Remote Desktop : Install RDS (Session based)2021/12/20 |
|
Install Remote Desktop Service (RDS). It can connect to Desktop or Applications on a Server from remote Computers.
If many users or devices connect to RDS, it needs to buy RDS CAL.
|
|||||||
| [1] |
It needs that the Computer you'd like to install RDS is a member Host of an AD domain.
So Prepare Active Directory Domain Server in your network. (It is not recommended to install RDS in Domain Controller because of security risk or performance reasons.) |
||||||
| [2] | |||||||
| [3] | Logon with an user who are in [Domain Admins] group and Run PowerShell with Admin Privilege. |
Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. # Install RDS and other services and tools PS C:\Users\serverworld> Install-WindowsFeature Remote-Desktop-Services,RDS-Web-Access,RDS-RD-Server,RDS-Connection-Broker,RDS-Licensing -IncludeManagementTools Success Restart Needed Exit Code Feature Result ------- -------------- --------- -------------- True Yes SuccessRest... {ASP.NET 4.8, Remote Desktop Connection Br... WARNING: You must restart this server to finish the installation process. # restart computer to apply changes PS C:\Users\serverworld> Restart-Computer -Force # enable PowerShell remote connection PS C:\Users\serverworld> Enable-PSRemoting # configure ConnectionBroker/WebAccessServer/SessionHostServer # specify Server's hostname or IP address for each value PS C:\Users\serverworld> New-RDSessionDeployment -ConnectionBroker "rx-7.srv.world" -WebAccessServer "rx-7.srv.world" -SessionHost "rx-7.srv.world" # confirm settings PS C:\Users\serverworld> Get-RDServer Server Roles ------ ----- RX-7.SRV.WORLD {RDS-RD-SERVER, RDS-CONNECTION-BROKER, RDS-WEB-ACCESS} # SSL certificate for remote accessing is generated automatically by the installation steps, # however, it can not access with the generated certificate because ERR_SSL_KEY_USAGE_INCOMPATIBLE error is shown, # so remove it and set a valid certificate you got or set a self-signed certificate created by yourself. # it uses self-signed certificate on this example. # show current configured certificate PS C:\Users\serverworld> Get-ChildItem "Cert:\LocalMachine\My" PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\My Thumbprint Subject ---------- ------- DD346A7E2069F7F254B37B953BCB65E8477061A3 CN=rx-7.srv.world # remove the auto-generated certificate PS C:\Users\serverworld> Remove-Item "Cert:\LocalMachine\My\DD346A7E2069F7F254B37B953BCB65E8477061A3" # get certificate or create self-signed certificate ⇒ refer to here for creating self-signed certificate # show new configured certificate PS C:\Users\serverworld> Get-ChildItem Cert:\LocalMachine\My PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\My Thumbprint Subject ---------- ------- 99E0FDC7DBA905320BF746FD0BF09E8904FF0186 CN=rx-7.srv.world # set a new certificate to the IIS for RDWeb site (Default Web Site) PS C:\Users\serverworld> $Cert = Get-ChildItem Cert:\LocalMachine\My\99E0FDC7DBA905320BF746FD0BF09E8904FF0186 PS C:\Users\serverworld> Get-Website Name ID State Physical Path Bindings ---- -- ----- ------------- -------- Default Web Site 1 Started %SystemDrive%\inetpub\wwwroot http *:80: https *:443: sslFlags=0 PS C:\Users\serverworld> Set-Item IIS:\SslBindings\0.0.0.0!443 -Value $Cert |
|
Remote Desktop : Install RDS (Session based) (GUI)
|
|
On GUI installation, set like follows.
|
|
| [4] |
Logon with an user who are in [Domain Admins] group and Run PowerShell with Admin Privilege and run the command below
to enable PowerShell remote connection.
PS> Enable-PSRemoting
|
|
| [5] | Run Server Manager and Click [Add roles and features]. |
|
| [6] | Click [Next] button. |
|
| [7] | Select [Remote Desktop Services installation]. |
|
| [8] | On this example, select [Standard deployment] to proceed. |
|
| [9] | On this example, select [Session-based desktop deployment]. |
|
| [10] | Click [Next] button. |
|
| [11] | Specify Remote Desktop connection Broker server. The servers in the Domain are listed, select from it. |
|
| [12] | Specify Remote Desktop Web Access server. The servers in the Domain are listed, select from it. |
|
| [13] | Specify Remote Desktop Session Host server. The servers in the Domain are listed, select from it. |
|
| [14] | Check a box [Restart the destination server automatically if required] and click [Deploy] button. |
|
| [15] | During the installation, System will restart once automatically. After finishing installation, Click [Close] button. |
|
| [16] |
SSL certificate for remote accessing is generated automatically by the installation steps,
Open [Run] and input [certlm.msc], then you can find auto-generated certificate under the [Personal] - [Certificate].however, it can not access with the generated certificate because ERR_SSL_KEY_USAGE_INCOMPATIBLE error is shown, so remove it and set a valid certificate you got or set a self-signed certificate created by yourself. it uses self-signed certificate on this example. (refer to here to create self-signed one) Remove it and set the one you got or you created on the same place. |
|
| [17] | Run [Server Manager] and Click [Tools] - [Internet Information Services (IIS) Manager]. |
|
| [18] | Right Click the [Default Web Site] on the left pane and Select [Edit Bindings]. |
|
| [19] | Select [https] line and click the [Edit] button. |
|
| [20] | Select the certificate you got or you created on the [SSL certificate] section and click [OK] button. |
|
Matched Content