Remote Desktop Services - Server 2016 - Deployment question

YYCMichael 21 Reputation points
2020-11-20T17:46:05.827+00:00

Hello, I am new to the proper deployment of Remote Desktop Services so I have a few questions. I have the following on premise setup:

We are only using this setup for thin client connection (server session based desktops), not app publishing. Users would connect using their own RDP client.

SRVGW: RDGW/RDWA roles

SRVCB: RD Connection Broker

FARMA (with dns record): Collection includes SRVSHFA1 Session Host Server

FARMB (with dns record): Collection includes SRVSHFB1 Session Host Server

The system is currently working internally but I have a few questions before I open it up externally (more questions to come I am sure :) )

(1) What does the Connection Broker Server do? Does it only manage loads between multiple session host servers in the same collection? This is what I think it does but I just wanted to make sure - in my current setup it wouldnt be doing much (with only 1 SH server per collection) correct? Would combining it with another infrastructure role (like DC) instead of a standalone be suggested?

(2) When users connect using their own RDP client, do they need to know the server (or session hose collection name) they are connecting to? I was hoping they would put in the gateway address and then the GW and CB would then determine what resources to send them to. So far I am only able to get it to work when the target computer is the name of the SH Collection.

(3) How does the hierarchy of connection rules work? Gateway has its own rules in regards to disabling the clipboard etc, and there are rules with in the connection broker for the same. Just wondering which takes priority or is it least permissions rule.

(4) At the moment I have a public CA SRVGW.domain.com through godaddy - I was hoping to connect to the gateway with a name that isnt so "descriptive". So that the gateway name the user enters doesnt match the server name, so something like corpgateway.domain.com but it would forward to SRVGW - is this possible or am I stuck with the fqdn? We only have 145 RD users so High Availability isnt high on our priority list but it could be in the future.

Thank you in advance.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,550 questions
{count} votes

Accepted answer
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,756 Reputation points Microsoft Vendor
    2020-11-23T05:42:17.6+00:00

    Hi,

    (1) Except managing loads between multiple session host servers in the same collection, when session disconnects, RD Connection Broker will reconnect the user to the correct RD Session Host server and their interrupted session, which still exists in the RD Session Host farm. So, even though there is only one session host server, the RDCB is still needed. It can be standalone and also can be installed on the same server with other RDS role. But it should not be installed on DC, as RDCB role cannot coexist with AD DS role.
    https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-roles#remote-desktop-connection-broker
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/remote/remote-desktop-services-role-cannot-coexist-adds

    (2) Microsoft remote desktop cannot achieve what you require now. You are only able to get it to work when the target computer is the name of the SH Collection

    (3) Disabling rules take priority. For example, if you disabling the clipboard on gateway and enable it on RDCB, clipboard rules follow the gateway rules.

    (4) You can purchase a wildcard certificate (*.domain.com) instead of the certificate with a specific FQDN name (SRVGW.domain.com).

    Thanks,
    Eleven

    ----------

    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. YYCMichael 21 Reputation points
    2020-11-25T21:25:47.987+00:00

    Thank you for the replies, very helpful!

    I was hoping #2 wasnt the fact but I was figuring that it was. I was hoping thats what the CB was for.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.