Problem solve Get help with specific problems with your technologies, process and projects.

How to set up Remote Desktop Services on Windows 2008 R2

Learn how to install and configure Remote Desktop Services on Windows 2008 R2 to use Terminal Services and Remote Desktop Gateway Manager and test Microsoft's VDI product.

Ever thought about testing or using Microsoft's Virtual Desktop Infrastructure product but didn't know where to start?

Well you're in luck! Here is information about getting Remote Desktop Services (RDS) and some of the basic RDS components up and running.

Step 1: Begin the installation
Launch Server Manager, and select "roles." Once the roles manager screen is up, check the box for Remote Desktop Services (see Figure 1).

Figure 1 (Click image for enlarged view.)


After clicking Next, you should see an introduction to Remote Desktop Services (see Figure 2).

Figure 2 (Click image for enlarged view.)

Step 2: Select Remote Desktop Services roles you want to install
Remote Desktop Services (RDS) includes several components (see Figure 3). These components can be on one machine or many. Let's take a look at each of them.

  • Remote Desktop Session Host: This is the new name of Terminal Server.
  • Remote Desktop Virtualization Host: This component integrates with Hyper-V. This allows for the pooling of virtual machines on Hyper-V to be used for virtual desktops.
  • Remote Desktop Connection Broker: This component is used to bridge the user with a virtual desktop, remote application or Terminal Server session.
  • Remote Desktop Licensing: This is the new name of Terminal Server licensing server that also includes licensing for Microsoft's Virtual Desktop Infrastructure (VDI).
  • Remote Desktop Gateway: This provides a single connection point for clients to connect to a specific virtual desktop, remote app or Terminal Server session.
  • Remote Desktop Web Access: This provides clients an interface to access their virtual desktop, remote app or Terminal Server sessions.

Figure 3 (Click image for enlarged view.)


Step 3: Pick the license mode
As with past Terminal Server licensing, there are two license options: per device and per user (see Figure 4).

Figure 4 (Click image for enlarged view.)


Step 4: Allowing access to Terminal Server (not required)
Select which users to give access to the local terminal services. This component is not required for RDS to work. If you choose to install "Remote Desktop Session Host" as I have, you will get this prompt (see Figure 5).

Figure 5 (Click image for enlarged view.)


Step 5: Configure the client experience
The next screen is "Configure Client Experience" (see Figure 6). This is where you set the defaults for the experience the end user will have with the VDI system.

Figure 6 (Click image for enlarged view.)


Step 6: Configure license scope (see Figure 7)
Just as with Terminal Server of the past, you can configure the scope of the license server. You have the following two options:

  1. Domain: This limits the licensing to only servers in the domain.
  2. Forest: This allows any Terminal Server in the forest to attain a license.

Figure 7 (Click image for enlarged view.)

Step 7: Assigning the SSL certificate for Remote Desktop Gateway (see Figure 8)
The Remote Desktop Gateway uses Secure Sockets Layer (SSL) to tunnel and encrypt traffic from the client. This functionality requires a certificate. There are two options for certificates:

  1. Specify a certificate from the certificate store.
  2. Produce a self-signed certificate.

In either case, the client must trust the certificate.


Figure 8 (Click image for enlarged view.)


Step 8: Configure network access protection (optional)
These next few screens go beyond the scope of RDS but are related, so I will just cover the basics.

Create authorization policies (see Figure 9)
I skipped this part because it is beyond this article's scope. This is where you would configure a policy that states who is allowed to use the Remote Desktop Gateway.

Figure 9 (Click image for enlarged view.)


Install and configure network access and protection policies (see Figure 10 and Figure 11)
This is used to configure and enforce network access polices such as IPsec and network access protection from the client. This feature can also be used to define different policies based on users' connectivity (dial-up or virtual private network).

Figure 10 (Click image for enlarged view.)

Figure 11 (Click image for enlarged view.)


Step 9: Install IIS and Remote Desktop Web Access
Remote Desktop Web Access requires Internet Information Services (IIS), so the next two screens are for installing and configuring IIS. Figure 12 is an overview screen, while Figure 13 is the configuration screen.

Figure 12 (Click image for enlarged view.)

Figure 13 (Click image for enlarged view.)


Step 10: The final steps
At this point, you're done. The last two screens just let you know what you're installing (see Figure 14), and a final screen (see Figure 15) lets you know whether any additional steps like rebooting are required.

Figure 14 (Click image for enlarged view.)

Figure 15 (Click image for enlarged view.)


Now that you have installed and configured RDS, you can start using Terminal Services and Remote Desktop Gateway Manager. The virtual desktop infrastructure will take a wee bit more work, which I will cover in another article.

Brandon Shell has been in the IT industry since 1994. He started out as a PC tech and general fix-it guy for numerous companies. In 2000, Shell joined Microsoft as contractor for the Directory Services team, and he became a full-time employee in 2002. In 2004, Shell left Microsoft to pursue a new position focusing on his real passion, PowerShell. In 2007, he joined the PowerShell MVP ranks, and Shell has spent the past several years building his PowerShell knowledge and helping others build theirs.

Dig Deeper on Terminal Services and Remote Desktop Services