Windows Server 2012 / 2012 R2 - RDS - Deploy a RDS infrastructure (session-based desktops)

Page 1 / 6

RDS (Remote Desktop Services) is the successor of TSE (Terminal Server) technology that you may have heard about in Windows Server 2003.

With RDS, you can provide desktops (based on Terminal Server sessions or virtual machines) or applications to your users without having to install them on each client workstation.
Indeed, thanks to RDS, you will be able to install all the applications on one or several servers (to ensure a better quality of service and to obtain a better fault tolerance), then to make them accessible at a distance to your users in a completely transparent way.

Note that the applications that you provide to your users will be called RemoteApp and will have to be installed with a special licensing mode called Volume Licensing (VL).
This will be especially the case for applications created by Microsoft, such as Microsoft Office, for example.

That being said, in this first tutorial, we will only publish a collection of session-based desktops.

  1. What is an RDS infrastructure ?
  2. Broker installation
  3. Deploying Remote Desktop Services
  4. Configuring the license server
  5. User profile disks
  6. Create a desktops collection
  7. Get a valid certificate from its certification authority
    1. Create a certificate template for the RDS server
    2. Request a certificate for your RDS server
    3. Export the generated certificate
  8. Secure the RDS server with a valid SSL certificate
  9. Test of the web access and of the published desktop

1. What is an RDS infrastructure ?

A RDS infrastructure consists of one or more servers on which you will install one or more RDS role services.

For most of our tutorials about RDS, we will use :

Note that Remote Desktop Services can't work without linking your different RDS servers to your Active Directory.

If you use the Add Roles and Features Wizard, you will see that Remote Desktop Services consists of several role services :

  • Remote Desktop Web Access (RDWA) : a local web site that gives your users access to the various desktops and/or RemoteApp applications they will be able to access.
  • Remote Desktop Licensing (RDLS) : a program that allows you to manage the allocation of your CALs licenses to your users or devices (depending on the licensing mode chosen)
  • Remote Desktop Session Host (RDSH) : servers on which your users will connect remotely
  • Remote Desktop Virtualization Host (RDVH) : a service that you can install on your Hyper-V virtualization server to use the Virtual Desktop Infrastructure (VDI)
  • Remote Desktop Gateway (RDGW) : a server through which your users can securely access (via HTTPS) to your desktops from the Internet
  • Remote Desktop Connection Broker (RDCB) : a service that allows your users to automatically reconnect to their session

Note that the VDI will be the subject of separate tutorials, as it also requires the installation and configuration of a Hyper-V virtualization server.

2. Broker installation

To begin, we'll explain how to install and configure a basic RDS infrastructure to provide session-based desktops to your users.

To avoid getting errors when deploying Remote Desktop Services (RDS), we recommend that you log in with a Domain Administrator account and install the "Remote Desktop Connection Broker" role service first.

Select "Role-based or feature-based installation".

Select your future RDS server.

Check the "Remote Desktop Services" box.

As mentioned earlier, Remote Desktop Services gives your users access to :

  • session-based desktops (which we will do in this tutorial)
  • RemoteApp programs (in other words : applications installed on a server and accessible remotely from your client computers)
  • virtual desktops (which requires a virtualization host and what will be covered later in other RDS tutorials)

Check the "Remote Desktop Connection Broker" role service.

As you can see, adding this role service will also add the "Windows Internal Database" feature.

Note : if you deploy RDS services directly without first installing the broker, you may get these errors :

Unable to install RD Connection Broker role service on server ...

These errors are due to the fact that the "Windows Internal Database" service did not start correctly.
To avoid this problem, we install the Broker before deploying RDS and these errors will not appear.

Once the box is checked, click Next.

Click Install.

The installation starts.

When the installation is complete, click Close.

From the Windows Server 2012 modern interface, type services and click on the program of the same name.
In the list, check that the "Windows Internal Database" service is running.