Deploying Remote Desktop Connection Broker with High ... · Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide A failover cluster is a group of independent

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Microsoft Corporation

Published: May 2010

Abstract

This guide describes the steps for configuring Remote Desktop Connection Broker (RD

Connection Broker) in a failover cluster, as part of a configuration that provides users with access

to personal virtual desktops or virtual machines in a virtual desktop pool through RemoteApp and

Desktop Connection.

This document is provided “as-is”. Information and views expressed in this document, including

URL and other Internet Web site references, may change without notice. You bear the risk of

using it.

This document does not provide you with any legal rights to any intellectual property in any

Microsoft product. You may copy and use this document for your internal, reference purposes.

© 2010 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, Windows, and Windows Server are either registered trademarks or

trademarks of the Microsoft group of companies. All other trademarks are property of their

respective owners.

Contents

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide ........... 4

Overview of Remote Desktop Services and virtual machine redirection in the context of a

failover cluster ........................................................................................................................... 4

Hardware, software, and network infrastructure requirements for a failover cluster ................ 7

Role, role services, and feature requirements for a failover cluster that supports virtual

machine redirection ............................................................................................................... 8

Steps for installing a failover cluster that runs Remote Desktop Connection Broker with virtual

machine redirection................................................................................................................... 9

Step 1: Connect the cluster servers to the networks and optionally to storage ....................... 9

Step 2: Make sure that the necessary role, role services, and feature are installed .............. 10

Step 3: Validate the cluster configuration ............................................................................... 14

Step 4: Configure RD Connection Broker as a one-node cluster ........................................... 17

Step 5: Configure a certificate and additional settings on the first server .............................. 20

Step 6: Deploy the certificate and configure necessary settings on additional servers ......... 23

Step 7: Add one or more additional servers to the failover cluster ......................................... 26

Step 8: Complete the configuration and test failover .............................................................. 27

Appendix A: Differences between a clustered RD Connection Broker and a standalone RD

Connection Broker .................................................................................................................. 29

Additional references ................................................................................................................. 30

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

A failover cluster is a group of independent computers that work together to increase the

availability of applications and services. The clustered servers (called nodes) are connected by

physical cables and by software. If one of the cluster nodes fails, another node begins to provide

service (a process known as failover). Users experience a minimum of disruptions in service.

This guide describes the steps for configuring Remote Desktop Connection Broker (RD

Connection Broker) in a failover cluster, as part of a configuration that provides users with access

to personal virtual desktops or virtual machines in a virtual desktop pool through RemoteApp and

Desktop Connection. To configure RD Connection Broker in this way, you start with a server that

can act as an RD Session Host and RD Connection Broker, configure that server as a one-node

failover cluster, then add additional servers (configured in the same way) to the cluster. This can

increase the availability of the access you provide to users.

As you work with the configuration in this guide, you can also learn about failover clusters and

familiarize yourself with the Failover Cluster Manager snap-in in Windows Server® 2008 R2

Enterprise or Windows Server 2008 R2 Datacenter.

The failover cluster feature is not available in Windows Web Server 2008 R2 or Windows

Server 2008 R2 Standard.

For information about the features and functionality in Remote Desktop Services and in failover

clustering in Windows Server 2008 R2, see the following topics:

What's New in Remote Desktop Services (http://go.microsoft.com/fwlink/?LinkId=185916)

What's New in Failover Clusters in Windows Server 2008 R2

(http://go.microsoft.com/fwlink/?LinkId=147426).

Overview of Remote Desktop Services and virtual machine redirection in the context of a failover cluster By using the steps in this guide, you can provide users access to personal virtual desktops or

virtual machines in a virtual desktop pool, through RemoteApp and Desktop Connection. This is

called virtual machine redirection. You can provide virtual machine redirection by configuring a

server with specific role services and settings that are available through the Remote Desktop

Services server role (as described in Role, role services, and feature requirements for a failover

Note

http://go.microsoft.com/fwlink/?LinkId=185916


cluster that supports virtual machine redirection, later in this topic). Then, to increase the

availability of the services that you are providing, you configure that server as a one-node failover

cluster and add more servers (configured with the same role services and settings) to the failover

cluster. If one of the servers fails or must be taken offline for maintenance, another server begins

to provide service through a process known as failover.

The following illustration shows a failover cluster with a clustered instance of RD Connection

Broker. Node 1 and Node 2 are connected by multiple networks. Node 1 has failed, and Node 2

has begun running the clustered instance of RD Connection Broker. Node 2 is also running RD

Session Host, although not as part of a cluster. When Node 1 recovers from the failure, it will also

be able to run RD Session Host. In other words, even if one node fails, RD Session Host and RD

Connection Broker continue to be available.

Figure 1 Failover of clustered RD Connection Broker

Although it is not called out in the previous illustration, the clustered instance of RD Connection

Broker stores important state information in registry keys that the Cluster service monitors and

replicates between the cluster nodes. (This differs from some other clustered services or

applications, which typically store such information in cluster storage.) Because the information is

automatically replicated between nodes, when Node 2 begins running the clustered instance of

RD Connection Broker, the state information it needs is already stored in the local registry on the

node.

The following illustration shows the sequence of events that begins with the user requesting a

connection to a virtual desktop, and ends with the virtual desktop being displayed on the client.

Figure 2 Servers providing a virtual desktop

1. The user requests a connection to a virtual desktop, either a personal virtual desktop or one

from a virtual desktop pool.

2. The RD Gateway receives the request.

3. The RD Gateway sends the request to a virtual machine redirector (that is, RD Session Host

running in virtual machine redirection mode). The virtual machine redirector informs RD

Connection Broker, and then waits for the IP address of a virtual machine.

4. RD Connection Broker requests information about a virtual machine from the RD

Virtualization Host.

5. RD Connection Broker receives information about a virtual machine and then provides that

information to the virtual machine redirector.

6. The virtual machine redirector communicates through the RD Gateway, providing the client

with the IP address and connection information for a virtual desktop.

7. The client connects to a virtual desktop.

8. The virtual desktop is displayed on the client.

The following illustration shows the same sequence of events occurring despite the failure of one

node of the cluster. Because a second cluster node is still running, it can respond to client

requests as they occur.

Figure 3 Servers providing a virtual desktop after a failure

From time to time, a user might attempt to connect with a clustered server just before it fails. In

that case, when the server fails, the user will have to try again. On the next attempt, assuming

that the connection attempt is made with a functioning server, it will succeed.

When you create a clustered instance of RD Connection Broker, you configure certain settings

differently than you would for a standalone RD Connection Broker server. For a table of the

differences, see Appendix A: Differences between a clustered RD Connection Broker and a

standalone RD Connection Broker.

Hardware, software, and network infrastructure requirements for a failover cluster

For a list of the hardware, software, and network infrastructure requirements for a failover cluster,

see Understanding Requirements for Failover Clusters

(http://go.microsoft.com/fwlink/?LinkId=178500). When reviewing those requirements, keep the

following items in mind:

If you begin the procedures in this document with a failover cluster already in use, you cannot

have a clustered Generic Service configured in your cluster before you configure a clustered

instance of Remote Desktop Connection Broker. If you have a clustered Generic Service

already configured in your cluster, see the alternative procedures at On Windows 2008 R2



when trying to add Remote Desktop Connection Broker...


For the configuration in this step-by-step, connecting the cluster servers to storage is only

required if your cluster will have an even number of nodes and you choose the cluster

quorum configuration called Node and Disk Majority. If your cluster will have an even

number of nodes, you will not be required to connect the servers to storage if you choose the

quorum configuration called Node and File Share Majority. (If your cluster will have an odd

number of nodes, it also does not require storage.) For more information about these two

quorum configurations, see Failover Cluster Step-by-Step Guide: Configuring the Quorum in

a Failover Cluster (http://go.microsoft.com/fwlink/?LinkId=180628).

Because the servers in the failover cluster in this configuration are referenced by IP

addresses in host resource records that are used by clients, we recommend that you assign

static IP addresses on the servers, rather than using DHCP. Otherwise, the lease for an IP

address used by one of the cluster servers could expire in DHCP, and the server would

become unavailable until the host resource records were updated.

Role, role services, and feature requirements for a failover cluster that supports virtual machine redirection

Each server that will be in a failover cluster that supports virtual machine redirection requires the

following role, role services, and feature:

Server role: Remote Desktop Services

We do not recommend that you install the Remote Desktop Services role on domain

controllers (that is, servers with the Active Directory Domain Services role installed).

Role services:

Remote Desktop Connection Broker

Remote Desktop Session Host

As described in this guide, you configure this role service to support virtual machine

redirection. When you do this, the following changes are made to the RD Session Host

server:

The user logon mode is changed to Allow reconnections, but prevent new logons.

All programs are removed from the RemoteApp Programs list in RemoteApp

Manager.

The Authenticated Users group is added to the Remote Desktop Users group.

To connect remotely to administer an RD Session Host server that is configured

to provide virtual machine redirection, use the mstsc /admin command.

Feature: Failover Clustering

Note

Note




For more information about Remote Desktop Services and virtual machine redirection, see the

links in Additional references, later in this topic.

Steps for installing a failover cluster that runs Remote Desktop Connection Broker with virtual machine redirection Step 1: Connect the cluster servers to the networks and optionally to storage

Step 2: Make sure that the necessary role, role services, and feature are installed

Step 3: Validate the cluster configuration

Step 4: Configure RD Connection Broker as a one-node cluster

Step 5: Configure a certificate and additional settings on the first server

Step 6: Deploy the certificate and configure necessary settings on additional servers

Step 7: Add one or more additional servers to the failover cluster

Step 8: Confirm the configuration and test failover

Step 1: Connect the cluster servers to the networks and optionally to storage

Use the following instructions to connect your selected cluster servers to networks and optionally

to storage.

For the configuration in this step-by-step, connecting the cluster servers to storage is only

required if your cluster will have an even number of nodes and you choose the quorum

configuration called Node and Disk Majority. If your cluster will have an even number of

nodes but you choose Node and File Share Majority, or if it will have an odd number of

nodes, you do not need to connect the cluster servers to storage.

1. Review the details about hardware and network requirements in Understanding

Requirements for Failover Clusters (http://go.microsoft.com/fwlink/?LinkId=178500).

For a failover cluster network, avoid having single points of failure. There are multiple

ways of accomplishing this. You can connect your cluster nodes by multiple, distinct

networks. Alternatively, you can connect your cluster nodes with one network that is

constructed with teamed network adapters, redundant switches, redundant routers, or

similar hardware that removes single points of failure. (If you use a network for iSCSI,

you must create this network in addition to the other networks).

2. Connect and configure the networks that the servers in the cluster will use.

Important

To connect the cluster servers to the networks and optionally to storage



3. Your test configuration will probably include a non-clustered domain controller and may

include clients. Make sure that these computers can connect to the clustered servers

through at least one network.

4. If your cluster will have an even number of nodes and you choose the quorum

configuration called Node and Disk Majority, follow the instructions for connecting the

servers to storage in Prepare Hardware Before Validating a Failover Cluster

(http://go.microsoft.com/fwlink/?LinkId=190316). Note that a disk witness (the disk used

for Node and Disk Majority) must use NTFS.

Step 2: Make sure that the necessary role, role services, and feature are installed

In this step, you review the necessary role, role services, and feature, and make sure that all of

them are installed on two or more servers. The servers must be members of a domain, but we do

not recommend that you install the Remote Desktop Services role on domain controllers (that is,

servers with the Active Directory Domain Services role installed).

Membership in the local Administrators group, or equivalent, is the minimum required to

complete this procedure.

1. On one of the servers, if you recently installed Windows Server 2008 R2, and the Initial

Configuration Tasks interface is displayed, click Close (on the lower right). After Initial

Configuration Tasks closes, Server Manager opens.

2. If the Initial Configuration Tasks interface is not displayed and Server Manager is not

running, click Start, click Administrative Tools, and then click Server Manager. (If the

User Account Control dialog box appears, confirm that the action it displays is what you

want, and then click Yes.)

Figure 4 Server Manager

To make sure that the necessary role, role services, and feature are installed


3. In the console tree, select Roles, and in the center pane, expand items as necessary to

see whether the following have all been installed:

Role: Remote Desktop Services

Role Service: Remote Desktop Session Host

Role Service: Remote Desktop Connection Broker

4. Install the role, role services, or both, depending what has already been installed:

If the Remote Desktop Services role has not been installed, under Roles Summary,

click Add Roles to open the Add Roles Wizard. On the Before You Begin page,

click Next and on the Select Server Roles page, select Remote Desktop Services,

and then click Next twice. Continue to step 5.

If the Remote Desktop Services role is installed, but the Remote Desktop Session

Host and Remote Desktop Connection Broker role services are not both installed,

under Roles Summary, click Remote Desktop Services and then under Role

Services, click Add Role Services.

5. On the Select Role Services page, if Remote Desktop Session Host has not been

installed, select it. Likewise, if Remote Desktop Connection Broker has not been

installed, select it.

If you are installing the Remote Desktop Session Host role service, follow the

instructions in the wizard to specify the authentication mode and licensing mode. For the

user groups and the client experience, accept the defaults. For more information, see

Install the RD Session Host Role Service


6. When the wizard finishes, close it. As needed, restart the server.

7. Add this server (the server you are configuring) to the Session Broker Computers

group. To do this:

a. In Server Manager, expand Configuration, expand Local Users and Groups, and

then select Groups.

b. In the center pane, double-click Session Broker Computers.

c. In the Session Broker Computers Properties dialog box, click Add.

d. In the Select Users, Computers, Services Accounts, or Groups dialog box, click

Object Types.

e. Select the Computers check box, clear other check boxes, and then click OK.

f. In the Enter the object names to select box, specify the name of the server you are

currently configuring. (You will add other objects to this group in later steps in this

guide.)

g. Click OK twice.

8. In Server Manager, expand Roles, expand Remote Desktop Services, and then click

RD Session Host Configuration.

9. In the center pane, right-click the setting that is displayed under RD Connection Broker,

click Properties, and then click the Change Settings button.

Figure 5 RD Connection Broker settings


10. To configure RD Session Host for virtual machine redirection, make sure that Virtual

machine redirection is selected. For RD Connection Broker server name, specify the

name of the server you are configuring. You will change this name later to the name of

the clustered instance of RD Connection Broker (rather than the name of a particular

physical server).

11. When prompted, click Yes, and then click OK twice to close all dialog boxes.

Important

After performing this step, to connect remotely to administer your RD Session

Host server, use a command of the form mstsc /v:<servername> /admin where

<servername> is the name of the server you want to connect to.

12. In Server Manager, in the console tree, select Features, and then under Features

Summary, click Add Features.

13. In the Add Features Wizard, select Failover Clustering, click Next, and then click

Install.

14. Follow the instructions in the wizard to complete the installation of the feature. When the

wizard finishes, close it.

15. Repeat the process to install the role, role services, and feature on each server that you

want to include in the cluster.

Step 3: Validate the cluster configuration

Before you create a cluster, we strongly recommend that you validate your configuration.

Validation helps you confirm that the configuration of your servers, network, and storage meets a

set of specific requirements for failover clusters.


complete this procedure.

1. To open the failover cluster snap-in, click Start, click Administrative Tools, and then

click Failover Cluster Manager. (If the User Account Control dialog box appears,

confirm that the action it displays is what you want, and then click Yes.)

Figure 6 Failover Cluster Manager snap-in

To validate the failover cluster configuration

2. Confirm that Failover Cluster Manager is selected, and then in the center pane under

Management, click Validate a Configuration.

Figure 7 Validate a Configuration Wizard

3. Follow the instructions in the wizard to specify this server and any other servers that will

be in the cluster, select the tests, and then run the tests. To fully validate your

configuration, run all tests before you create a cluster.

Important

Even though you will initially create a one-node cluster in the procedure that

follows, we recommend that you run all tests now on all the servers that you plan

to include in the failover cluster. If you run tests on only one server now, you will

need to run tests later on all the servers (some tests require at least two servers

to run).

4. The Summary page appears after the tests run. To view Help topics that will help you

interpret the results, click More about cluster validation tests.

5. While still on the Summary page, click View Report and read the test results.

To view the results of the tests after you close the wizard, see

SystemRoot\Cluster\Reports\Validation Report date and time.html

where SystemRoot is the folder in which the operating system is installed (for example,

C:\Windows).

6. Close the wizard. As necessary, make changes in the configuration and rerun the tests.

7. To view Help topics about cluster validation after you close the wizard, in Failover Cluster

Manager, click Help, click Help Topics, click the Contents tab, expand the contents for

the failover cluster Help, and click Validating a Failover Cluster Configuration.

Step 4: Configure RD Connection Broker as a one-node cluster

In this procedure, you run the Create Cluster Wizard on one server and configure a clustered

instance of RD Connection Broker. Later you will add one or more additional servers to the

failover cluster.


complete this procedure. In addition, if your account is not a Domain Admins account, either the

account or the group that the account is a member of must be delegated the Create Computer

Objects permission in the domain.




2. Confirm that Failover Cluster Manager is selected, and then in the center pane under

Management, click Create a Cluster.

Figure 8 Create Cluster Wizard

To configure RD Connection Broker as a one-node cluster

3. Follow the instructions in the wizard to specify:

The name of this server (only).

The name of the cluster, to be used for administering the cluster itself.

Any IP address information that is not automatically supplied by DHCP.

4. After the wizard runs and the Summary page appears, to view a report of the tasks that

the wizard performed, click View Report.

5. In Failover Cluster Manager, if the console tree is collapsed, expand the tree under the

cluster that you just created.

6. Click Services and Applications and then, under Actions (on the right), click Configure

a Service or Application.

7. If the Before You Begin page appears, click Next. The Select Service or Application

page appears.

Figure 9 High Availability Wizard

8. Select Remote Desktop Connection Broker and then click Next.

If you see a message that says Only one instance of this role is allowed in the

cluster, it indicates that a Generic Service has already been configured in this cluster. In

this situation, see the alternative procedures at On Windows 2008 R2 when trying to add

Remote Desktop Connection Broker... (http://go.microsoft.com/fwlink/?LinkId=191563).



9. Follow the instructions in the wizard to specify the following details:

A name for the clustered instance of Remote Desktop Connection Broker. This name

will be registered in DNS. You will specify this name (not the name of a physical

server) for the RD Connection Broker instance to be used by RD Session Host (in

virtual machine redirection mode).

Any IP address information that is not automatically supplied by your DHCP

settings—for example, a static IPv4 address.

After the wizard runs and the Summary page appears, if you want to view a report of the

tasks that the wizard performed, click View Report.

10. To close the wizard, click Finish.

11. In the console tree, make sure Services and Applications is expanded. Right-click the

clustered Remote Desktop Connection Broker that you just created, click Add a

resource, and then click 4- Generic Service.

12. In the New Resource Wizard, scroll down in the list of services and then select

RemoteApp and Desktop Connection Management.

Figure 10 New Resource Wizard

13. Click Next twice and then click Finish to close the wizard.

14. In Server Manager (not Failover Cluster Manager), expand Configuration and then click

Services. Scroll down until you see the Remote Desktop Connection Broker service

and the RemoteApp and Desktop Connection Management service. If the services are

started, right-click each one and then click Stop.

15. In Failover Cluster Manager (not Server Manager), in the console tree, right-click the

clustered Remote Desktop Connection Broker that you created. If Take this service or

application offline is available, click it and when prompted, confirm your action.

Otherwise, skip to the next step.

16. In the console tree, right-click the clustered Remote Desktop Connection Broker again,

and then click Bring this service or application online.

Step 5: Configure a certificate and additional settings on the first server

At this point, a number of items must be configured on the first server, the one that you

configured as a one-node failover cluster. These items include DNS settings, a certificate, and

settings for the RD Session Host role service. The certificate is needed so that clients can verify

the identity of the RD Session Host server and encrypt communication between the RD Session

Host server and the client.

1. Create (or work with your DNS or network administrator to create) one or two host

resource records that map to the fully qualified domain names of all servers that will be in

the failover cluster:

If all of your clients run version 7.0 or later of RDC, create one record. The name in

this record references the common name of the certificate that clients will use.

If you have clients running a version of RDC earlier than version 7.0, create an

additional record. This record will not have an associated certificate.

The host resource record or records are necessary for DNS round robin. In later steps in

this document, you will specify host resource record names as part of the configuration

for virtual desktops. After you perform the appropriate configuration steps, the names will

be made available in the RDP file that clients use to connect to personal virtual desktops.

2. Obtain and deploy a certificate that meets the requirements of your organization. This

certificate, used by clients that run version 7.0 or later of RDC, verifies the identity of the

RD Session Host server and encrypts communication between the RD Session Host

server and the client. The common name of the certificate should match the name of the

corresponding resource record created in step 1. Use the same certificate for all the

servers in the cluster.

For general information about using certificates, see Common Scenarios for Using Active

Directory Certificate Services (http://go.microsoft.com/fwlink/?LinkId=190315).

3. Add the appropriate servers to the Session Broker Computers group on the first server.

To do this:

a. On the server that you configured as a one-node failover cluster, in Server Manager,

To configure a certificate and additional settings on the first server in the configuration



expand Configuration, expand Local Users and Groups, and then select Groups.




Object Types.


f. In the Enter the object names to select box, specify all the servers that you plan to

have in the failover cluster, separating the names with semicolons. (If you have RD

Session Host farm members, also add all of them to the list.)

g. Click OK twice.

4. Configure the virtual machine redirection setting as follows:

a. In Server Manager, expand Roles, expand Remote Desktop Services, and then

click RD Session Host Configuration.

b. In the center pane, right-click the setting that is displayed under RD Connection

Broker, click Properties, and then click the Change Settings button. Make sure that

Virtual machine redirection is selected.

c. In RD Connection Broker server name, specify the name of the clustered instance

of RD Connection Broker, that is, the name that you specified in the High Availability

Wizard. Click OK twice.

Important

Be sure to complete this step. It provides a name that always remains the

same, even if the clustered RD Connection Broker moves from one physical

server to another in the failover cluster.

5. In Server Manager, in the console tree, make sure that RD Session Host Configuration

is selected.

6. In the center pane, under Connections, double-click RDP-Tcp.

Figure 11 RDP-Tcp Properties sheet

7. On the General tab, click the Select button, and then select the certificate that you

deployed to the certificate store. Click OK twice.

8. In the console tree, expand Remote Desktop Connection Manager, click RD

Virtualization Host Servers, and then in the Action pane, click Configure Virtual

Desktops.

The Configure Virtual Desktops Wizard starts.

9. Follow the instructions in the wizard to complete the following tasks:

Specify the RD Virtualization Host server in your configuration.

Specify the host resource record name that you created in step 1 (of this procedure)

for clients that run version 7.0 or later of RDC (for Redirection Settings).

Specify the RD Web Access server in your configuration.

10. On the Summary Information page of the wizard, review the information. If you do not

want to assign personal virtual desktops, clear the Assign personal virtual desktop

check box, and then click Finish. Otherwise, leave the check box selected and then click

Finish.

If you want to assign personal virtual desktops at another time, you can expand RD

Virtualization Host Servers (in the console tree), click Personal Virtual Desktops, and

then in the Action pane, click Assign Personal Desktops to users.

11. If you are not assigning personal virtual desktops, skip to the next step. Otherwise, follow

the instructions in the Assign Personal Virtual Desktop Wizard to select a user, specify

a virtual machine to assign to that user, and confirm the assignment. You can repeat this

process multiple times before clicking Finish to close the wizard.

12. If you want to use a virtual desktop pool in your configuration, take the following actions:

a. In the console tree, make sure that Remote Desktop Connection Manager is

expanded, click RD Virtualization Host Servers, and then in the Action pane, click

Create Virtual Desktop Pool.

b. Follow the instructions in the wizard to select the virtual machines to add to the pool,

the display name for the pool, and a pool ID. Users will see the display name but not

the pool ID.

c. Close the wizard.

d. In the left pane, make sure RD Virtualization Host Servers is expanded, right-click

the name of the virtual desktop pool that you created, and then click Properties.

e. Configure appropriate properties for the pool. For example, on the General tab, if you

want the virtual machines in the virtual desktop pool to automatically save after a set

time if users log off or disconnect, select Automatically save virtual machines and

specify a time (in minutes) in the Wait for box. To close the Properties sheet, click

OK.

13. If you have clients running a version of RDC earlier than version 7.0, in the console tree,

with Remote Desktop Connection Manager still expanded, click RD Virtualization

Host Servers, and then in the Action pane, click Properties. Enable redirection for the

clients, and in Alternative server name, specify the additional host resource record

name that you created for those clients.

Step 6: Deploy the certificate and configure necessary settings on additional servers

At this point, on the servers that you plan to add to the failover cluster, you must deploy the

certificate that you created and configure necessary settings.

As you configure the settings described in the following procedure, make sure that the

settings match the corresponding settings on the first server. The one exception is that if

Important

you create a pool for virtual desktops, you must leave it empty (rather than placing virtual

desktops in the pool), as described in the following procedure.

1. Deploy the certificate that you obtained in the previous procedure on a server that you

plan to add to the failover cluster. Use the same certificate for all the servers in the

cluster.

2. For the server you are currently configuring, confirm that the server name has been

included in the host resource record or records that you created at the beginning of the

previous procedure, Step 5: Configure a certificate and additional settings on the first

server.

3. Add the appropriate servers to the Session Broker Computers group on the server you

are currently configuring. To do this:

a. In Server Manager, expand Configuration, expand Local Users and Groups, and

then select Groups.




Object Types.


f. In the Enter the object names to select box, specify all the servers that you plan to

have in the failover cluster, separating the names with semicolons. (If you have RD

Session Host farm members, also add all of them to the list.)

g. Click OK twice.

4. Configure the virtual machine redirection setting as follows:

a. In Server Manager, expand Roles, expand Remote Desktop Services, and then

click RD Session Host Configuration.

b. In the center pane, right-click the setting that is displayed under RD Connection

Broker, click Properties, and then click the Change Settings button. Make sure that

Virtual machine redirection is selected.

c. In RD Connection Broker server name, specify the name of the clustered instance

of RD Connection Broker, that is, the name that you specified in the High Availability

Wizard. Click OK twice.

Important

Be sure to complete this step. It provides a name that always remains the

same, even if the clustered RD Connection Broker moves from one physical

server to another in the failover cluster.

5. In Server Manager, in the console tree, make sure that RD Session Host Configuration

To deploy the certificate and configure necessary settings on additional servers

is selected.

6. In the center pane, under Connections, double-click RDP-Tcp.

Figure 12 RDP-Tcp Properties sheet

7. On the General tab, click the Select button, and then select the certificate that you

deployed to the certificate store. Click OK twice.

8. In the console tree, expand Remote Desktop Connection Manager, click RD

Virtualization Host Servers, and then in the Action pane, click Properties.

The Virtual Desktops Properties sheet appears.

9. Configure redirection settings:

For clients that run version 7.0 or later of RDC, on the Redirection Settings tab, in

the Server name box, specify the host resource record name that you created at the

beginning of Step 5: Configure a certificate and additional settings on the first server.

If you have clients running a version of RDC earlier than version 7.0, select the

Enable redirection for earlier RDC versions check box, and then for Alternative

server name, specify the additional host resource record name that you created for

those clients.

10. If you do not want to use a virtual desktop pool, skip this step. Otherwise, review the

name and settings you used for the virtual desktop pool that you created on the first

server (the single-node failover cluster). You will use these settings to create an empty

pool. Even though the pool is empty, it will function correctly later when failover occurs.

To create an empty virtual desktop pool:

a. In the console tree, make sure that Remote Desktop Connection Manager is

expanded, click RD Virtualization Host Servers, and then in the Action pane, click

Create Virtual Desktop Pool.

b. Click Next to progress through the Welcome page and the Select Virtual Machines

page.

A message box appears, saying that you have not selected any virtual machines for

this pool. Because you already selected the virtual machines when you configured

the first server, do not add virtual machines now. Click Yes to confirm that you want

to continue.

c. On the Set Pool Properties page, enter the display name and pool ID that you

specified when you created the pool on the first server. Click Finish to close the

wizard.

d. In the left pane, make sure RD Virtualization Host Servers is expanded, right-click

the name of the virtual desktop pool, click Properties, and configure the same

properties that you configured for the virtual desktop pool on the first server.

11. Return to step 1 in this procedure, Step 6: Deploy the certificate and configure necessary

settings on additional servers, and repeat the process for each of the servers that you will

add to the failover cluster.

Step 7: Add one or more additional servers to the failover cluster

After an additional server has been configured to match the server in the one-node cluster, you

can add the additional server to the failover cluster. You can repeat this process to add more

servers to the failover cluster.

1. If you have not already run validation tests on all the servers you plan to include in the

cluster, run the Validate a Configuration Wizard as described in Step 3: Validate the

cluster configuration.

2. On a server that you want to add to the failover cluster, review the configuration settings

for the Remote Desktop Services server role to confirm that they match the settings on

each server that is already in the cluster. Note, however, that if you configure a virtual

To add one or more additional servers to the failover cluster

desktop pool on a server other than the first server, you should leave the pool empty

(without virtual desktops in the pool).

3. On the server that you want to add, start Server Manager, expand Configuration, click

Services, and scroll down until you see the Remote Desktop Connection Broker

service and the RemoteApp and Desktop Connection Management service. If the

services are started, right-click each one and then click Stop.

4. On a server that is already in the failover cluster, click Start, click Administrative Tools,

and then click Failover Cluster Manager. If the User Account Control dialog box

appears, confirm that the action it displays is what you want, and then click Yes.

5. In the Failover Cluster Manager snap-in, if the cluster that you created is not displayed, in

the console tree, right-click Failover Cluster Manager, click Manage a Cluster, and

then select or specify the cluster.

6. In the console tree, select the cluster, and then in the Actions pane, click Add Node.

7. Follow the instructions in the wizard to specify the server to add to the cluster.

8. After the wizard runs and the Summary page appears, if you want to view a report of the

tasks the wizard performed, click View Report.

9. To add another server, repeat the procedure.

Step 8: Complete the configuration and test failover

After you have added all intended servers to the failover cluster, be sure to complete the

configuration and test failover, as described in the following procedure. One of the actions that

you perform in the procedure is to check the quorum configuration to ensure that it is appropriate

for the number of nodes in the cluster (an even number or an odd number of nodes).




2. In the Failover Cluster Manager snap-in, if the cluster that you created is not displayed, in

the console tree, right-click Failover Cluster Manager, click Manage a Cluster, and

then select or specify the cluster.

3. If your cluster has an odd number of nodes, or if it has an even number of nodes and you

want to use the quorum configuration called Node and File Share Majority, skip this

step. Otherwise, if your cluster has an even number of nodes and you want to use Node

and Disk Majority, in the console tree, expand the cluster and then expand Storage.

Check to see if there is a disk in Available Storage for the disk witness (part of the Node

and Disk Majority quorum configuration). If you need to add a disk to Available

Storage, in the Actions pane, click Add a disk and follow the steps in the wizard.

Before you can add a disk to Available Storage, it must be accessible from both nodes

To complete the configuration and test failover

in the cluster. A disk to be used for a disk witness can be a relatively small disk, but not

less than 512 MB in size. For more information about the disk witness and the Node and

Disk Majority quorum configuration, see Failover Cluster Step-by-Step Guide:

Configuring the Quorum in a Failover Cluster


4. In the console tree, right-click the cluster, click More Actions, and then click Configure

Cluster Quorum Settings.

5. Follow the instructions in the wizard to configure the most appropriate quorum

configuration for the availability of your cluster:

If the cluster has an odd number of nodes, Node Majority is the recommended

quorum configuration.

If the cluster has an even number of nodes, either Node and File Share Majority or

Node and Disk Majority is the recommended quorum configuration. If you choose

either of these configurations, the wizard will prompt you to specify an appropriate file

share (for a file share witness) or disk (for a disk witness).

6. Finish and close the Configure Cluster Quorum Wizard (but leave Failover Cluster

Manager running).

7. Perform a basic test of failover for the clustered Remote Desktop Connection Broker. To

do this, in Failover Cluster Manager, right-click the clustered Remote Desktop

Connection Broker, click Move this service or application to another node, and then

click an available choice of node. When prompted, confirm your choice.

You can observe the status changes in the center pane of the snap-in as the clustered

service or application is moved.

8. With the clustered Remote Desktop Connection Broker still running on the node that you

just moved it to (not the node that was the first node in the cluster), test the configuration.

To do this, open a browser connection to the RD Web Access server and click an

application icon. If you cannot open the application, review the following:

Use the troubleshooting procedures that you would use if RD Connection Broker

were on a standalone server instead of a cluster. For example, check the host

resource record, the certificates, and the settings that provide RD Connection Broker

with information about other servers in the Remote Desktop configuration. Also

confirm that all servers in the failover cluster are configured identically for all settings

related to Remote Desktop.

For a set of scripts that you can use for testing your configuration, see Verify

Connection broker cluster configuration

(http://go.microsoft.com/fwlink/?LinkId=188508). For a list of scripts related to

Remote Desktop Services, see Additional references, later in this topic.

To see a table of key settings specifically related to clustering an RD Connection

Broker, see Appendix A: Differences between a clustered RD Connection Broker and





a standalone RD Connection Broker.

View events in Failover Cluster Manager. To do this, in the console tree, right-click

Cluster Events, and then click Query. In the Cluster Events Filter dialog box,

select the criteria for the events that you want to display, or to return to the default

criteria, click the Reset button. Click OK. To sort events, click a heading, for

example, Level or Date and Time.

Still on the server that currently owns the clustered RD Connection Broker, in Server

Manager, expand Configuration, click Services, and scroll down until you see the

Remote Desktop Connection Broker service and the RemoteApp and Desktop

Connection Management service. If the services are stopped, in Failover Cluster

Manager, repeat steps 7 and 8 in this procedure (taking the clustered instance offline

and bringing it online). Then return to the Services snap-in to see if the services have

started.

9. Repeat the testing process described in steps 7 and 8 until you have confirmed that the

clustered RD Connection Broker runs correctly regardless of which cluster node it is

running on.

Appendix A: Differences between a clustered RD Connection Broker and a standalone RD Connection Broker When you create a clustered RD Connection Broker, you configure certain settings differently

than you would for a standalone RD Connection Broker server. The following table provides a

condensed list of those settings that differ:

Action needed to configure RD

Connection Broker in a failover

cluster

Interface where setting is

configured

Setting

Create a clustered instance of

RD Connection Broker, rather

than running RD Connection

Broker on a standalone server.

After creating the cluster, in

Failover Cluster Manager, run

the High Availability Wizard.

When creating the clustered

instance, choose Remote

Desktop Connection Broker

from the list of services and

applications.

Configure the RemoteApp

and Desktop Connection

In Failover Cluster Manager,

run the New Resource

For the clustered instance of

the Remote Desktop

Action needed to configure RD

Connection Broker in a failover

cluster

Interface where setting is

configured

Setting

Management service to run in

the context of a clustered

instance on a failover cluster,

not on a standalone server.

Wizard. Connection Broker, add a

Generic Service resource and

select the RemoteApp and

Desktop Connection

Management service.

For the virtual machine

redirector, specify the

clustered instance of RD

Connection Broker, not the

name of a physical server.

In RD Session Host

Configuration, open the RD

Connection Broker Settings

dialog box (the dialog box

where Virtual machine

redirection is selected as the

mode).

For the virtual machine

redirector, adjust the RD

Connection Broker Name to

specify the clustered instance

of RD Connection Broker.

On all servers in the cluster, in

the Session Broker

Computers group, include all

servers that are in the cluster,

not just a single standalone

server.

In Local Users and Groups, in

Groups, open Session Broker

Computers Properties.

In the Session Broker

Computers group, add all

servers that are in the cluster.

Ensure that the host resource

record or records map to all

servers in the failover cluster,

not just to one standalone

server.

In a DNS interface, specify one

or more host resource records.

Host resource records must

map to the fully qualified

domain names of all servers

that are in the failover cluster.

If you use a virtual desktop

pool, on the first server in the

cluster, place virtual desktops

in it and configure it as you

normally would. On later

servers, leave the pool empty,

but give it the same name and

other properties as you gave it

on the first server.

In the console tree, make sure

that Remote Desktop

Connection Manager is

expanded, click RD

Virtualization Host Servers,

and then in the Action pane,

click Create Virtual Desktop

Pool.

On the first server, on the

Select Virtual Machines

page, select virtual machines.

On later servers, do not select

virtual machines on this page.

Additional references Remote Desktop Services (http://go.microsoft.com/fwlink/?LinkId=154440)


What's New in Remote Desktop Services (http://go.microsoft.com/fwlink/?LinkId=185916)

Install the RD Session Host Role Service (http://go.microsoft.com/fwlink/?LinkId=185917)

About Dedicated Farm Redirection and Virtual Machine Redirection

(http://go.microsoft.com/fwlink/?LinkId=185918)

Remote Desktop Connection Broker (http://go.microsoft.com/fwlink/?LinkId=185919)

Verify Connection broker cluster configuration

(http://go.microsoft.com/fwlink/?LinkId=188508)

Remote Desktop Services Script Repository (http://go.microsoft.com/fwlink/?LinkId=190312)







Documents

Deploying Remote Desktop Connection Broker with High ... · Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide A failover cluster is a group of independent