" which we selected in our earlier post "Installing Remote Desktop Services as Role Based (http://www.adshotgyan.com/2014/10/installing-rds-as-role-based.html)"
Deployment Types
- Standard Deployment
- Quick Start
Standard Deployment
A standard deployment will install the following components:-
- Remote Desktop Connection Broker
- Remote Desktop Web Access
- Remote Desktop Session Host
Quick Start
A quick start deployment will automatically do the following:-
- Install the Remote Desktop Session Host role service on this server
- Install the Remote Desktop Connection Broker role service on the same server
- Install the Remote Desktop Web Access role service on the same server
- Create a Session Collection called QuickSessionCollection
- Add Domain Users security group to the collection to allow that group access to servers in the collection
We will be using the Standard Deployment
Deployment Scenario
- Virtual Machine Based Desktop Deployment
- Session Based Desktop Deployment
As I said in the beginning on this post that Microsoft is keeping Cloud Computing and Virtualization in mind while designing the new products, this screen and the options mentioned here is a prime example of the same
Cloud Computing and Virtualization are two sides of the same coin, you simply cannot keep them apart. A cloud cannot be built without virtualization
Virtual Machine Based Desktop Deployment
This will use RD Virtualization Host to deliver a Desktop AND/OR RemoteApps on Virtual Machines. This will create virtual desktops (VDI - Virtual Desktop Infrastructure) to be used by the users
Session Based Desktop Deployment
This will use RD Session Host to deliver a Desktop AND/OR RemoteApps on Remote Desktop Session (RDP Sessions)
For now, since we are not creating virtual machines, we will choose the option "Session Based Desktop Deployment"
Once selected, the wizard will list the components (Also known as Role Services where Role here would be the remote Desktop Services and the following will be its services) which will be installed
- Remote Desktop Connection Broker
- Remote Desktop Web Access
- Remote Desktop Session Host
RD Connection Broker Server
Formerly known as Terminal Services Session Broker (TS Session Broker) it has three major functions:-
- Load Balancing
- Re-connection of User`s Session
- Provide access to RemoteApp and Desktop Sessions
Load Balancing : Suppose we have three Remote Desktop Host Servers (Terminal Servers). There are 300 users in my domain who will require remote connections to these servers. When these 300 users will connect to the Remote Desktop Servers, either of these things will happen:-
- All the users are connected to the same Remote Desktop Server... In that case, I have my full sympathy for that poor Remote Desktop Server. Not only he has to bear all the load, at the same time he will die of jealously seeing that two of his counterparts are relaxing and doing nothing...
- All the user`s connections are random. So users are redirected to Remote Desktop Servers randomly.. Again... One thing which will matter the most is "Luck"... What if Saturn is against Remote Desktop Server 1... The same situation will arise which happened above... All connections will be established on the Remote Desktop Server 1 or at least majority of the connections on Remote Desktop Server 1 and the other two servers again enjoying very less work...
(Any resemblance to real persons, living or dead, is purely coincidental.... :) )
- All the connections are evenly distributed... Wow... That`s the ideal situation.. Now this is the job of RD Connection Broker. To allocate user`s connections evenly across all the servers....
Re-connection of User`s Session : Imagine, I was going to Shimla (India) in a toy train (See you got some additional info beside knowing about Remote Desktop Services, now you know that there is a train to Shimla (India))
I was connected to a Remote Desktop Server and had opened some applications. Now all of a sudden the train passed through a tunnel (btw there are 103 tunnels on that route... wow you got to know more, I think you might be able to get all the info about that train by the time this post will be over :) )
Now this is not news to you that while the train will pass through the tunnel, network connectivity will / may be lost. Untill and unless I happened to be a very close relative of Sunil Mittal who might have got a special tower installed for me on that tunnel, I will also lose the internet connection and the session with the Remote Desktop Server as well.
When the train came out of the tunnel, the signal will be restored. But wait... What happened... Where are the applications on which I was working... hmm... You know what.. I think this time I got connected to Remote Desktop Server 2 and previously I was connected to the Remote Desktop Server 1... :(
So does it mean that I have to start over again... And what if before I complete my work the next tunnel comes and the signal is lost again.... Poor me...
Anyways... To help me with this situation, we have the RD Connection Broker Role which "Remembers" the user name and the name of the server to which the user was connected at the last disconnected session so that when the session is restored, the user will be connected back to the same old server... Cool na... (I think Microsoft fed Almonds and walnuts to its Remote Desktop Connection Broker Role that why his/her (I don't wanna be biased and use "his" everywhere else the females reading this post will feel offended :P ) memory retention is so strong)
In the screen below, you have to select the Server Name for the RD Connection Broker Role and then click on the Arrow so that this server will be selected
RD Web Access Server
Formerly known as Terminal Services Web Access (TS Web Access)
A user connects to a RD Web Access Server which in turn connects to the RD Connection Broker. The RD Connection Broker returns all the applications which a user will have access to and then the RD Web Access Server will make those applications available to the end user either on a web page or on the start menu (Windows 7) or RemoteApps Desktop Connections (RADC) (Windows 8)
In the screen below, you have to select the Server Name for the RD Web Access Server Role and then click on the Arrow so that this server will be selected
RD Session Host Servers
Formerly known as Terminal Services Configuration
The RD Session Host Server host all the applications which a user uses. These applications are installed and run on this server.
You can use these application by using a full remote session on the server using RDP or these applications can be published using RemoteApp
In the screen below, you have to select the Server Name for the RD Session Host Server Role and then click on the Arrow so that this server will be selected
Now the server is selected for all the roles
Select "Restart the destination server automatically if required". This is not mandatory but if you are like me who need a coffee shot after every few minutes then you can select this option so that while the server reboots, you can get a cup of "Black Coffee" :)
In Progress.....
And here all the roles are installed
Now, In the Server Manager, In left pane, you will get a new option "Remote Desktop Services"
When you click on Remote Desktop Services in the left pane, you get three options on the right pane:-
- Overview
- Servers
- Collections
Click on "Overview" and you will see a very neat diagram
This diagram consist of six components of Remote Desktop Services
(Also known as Role Services where Role here would be the remote Desktop Services and the following will be its services)
- RD Web Server
- RD Gateway
- RD Licensing
- RD Connection Broker
- RD Virtualization Host
- RD Session Host
Now if you look at the diagram, you will find that out of six icons listed (one for each role feature of Remote Desktop Services), two are GREEN in color. Why? (oh no no... these roles are not environmental friendly)
It because they are not add in this "Deployment"... A new word in Windows 2012 Server...
Click on this Green Icon for "RD Gateway"
And this will open this wizard
Click on the right arrow key to Install RD Gateway Role on this Server
A certificate is required to be installed on the RD Gateway.. This is because the job of RD Gateway is to allow connections from internet to its RD Host Servers. Now if these connections are not secure then it can harm your internal domain. So a certificate is required on this server
The wizard will create a self signed certificate
Installing........
Installed....
Do the same for RD Licensing... (Remember, it is NOT mandatory to install RD Gateway and RD Licensing Role... It depends on your requirement)
If you look at the diagram, you will now notice that all the six role services are grey in color.. So does it mean that all of these services are installed.. ?
No... Look again...
The Role Service "RD Virtualization Host" has a dotted line instead of a solid line... Which means that this service was not required... And why was it not required.. Because we have not selected the virtual machine based desktop deployment and instead selected the session based desktop deployment
Servers: - It will list the name of the server(s) on which the Remote Desktop Services Role is Installed
Collections :- And here comes the most exciting new feature of Remote Desktop Services in Windows Server 2012
What is a collection..? A Collection is a collection of Remote Desktop Services roles service (RD Web Server, RD Gateway, RD Licensing, RD Connection Broker, RD Virtualization Host, RD Session Host) on a particular server. Simple.. :)
What used to be a "Farm" in Windows 2008 is a "Collection" in Windows Server 2012
One RD Host Server can be added to only one collection
Currently there is no collection created by default... Remember, Installing the Role Services (RD Web Server, RD Gateway, RD Licensing, RD Connection Broker, RD Virtualization Host, RD Session Host) will NOT create a collection.
Click on the Overview Tab and then click on "Create Session Collections"
Else, click on "Collections" tab on left pane and then click on "Tasks" on right pane and then choose the option "Create Session Collection"
Create Collection Wizard....
Give it a Name...
Select the name of the "RD Host Server" and then click on the right arrow...
Now once you have added this server in this collection and you create another collection, then on this page for the new collection, this server will not be listed as this has already been added in a collection
Who all can have access to this collection (Or the RD Host Server)
Enable User Profile Disk (UPD)....
I really wanted to move on to the next slide but since its UPD, I cant stop myself from saying few words on it
Without discussing the difficulties that you might get while working with UPD, the key point to discuss here is, what exactly is UPD...
UPD or the User Profile Disk is configured on a Remote Desktop Session. It is a replacement for Remote Desktop User Profiles. It creates a disk (VHD) for every user in which user data / profile is stored
For now, I will disable UPD
In progress...
Done...
We now have a new "Collection"
The new collection will have the following options in the right pane
- Properties
- Connections
- RemoteApp Programs
- Host Servers
Lets have a look into the properties of this collection
Collection Properties :-
- General
- User Groups
- Session
- Security
- Load Balancing
- Client Settings
- User Profile Disks
User Groups
Users / Groups who are added here will be able to connect to the RD Host Servers
Sessions
List the session settings for the RD Host Server
Security
List the security settings for the connection to the RD Host Server
Load Balancing
Controlling how many sessions can be created on a RD Host Server when there are more then one server. So you can specify the relative weight and the session limit for each RD Host Server. So if I specify the session limit to 10, then only 10 active connections can be established on this server
Also, the relative weight will govern the priority to be given to a RD Host Server
Client Settings
Just the redirection settings for the connections on the RD Host Server
User Profile Disks
During the wizard if you have disabled the User Profile Disk option then you can enable it from this window. Also, if you have enabled the User Profile Disk in the wizard then also you have to do the configuration for the User Profile Disk from here
Now, lets go back to the Collections option
The above all properties were for any collection which you have created. here, you have the properties for the whole deployment which you can change
Edit Deployment Properties
- RD Gateway
- RD Licensing
- RD Web Access
- Certificates
RD Gateway
Do you want to use RD Gateway or not and if yes then would you like it to be detected automatically or you want to manually configure it
RD Licensing
Licensing Mode : Per User or Per Device
Specify a license server
RD Web Access
Certificates
You can create / configure certificates for RD Connection Broker / RD Web Access and RD Gateway
Once all this is done, now lets have a look at the different snap-ins available for different Remote Desktop Services
Unfortunately, only three span-ins are available
- RD Licensing Diagnoser
- Remote Desktop Gateway Manager
- Remote Desktop Licensing Manager
RD Licensing Diagnoser
This is the same as what is used to happen in Windows 2008
It list any warning / errors on the RD Licensing Server or if the RD Host Server is able to find and connect to the RD Licensing Server
Remote Desktop Licensing Manager
I guess the only snap-in in relation to Remote Desktop Services which hasn't changed since Windows 2003... :)
