Posts Tagged Resource Authorization Policy

Deploying the RD Gateway Service Role in a 2012 / 2012 R2 RDS Farm

Applies to: Windows Server 2012 and 2012 R2

For any RDS farm, there is a very good chance users will be accessing the farm from a remote location outside of the corporate network. When doing so, it is critical to secure their connection, especially when corporate data is being accessed. In order to secure a user’s connection into a RDS farm, a RD Gateway server will be required. The RD Gateway enables authorized remote users to connect to resources in an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be RD Session Host servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled.

The following will cover the steps needed in deploying a RD Gateway Server into a 2012 / 2012R2 RDS farm. Before deploying the RD Gateway Server, the RDS farm should already be built and configured. Please check out the following for more information on deploying a 2012 / 2012R2 Remote Desktop Services (RDS) farm. Read the rest of this entry »

Advertisements

, , , , , ,

19 Comments

Configuring the RD Gateway Server for a 2012 RDS farm with HA enabled for the RD Connection Brokers

Applies to: Windows Server 2012 and 2012 R2

In a previous article, we demonstrated the steps needed to configure HA for the RD Connection Broker servers in an RDS 2012 farm. If you are using an RD Gateway server for a farm where HA is configured for the brokers, there are a few steps you will need to do in order for users to be able to successfully connect through the RD Gateway server(s).

When a user connects through the RD Gateway server, the gateway server will initially connect the user to one of the RD connection broker servers in order for the broker to determine what server or desktop the user will be connecting to. When HA is enabled for the farm, the gateway server will try to connect the user to the brokers using the DNS Round Robin name when HA was configured for the farm. By default, the DNS name used is not on the gateway’s allowable resource list for users to connect to. So for any user trying to connect to the farm through the RD Gateway, their access will be denied. To get around this, we will simply need to add a new resource authorization policy which will users to access resources through the gateway server using the designated DNS round robin name. Read the rest of this entry »

, , , , , , , , , ,

10 Comments

Configuring HA for the Remote Desktop Connection Broker in a 2012 RDS Farm

Applies to: Windows Server 2012 and 2012 R2

One of the biggest issues with Remote Desktop Services on Windows 2008 R2 was the limitation of only having a single active RD Connection Broker server per RDS farm. Yes, you still could have multiple broker servers, however they would run in an Active/Passive mode. This was a major problem since it would limit the size of the farm. The more servers, resources, and users added to the farm put a strain on the single active RD broker server. In most cases, you would have to create multiple RDS farms to get around this problem. This has changed with RDS for 2012. You can now have multiple active brokers in a single RDS farm.

As per Microsoft, the RD Connection Broker provides the following functionality: Read the rest of this entry »

, , , , , , , , , , ,

20 Comments