Applies to: Windows Server 2012 and 2012 R2
One of the biggest issues with Remote Desktop Services on Windows 2008 R2 was the limitation of only having a single active RD Connection Broker server per RDS farm. Yes, you still could have multiple broker servers, however they would run in an Active/Passive mode. This was a major problem since it would limit the size of the farm. The more servers, resources, and users added to the farm put a strain on the single active RD broker server. In most cases, you would have to create multiple RDS farms to get around this problem. This has changed with RDS for 2012. You can now have multiple active brokers in a single RDS farm.
As per Microsoft, the RD Connection Broker provides the following functionality:
- Allows users to reconnect to their existing sessions in a load-balanced RD Session Host server farm. This prevents a user with a disconnected session from being connected to a different RD Session Host server in the farm and starting a new session.
- Enables you to evenly distribute the session load among RD Session Host servers in a load balanced RD Session Host server farm.
- Provides users access to virtual desktops hosted on RD Virtualization Host servers and to RemoteApp programs hosted on RD Session Host servers through RemoteApp and Desktop Connection.
When a farm is created, there is a small SQL database which resides on the RD Connection Broker server located in the directory c:\windows\rdcbDb\
This database contains information about the farm. Since it resides on a single machine, no other broker server would be able to read or modify the database. In order to configure HA, we will need to run a wizard which will take this database and place it on a SQL server. Once there, multiple broker servers can talk to the database directly. The following is a step by step guide on how to configure HA (Active/Active) for the RD Connection Broker servers in a 2012 RDS farm.
- SQL Server (for this example, SQL 2012 is being used.)
- Access to DNS – A new host record will be required in DNS. This record will be used to round robin the RD broker servers.
Please remember to add each of the servers being used in the RDS Farm to Server Manager in order to have the ability to configure them.
- Create a new Host record in DNS which will be used for DNS round robin for the broker servers. Do this for each of the IP addresses of the RD Connection Broker servers which will be used for HA. In this example we are using the DNS name of RDFarm.DemoLab.int.
- From Active Directory Users and Computers, create a new Security Group. For this example, we used the group name “RD Brokers”
- Add each broker server’s computer account to this new group. The broker servers in this example are RDBROKER01 and RDBROKER02.
- From the SQL server, add the newly created security group as a new SQL login. On the Server Roles for this login, add the role dbcreator.
- On each of the Broker Servers, install the SQL client tools. This can be found with the SQL installation media.
- From Server Manager, go to the Remote Desktop Services Group, right click on RD Connection Broker and choose Configure High Availability.
- A wizard will be launched. On the before you begin screen, hit next.
- On the next screen, you will need to enter information for the SQL server, database, database location and the DNS name for High Availability for the RD Connection broker farm to be accessible on. The information entered is as follows:
Database Connection String: (In this example the database name will be RDFarm)
DRIVER=SQL Server Native Client 11.0;SERVER=DC01;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;Database=RDFarm
Folder to store database files: (This is from a default installation of SQL for demo purposes. Please check with your SQL admin on the correct location.)
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA
DNS Round Robin Name: Enter the DNS Round Robin name the RD Brokers will be accessed one. (This should be placed into DNS prior to proceeding)
If the DNS name is not resolvable, you will be notified and prompted to continue. If you do so, you must ensure this information is added into DNS. If you get this pop-up, this means the DNS host record for RDFarm.DemoLab.int was never added. Please ensure this new host record is added to DNS.
- Verify the items on the confirmation screen and hit Configure.
- Once completed, hit close.
- HA is now enabled for the RD Connection Brokers in the farm. Before we begin adding additional brokers, we must first change the permissions to the newly created database. Within SQL, go to the properties of login RD Brokers which we added early. Within there, select user mappings. Select the RD Farm database and set the database role membership to db_owner. Hit OK to exit.
- With the correct database permissions configured, we are ready to add another RD Connection Broker. Go to Server Manager\Remote Desktop Services, right click on RD Connection Broker and choose Add RD Connection Broker Server to add your new broker server(s). And don’t forget to add the new brokers IP addresses to your DNS Round Robin Name as well make sure to add the broker server’s computer accounts to the Active Directory computer group you created earlier.
- On the before you begin screen, hit next.
- Select and add the designated broker server and hit next.
- On the confirmation screen, hit Add.
- Once the configuration is completed, we will now need to reapply the certificates for Single-Sign On and Publishing. This certificate will be required on all broker servers. Select the option configure certificates.
- As you can see it now lists an error for the broker certificates. Since I have already pre-created my certificates, highlight Enable Single-Sign On and hit the button “select existing certificate”.
- Locate the certificate, enter the password and select the checkbox to allow the certificate to be added to the Trusted Root Certification Authorities certificate store on the destination computers and hit OK.
- Hit Apply to assign the certificate.
- Do the same for the RD Connection Broker – Publishing certificate. Once completed with the certificate installation, hit OK.
- Now that the certificates are applied, close out of the wizard.
The RDS Farm is now configured with two highly available RD Connection broker servers. Should you be using a RD Gateway server for the environment, take a look at the steps to configure the RD Gateway server(s) for a RD Farm with HA enabled on the Broker servers.