Microsoft Windows Server 2008 R2 Remote Desktop Services

2. Installation

Posted by Benny Tritsch on January 30, 2010

 

If you want to host full Windows desktops or individual Windows-based programs for Remote Desktop Services clients you will not be surprised that you need to install a Remote Desktop Session Host server.  The process of installing a simple, stand-alone Remote Desktop Session Host server in a network requires multiple steps, which are introduced in the following.  It is important to note that at the beginning I will describe the simplest setup without joining an Active Directory domain, later followed by more complex scenarios.  It is obvious that a stand-alone Remote Desktop Session Host server is not suited to be used in a production environment, but helps you to learn about the concepts.

Another important note is that it is recommended to complete Windows product activation when the server still has Internet connectivity before configuring it with static IP addresses for testing purposes.  The same applies for any critical updates that should be done through Windows Update as long as the server has access to the Internet.

The setup of a Remote Desktop Session Host server requires three sequences of activities:

1. Install the Windows Server 2008 R2 base platform using the product DVD.  When prompted, follow the instructions that appear on the screen and be ready to provide the adequate information for the language to install, time and currency format, keyboard or input method, operating system edition, target disk or partition, and administrator password.
2. On the first interactive logon as local administrator, the Initial Configuration Tasks console is opened.  Use it to configure time zone and computer name.  To apply the change of the computer name you must restart the computer.  When the computer is up and running again, logging back in as administrator followed by activating Windows, enabling automatic updates and – if required – changing the IP address are the recommended next activities.  When you are done with this, your base server is ready to be used.  On closing the Initial Configuration Tasks console, the Server Manager is launched automatically.
3. In the Server Manager install the Remote Desktop Services server role.  To enable the server to host full Windows desktops or Windows-based applications select the Remote Desktop Session Host role service in the Add Roles Wizard.  You also need to specify the authentication method, either the new Network Level Authentication or the older authentication method through the logon screen.  In addition to that, you can configure the licensing mode at this stage, but also decide to configure it later.  Final steps are the selection of user groups allowed to access the server and of the multimedia functionalities provided.

On confirmation of the installation selections, the installation process begins.  After the installation completes the server must be restarted, creating an individual Remote Desktop Session Host server.  But this is only the starting point.  For larger environments, additional role services are required.  The Remote Desktop Licensing role service manages the client access licenses that are required to connect to a Remote Desktop Session Host server.  Remote Desktop Connection Broker supports session load balancing in a Remote Desktop Session Host server farm.  Remote Desktop Gateway enables authorized users to connect to remote desktops over the Internet.  Remote Desktop Web Access allows users to access RemoteApp programs and remote desktops through a Web browser.  Remote Desktop Virtualization Host enables users to connect to virtual machines hosted on Hyper-V.

During the installation of any new server type, you must decide on a password for the local administrator account.  The password needs to conform to general security guidelines to protect your server from potential attacks right from the start.  If you enter a non compliant password, a corresponding message will appear.  If you decide to modify the security settings later, allowing you to leave the administrator password blank, you will not be able to access the server using Remote Desktop Services from a remote client.  This is a built-in security functionality that cannot be modified – administrators always need passwords.

In the second installation phase you are asked if you want to join a Windows Active Directory domain or a workgroup.  If you decide to join an existing domain, you need a domain name and a computer account for the server you want to install.  The former can be obtained from the administrator of the domain name system (DNS), the latter from the domain administrator.  You need both before you can successfully install your new system in a domain context.  You can only generate a domain name and a server account during installation if you have domain administrator privileges.

If you are on a small network that has no domain or if you prefer to join the domain later, you can join a workgroup.  You can select the name of an existing workgroup or create a new workgroup.

Like Microsoft, I do not advice to add the Remote Desktop Session Host service role to a domain controller.  Better plan to install this role on a member server or a standalone server.  When installed on a domain controller, Remote Desktop Services performance is affected because of the additional memory, network traffic, and processor cycles required to performing the tasks of a domain controller.  Additionally, security settings may be affected in a negative way.