Only a demo a view options of 2012 RDS
Remote Desktop Roles in server 2012 R2
- Remote Desktop Session Host – Hosts session
- Remote Desktop Connection Broker – Brokers the sessions
- Remote Desktop Web access – Web access
Deployment Options
- Quick Start – Stand alone server (deploys all roles to one server )
- Standard install – Multiple servers (deploys roles over multiple servers)
Quick Start – Stand alone server
- Installing session based desktop
Server 2012 forces you to create a farm with all three roles installed (session host, connection broker and web access).
- Installing Remote Desktop
Tip : Avoid adding the role using role services – support by Powershell only. Use the remote desktop services wizard for installation.
Use session-based desktop, or Virtual machine based desktop deployment (hyper-v and client).
Session based deployment
- On the RDS server
- On the Dashboard – Add roles and features
- Next
- Select Remote desktop services installation (Don’t use role based)
- Click next
- Click quick start for stand alone (alternative select standard)
- Select session based deployment
- Select current server – You must be logged in as a domain administrator
- Select restart automatically
- Click deploy
- Login to finish the deployment ( if the deployment fails, redo the install process and the install will complete)
- On the Dashboard, scroll to the right.
- Select quick session collection (remote app programs will appear hear)
Standard install – Multiple servers deployed
- Installing session based desktop
Standard will deploys roles over multiple servers
For this demo setup 3 RDS servers required
- RD Session Host
- RD Web Access
- RD Connection Broker
Note – Collections will need to be created manually and RemoteApps published manually
Installing Remote Desktop
Tip : Avoid adding the role using role services – supported by Powershell only.
Use the remote desktop services wizard for installation.
Use Session-based desktop
- RDS server (Connection Broker)
- On the Dashboard – Select all servers
- Right click all servers and select add servers (add the other two servers)
- Note : All servers required will now be visible
- On the Dashboard – Add roles and features
- Next
- Select Remote desktop services installation (Don’t use role based)
- Click Standard
- Select session based deployment
- Select current server – Logged on as administrator of the domain
- Select from the list which server will be the session broker ( it is possible to add the web access to this server if required)
- Next
- Select from the list which server will be the web access server
- Next
- Select from the list which server will be the session host server
- Select restart automatically and click deploy
- Login to finish the deployment ( if the deployment fails, redo the install process and the install will complete)
- close
Install complete, Create a Collection
- On the Dashboard, Remote desktop services, scroll to the right.
- Note : Roles will now be spread across the three servers.
- Scroll right select Tasks,
- Create session collection
- Specify a name
- Select session host
- Specify ‘domain users;
- Option for user profile disk, tick
- Set limit of 1GB on user profile settings
- Select a share path for available
- Create (Note : RDS GPOs are need to be removed)
- Close
Publish Apps
- Session Broker Dash board
- Select collection
- Tasks
- Publish remote app
- Select app from available list
- Click publish
RD Licensing
- Install Licensing server on the Session broker
- Each server has two CALS for administrators
- License is required with in 120days
- Activate server
- Purchase CALs to match licensing mode
- Per device CAL or User CAL.
- For this demo install require “Per User CALL”– Note this accepts any connections without limits
- On the dash board
- Select Overview
- RD Licensing
- Select session broker
- Click Add
- Close
Licensing Activation
- Select tools
- Terminal Services
- Remote Desktop licensing manager
- Activate server
- Install licenses
Session Collection Properties
User Groups, Session Settings, Tasks edit properties
- Sessions
When sessions are connected.
- Disconnect – set to end disconnected session after 8hrs
- Connection time limit – Never
- Idle session set to 2hrs
Security
- RDP Encryption
- SSL (TLS1.0) – requires certificates
- Negotiate – Select this option (The most secure layer that is supported by the client will be used)
Session Level of encryption options
- Low 56-bit encryption client to server, server to client is not
- Client compatible – Default level. Encrypts traffic to the maximum strength support by the client. Client and server is encrypted
- High, 128-bit encryption. Client need to support this level of encryption or they will not connect.
- FIPS Compatible – FIPS encryption
- Select session collection properties
- Select Security tab
- Security Layer Set negotiate
- Set High session level
- Untick allow connections only from computers with network level authentication (as we still have XP clients)
- Load Balancing
- Require more than remote desktop session host.
- Edit the properties of the collection
- Add the additional Session host to the collection
- Client Setting
- Configure client Settings
- Specify redirection
- Untick Audio, smart cards, allow client printer redirection
- Tick clipboard
- User Profiles Disk
- Enable User Profile disk.
- Each user will get a dedicated single virtual disk. (.vhdx created when a user logs)
- .vhdx file is mounted underneath c:\Profile Disk\ GUID is the name of the users file name
- .vhdx can mounted manually
- Profile Disk Share
- Create a share location for profile disk
- Share name “Profile Disks”
- Right click , properties, select advanced sharing
- Set share permissions to All to Full
- NTFS permissions User, set to modify
- See Share details under prerequisites
- User Profile Disk
- Collection properties
- Select user profile disk
- Tick enable user profile disk
- Set location to the share name
- Set size limits
- Store only the following in the profile
- (other options available to set)
- Client RDS access
Client RDP
- Save RDP (Save a RDP client on all clients to point to the connection broker)
- Edit the current RDP collection by opening with Notepad
- Edit : Use redirection server name:1:0
- Change to : Use redirection server name:1:1
- Add lines at the bottom : (this is to use the session broker as a load balancer)
- loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.collection name
Login in to a Windows 7 client with the RDS icon configured
- Web Access
RDP Settings – default settings
Login in to a Windows 7 client with the RDS icon configured
https://domainame/RDWeb/