Windows Server 2012 R2 – Deploying Remote Desktop Services

Advertisement

KB ID 0001136 Dtd 18/01/16

Problem

I’ve had to do a rollout of Remote Desktop Services on Server 2012 R2, and publish it with Active Directory Federation Services and Web Application Proxy. I’m a little rusty on RDS and needed to deploy a few roles, so for my proof of concept I deployed¬†RDS¬†on TWO servers. Below is a run though and my notes on deploying RDS ONLY (I’ll put the links to other articles at the bottom of this post as I write them).

Solution

To save yourself some hassle, visit every server that will be in the Remote Desktop Server deployment, and add all the others into each others ‘server manager’ console.

Add Server to Server Manager

Manage > Add Roles and Features > Next > Remote Desktop Services Installation > Next.

Remote Desktop Deployment 2012

Standard Deployment. Note: If you choose Quick Start it puts all the roles on one server  > Next.

Standard RDS Deployment

Session-based desktop deployment > Next.

Session Based RDP

Next.

Remote Desktop Roles

Select the server that will host the Connection Broker Rule and add it  > Next.

Install RD Connection Broker

Add the server that will host the Remote Desktop Web Access role > Next.

Install RD Web Access

Add the server that will host the Remote Desktop Session Host role > Next.

Install RD Session Host

Tick the ‘restart the destination server automatically if required’ > Deploy.

Deploy RDS

Finish. (Note: There will be a licensing error, we will address that in a minute).

Multi Server Remote Desktop

In Server Manager > Remote Desktop Services > Overview > Note: There are two options yet¬†to be configured, (shown in green). Select ‘RD Gateway’.

Deploy Remote Desktop Gateway

Add in the server that will host the RD Gateway role > Next.

Install Remote Desktop Gateway

Add in the public name of the RD Gateway server, this will generate a self signed certificate, (you can replace this with a proper one later).

RDG Certificate

Add.

RDG Role

Close

Gateway Role Service

Now Add RD Licensing.

RD Licensing

Add in the server that will host the licensing role > Next.

Deploy Remote Desktop Licensing

Add

RD Licence Setup

Close

Terminal Services 2012 R2

All the nodes should now be displayed..

Remote Desktop Roles

In production you would now add your Remote Desktop Licences, If you don’t, ¬†the whole thing will run for 120 days, (though it continues to nag you about adding licences). I’m content with the 120 day licence for my test deployment. But I will still ‘Activate’ my licensing server.

Activate RD Licensing

Follow the instructions

Licence server 2012 R2

Now you need to create a ‘Collection‘, this is a group of host servers that host applications you can publish. Server Manager > Remote Desktop Services > Collection¬†> Task > Create Session Collection.

Create Remote Desktop Collection

Next.

Deploy RDS Collection

Give the collection a name  > Next.

RDS collection name

Add in the server(s) running the RD Host role that will be included in this collection > Next.

Add Session host to a Collection

Select the user groups that you want to grant access to. Here Im simply using the domain users group  > Next.

User Groups RDS Permissions

If you want to deploy ‘profile disks’ enter a UNC path to the share > Next.

User Profile Disks

Create.

Deploy RDS Profile Disks

Close.

Session Collection

To actually publish applications, select the collection you just created > RemoteApp Programs > Tasks  >Publish RemoteApp Programs.

Publish RemoteApp Programs

Select the applications, (or add them in if they are not displayed)  > Next.

Deploy Apps with RDS

Publish.

Deploy RDWeb apps

Note: You can change certificates from within Server Manger, but I prefer the manual approach, on the RD Gateway Server > Launch the IIS Manager > Select the server > Server Certificates.

Server Certificates IIS

Import > Import your publicly signed certificate, (you can use a self signed certificate but DON’T FORGET your remote client needs to be able to check your CRL, and trust your issuing CA if you do).

Import IIS certificate

Sites > Default Web Site > Edit Bindings.

IIS Cert Bindings

Select ‘https’ > Edit > Add in your certificate > OK > Close.

Wildcard Cert IIS

Bounce the services with an ‘iisreset‘ command.

Restart IIS

Update 070316 You also will need to restart the Remote Desktop Services Service!

Restart RemoteDesktop Gateway

Connect to the server on the https://{FQDN}/RDWeb address, and you can check the correct certificate is used.

RDWeb Certificate Check

You should now be able to log into Remote Desktop Services Web Access.

RDWeb Portal

Related Articles, References, Credits, or External Links

Server 2008 R2 Install and Configure Remote Desktop Services (Web Access)

Publishing Remote Desktop Services With Web Application Gateway

Author: PeteLong

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *