1. Administer Remote Desktop Session Host
The main component you will
need to administer when working with RDS is the Remote Desktop Session
Host. This is the main component for the services and replaces the core
terminal server component from previous versions of Windows Server.
There are two main areas of
the licensing server you will configure when working with the Remote
Desktop Session Host. You will configure the general settings of the
server as well as the connection protocol or protocols users can use on
your network to properly connect to the RDS server.
1.1. Configure General Settings
When you need to modify
settings potentially impacting your entire RDS server, you can find
them in the general settings for the RD Session Host on the main page of
the administrative tool.
Open Remote Desktop Host Session Configuration by selecting Start => Administrative Tools => Remote Desktop Services => Remote Desktop Host Session Configuration. You will see a screen similar to Figure 1.
To modify any of the settings, double-click any of the settings in the middle task pane, and you will see a screen similar to Figure 2.
Click the tab of the settings you want to modify. The different settings you can find here are listed in Table 1.
When you're finished, click Apply if you want to modify other tabs, or click OK to save your settings.
Table 1. RD Session Host Configuration Settings
| Tab | Setting | Description |
|---|
| General | Delete Temporary Folders On Exit | During
an RDS session, temporary folders are created to support applications.
To help maintain server drive space, this setting deletes the folders on
the RDS server when the session ends. By default, this option is
selected. |
| | Use Temporary Folders Per Session | During
an RDS session, temporary folders are created to support applications
running properly. By default this option is selected. |
| | Restrict Each User To A Single Session | This
prevents users from logging on to the RDS server with multiple
sessions. This will help minimize the amount of resources the RDS server
uses. |
| | User Logon Mode | The
settings allow you to perform maintenance or other routine
administrative procedures on your RDS server. By preventing new logons,
users who are currently connected will be able to reconnect to their RDS
session, while any new connections will be denied. |
| Licensing | Licensing Mode | This
allows you to set or change the licensing mode for the server. You can
set the licensing mode to Per User or Per Device, and this setting must
match the type of RDS CALs you have purchased. This setting can be
changed here if you set it during installation of the RDS role. |
| | Licensing Server | This is where you specify the RDS licensing server for your RDS deployment. |
| RD Connection Broker | Server Purpose | This
determines how your RDS server will work. This setting can be used to
join the RDS server to a large number of other RDS servers to create a
farm for load balancing. You can also set whether this server will
participate in remote desktop virtualization if you want to redirect
desktop virtualization. |
| | Load Balancing | If you have multiple servers in an RDS farm, you can use load balancing settings to control how the servers are best utilized. |
| | Reconnection | This specifies what adapter and IP will be used for reconnections to the RDS server. |
| RD IP Virtualization | Enable IP Virtualization | These
settings are new to Windows Server 2008 R2 and are used to assign IP
addresses unique to the session or the application being utilized by the
server. In prior versions of Windows Server, every session used the IP
address of the server. Now this allows better control for application
and session IP-based filtering and security. IP virtualization will
require a DHCP server to assign a virtual IP address for the sessions. |
| | IP Virtualization Mode | Per
Session will assign a virtual IP address from a DHCP pool to the
session. If you choose Per Program, you will then be able to assign
individual IP addresses per application on your RDS server. |
1.2. Configure Connections for RDS
Configuring connections to
your RDS server governs how your clients will connect to the RDS
server. When a user connects to RDS, the main protocol used to send
information to the client is the Remote Desktop Protocol. RDP
essentially consists of screen refreshes sent from the server to the
client. The RDP packets travel over TCP protocols, and you can control
the communication by modifying or creating new connections. You modify
these settings via the following steps:
To open Remote Desktop Host Session Configuration, select Start => Administrative Tools => Remote Desktop Services => Remote Desktop Host Session Configuration.
To modify any of the settings, double-click any of the settings in the middle task pane.
Click the tab of the settings you want to modify. The different settings you can find here are listed in Table 2.
When you're finished, click Apply if you want to modify other tabs, or click OK to save your settings.
Table 2. RD Session Host Configuration Settings
| Tab | Setting | Description |
|---|
| General | Security | This
determines the security for the communication channel between the
client and server. The default value is Negotiate, which will be
determined by the capabilities of the client. In most cases, the
security layer used will be SSL (TLS 1.0). |
| | Encryption Level | This
setting is also determined by the client and controls the strength of
the encryption for the traffic between the client and the server. |
| | Certificate | You can specify or change the security certificate used to encrypt/decrypt the traffic on your server. |
| Log On Settings | Client Log On Information | This
setting allows you to control how users will authenticate against your
server. The default is for the user to specify their credentials;
however, you can always specify a certain account to be used by the RDS
server. |
| Sessions | Override User Settings | These
settings allow you to control how sessions are disconnected on your RDS
server. These settings will free up resources not used on the server
for idle sessions, improving the overall performance of your server and
other users' sessions. |
| Environment | Initial Program | This setting will determine what is the program loaded into memory when the user connects to the server. |
| Remote Control | Remotely View | You
can configure these settings if you want to view a user's active
session remotely. This will allow you to verify users' connections and
use. |
| Client Settings | Color Depth | The
settings in client settings control how the RDP session will appear to
the user and what the remote desktop interface will look like. You can
set the color depth, which will control how the display looks. The
better the quality of color, the truer the remote desktop will look to
being a native desktop. |
| | Redirection | This
allows you to disable certain aspects of how the remote client is used.
The more features you disable, the less functionality and traffic that
is sent to the client. The more features you leave enabled, the closer
the remote client will look to a real desktop. |
| Network Adapter | Adapter Settings | This
allows you to control which adapter or adapters your RDS server can
use, as well as how many connections are limited for the network adapter
selected. |
| Security | | This
allows you to set which users or groups can connect to the RDS
components. When you first open this tab, you will see a warning similar
to Figure 13.6.
Even though you can modify the users in this option, it is recommended
you use the Remote Desktop Users group to control access. |
2. Activate Remote Desktop Licensing Server
The RD Licensing component of
RDS plays a vital role in your network. This server governs the RDS CALs
for your server. If this server is not properly configured or
activated, your RDS environment could stop working and prevent
connections to your RDS server.
You have two choices for the licensing mode of your RDS server. You can license the server per device or per user. Per device
allows one device on your network to connect to the RDS server
regardless of which user is logged onto the device. This licensing mode
is useful when kiosk computers are used heavily in conjunction with RDS
for your infrastructure. Per user
allows you a user to log on to the RDS services from any computer in
your network. This mode is useful when you have users who use a variety
of workstations to perform their tasks.
One of the key steps you will
need to perform on the license server is activating the server. You
need to have legitimate RDS CALs you have purchased and then activate
your server. To activate the server, you need to go into the RD
Licensing Manager tool.
To open the RD Licensing Manager, select Start => Administrative Tools => Remote Desktop Services => Remote Desktop Licensing Manager, and you will see a screen similar to Figure 4.
You will notice your server has an activation status of Not Activated.
Right-click your server, and click Activate Server.
Review the welcome screen, and click Next.
Choose
your activation method, which determines how you will verify your RDS
CALs. You can connect through the Internet by using a browser or by
calling with your telephone. After you have selected your method, click
Next.
No matter which method you choose, you will need your licensing server ID; after you have entered it, click Next.
Your server will then be activated.
After your server has been
activated, you will then be able to install, configure, and remove your
licenses easily. It is just a matter of purchasing the licenses through
legitimate sources and having a properly activated server.
