Remote Desktop Services: Part 1

This will be the first part in a series about Windows Remote Desktop Services. For this series, I will be using Server 2012 R2. There are two versions of this, both of which I will cover in the series. There’s virtual machine-based deployment and session-based desktop deployment. VM-based deployments use a client OS to deliver applications and desktops, and are more your general VDI solution. Session-based delivers applications and desktops more efficiently. Session-based is also easier to deploy, so we will start there.

The end goal with RDS is to present a user with a web page where they can select an application or desktop to launch. This requires no extra client on a machine, and leverages the built-in Remote Desktop Connection application for most of its work. You also have a lot of the same functionality of Remote Desktop, such as copy/paste between the host and the remote desktop session, device mapping, etc.

Session-based Roles

We will start with session-based desktop deployment. In a lab scenario, all RDS roles can be installed on the same server, but in a production environment, you would want to install these across several for better performance and availability. There are three main roles.

First is the Remote Desktop Session Host. This component is exactly what it says it is – the virtual desktop or server hosting the remote applications.

Second, the Remote Desktop Connection Broker manages the connections between the clients and RDS. You only need one of these in your environment. In a load-balanced scenario, this role manages where incoming clients will go. For existing clients, it will direct them back to the same host if their network connection is lost.

Finally, Remote Desktop Web Access. This is the web portal for RDS, where users can launch remote applications or desktops.

Session Based Installation

To begin installation, launch Server Manager. First, you must your other RDS servers to this server manager. You will need the requisite ports open on the firewall of your other servers to allow this one to manage them. The account that you are using for Server Manager must also be an administrator on the others. To add additional servers, click “Add other servers to manage”:


On the next screen, search for your additional servers and add them. Server Manager will import there current configuration and you are ready to go.

Now launch the “Add Roles and Features” wizard. Instead of Role-based or feature-based installation, select RDS installation.


In a production environment, you would want to split the individual roles off onto separate servers. To do this, keep “Standard deployment” selected. The “Quick start” deployment will deploy all roles on a single server, which is not good in production. Next, select “Session-based desktop deployment”. We will come back to VM-based in another part:


The next screen just gives you a brief description of what you will installing:


Next, select the server that will host the RDS Connection Broker. After that, select the server for the RDS Web Access role. If you notice at the top, there’s a check box where you can tell it to install the web access role on the same server as the connection broker:


Finally, select the server or servers for the RDS Session Host role. After that, you can click deploy and the system will install everything on your servers. If you need to add additional session host servers afterward, you would do it from a server already in the RDS farm.



Contact Us

On Key

More Posts

WME Cybersecurity Briefings No. 014
Cyber Security

WME Security Briefing 14 June 2024

LightSpy Spyware’s macOS Variant Detected with Advanced Surveillance Capabilities Overview Findings reveal a previously undocumented macOS variant of the LightSpy spyware. It was initially thought to target only iOS users. This spyware utilizes a plugin-based system

Read More »
WME Cybersecurity Briefings No. 013
Cyber Security

WME Security Briefing 10 June 2024

CISA Urges Patching of Actively Exploited Linux Kernel Vulnerability Overview CISA just issued an urgent advisory concerning a newly discovered security flaw in the Linux kernel. The flaw is being actively exploited to affect the netfilter component of

Read More »
3 Things to Consider Before You Enable Copilot for Microsoft 365
Microsoft Copilot

3 Things to Consider Before You Enable Copilot for Microsoft 365

In today’s digital landscape, any productivity tool that streamlines workflow and boosts performance is a pleasant addition. With its AI-powered productivity-enhancing capabilities, Microsoft Copilot has emerged as a game-changer for employees, particularly for organizations using Microsoft

Read More »
WME Cybersecurity Briefings No. 012
Cyber Security

WME Security Briefing 03 June 2024

Moroccan Cybercrime Group Exploits Gift Card Systems for Major Financial Gains Overview: Storm-0539, also called Atlas Lion, is a Moroccan cybercrime group that executes advanced email and SMS phishing attacks. They are committing fraud by utilizing

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.