Complete Guide to setting up Remote Desktop Services in Windows Server 2016
HTML-код
- Опубликовано: 4 окт 2024
- Professor Robert McMillen shows you how to setup Remote Desktop Services in Windows Server 2016. This video covers setting up the server, web deployment, collections, certificates and demonstrates features. This procedure also works on Server 2012 and 2019.
Certificate commands:
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname "RDP"
$pwd = ConvertTo-SecureString -String Passw0rd -Force -AsPlainText
It is very hard to believe that amongst some much rubbish on RUclips, you can actually find a top quality video! Brilliant job Robert :)
So glad to hear it.
I second that, thank you :D
I’m just glad it’s not a robot 🤖 voice
Thank you for making this video , finally a fluent English speaking person who can makes how to videos .
Glad it helped.
I could not even imagine that some can put so simple guide for something Microsoft related. Narration & voice color are like from the commercials. Watched this video, 2 days ago, 2 days in a row I"m browsing youu channel... Unbelievable!
Glad I could help!
This in the best videos for RDP I have came across to date. Well done Robert
Thank you so much for your very clear tutorials. I have waded through a bunch of text and RUclips garbage before I found you. I am not all the way through yet but you are the best teacher out there.
Thanks for watching!
3 years later but this still is useful Robert. I needed a reminder. Thank you
Glad it was helpful!
@@techpub You're welcome
Wow, Robert, what an unabashed pleasure watching your video. Like other commenters, I'm not used to such a crisp presentation with such a precise and fluid speaking style. I'm now a fan.
Thanks for watching and I appreciate the feedback.
Drafted this transcript reference from the Closed Captioning :) Great job, Robert! Thank you!!
PART 1: (PART 2 will be a reply below)
Hello everyone we're on a Windows 2016 server where we will install Remote Desktop Services formerly known as a terminal server. We are on a Windows 2016 domain controller but you can be on a regular domain member server or domain controller doesn't really matter.
let's go ahead and click on add roles and features in our server manager and click Next . Now we have the option to install role-based or Remote Desktop Services. If we do role-based for RDS then we'll have to just basically install it piecemeal. If we install this option [Remote Desktop Services] then it puts all of the different options that we need in at one time which I like a little better. We'll go ahead and click Next now we have the option for standard deployment Quick Start or multi-point. So we're going to choose the standard deployment. The QuickStart does do some shortcuts for you but then you don't really learn anything. The multi-point Services is usually for a different type of server such as one that a school might use. Let's go ahead and click Next so we can start our installation.
Now the option for virtual desktops which is this first option here, virtual machine-based desktop deployment or session-based. So the difference is virtual desktop or virtual machine-based desktop deployment allows us to create a different virtual machine for every user that logs in and we would have to install hyper-v as well and so we're not going to show that in this video we're gonna do the session based and that's where everyone shares the same server but they get their own customized desktop. Not as secure as virtual desktops but definitely less expensive and faster to deploy. Let's go ahead and click Next. Here are the three remote desktop services that we're going to install today that will happen automatically and these are the three minimum ones. We can install additional ones if we want. We can ignore all of them except for the session host if we want, but these are the ones that it wants to try to install at minimum, but I will go ahead and click Next and I'll show you how each one works.
So we see the remote desktop connection broker service and we'll go ahead and click that. We want to add that service and then we'll click and then it's going to give us the option for the Internet Information Services or a remote desktop web server. Let's go ahead and choose to install that as well, and we'll click Next, and same thing with the remote desktop session host server. This is the only one we really need even though it shows us the three there and that's because the session host server basically keeps track of all the sessions and manages them. Let's go ahead and click Next, and now we'll go ahead and choose yes. You can restart the servers if you need to and click deploy now. This could take anywhere from a few minutes depending on the speed of your server all the way up to an hour, so just go ahead and watch as long as the bars are moving forward then you should be fine. It is doing the installation process and our server is now restarting so it was successful. We'll wait for it to restart and then we'll log in and take it from there.
[Remote Desktop Connection Broker tends to cause problems, and may require TLS 1.2 so skip it unless it's really needed]
We've logged back into our server and it shows that all of our different roles were successful. Go ahead and click close. Now I have remoted into the server using a Remote Desktop and one other thing that we need to make sure that we do is go into the control panel in order to allow this to happen and go to system and then remote settings and then make sure under the remote tab you have “allow remote connections to this computer”.
Now if you're connecting to a computer that's a member of the domain, you can check “allow connections only from computers running this NLA type of authentication”, but if you're connecting from a non domain computer, which what I'm doing, then you can make sure that you have that unchecked, otherwise you won't be able to log in.
Alright, once you have that set correctly, you can also click on select users. Now I'm only logging in as the administrator, but if you want to log in as other users you can go ahead and search for those names. Now that gives the right to log in using a remote desktop to a server. Now you'll have to be a member of the remote desktop users group, so we'll go to tools, Active Directory, users and computers, and from here we can go to and search for -- we'll just type in remote, and there it is: “remote desktop users” [the "built in" group doesn't work, must create a new one] group. You can just go ahead and click members and you can add anyone that you want to that group and they'll automatically have their rights to get in.
So once that's done, we're gonna go to this new section here that wasn't there before, It says Remote Desktop Services. So we'll go ahead and click on that. Now anything that has a plus and it means that it has not been configured. If it's grayed out, it means it's configured and ready to use. So if we go to the tasks menu we can edit our deployment properties, we've already deployed everything, but now we want to edit it so we've got here a Remote Desktop gateway and remote desktop licensing. Let's go ahead and start by clicking on the licensing and we'll add our server that we're working with right here as a licensing server.
Now by default we're going to have about I believe 120 days automatically added for unlimited use so as many as people as we want to have connected to it after that we'll need to add licenses into our licensing service so once this is installed, then it's going to look to this particular server to get any Remote Desktop licenses or client access licenses, or CAL's we call them, and we'll go ahead and click close. And now you see this is grayed out because it has been configured.
Now we have RD gateway. So this is a little bit of a controversial type of role to add, so if you're going to be Internet facing, then I recommend you use the RD gateway and you'll have to use a public certificate in order to keep people from getting certificate errors unless you deploy the certificate using group policy which usually isn't an easy thing to do for computers that are already in the field, so you can't get group policy applied unless you VPN in first, and if you don't have VPN turned on and the computers never get into the the office then you can never get that installed, so I would definitely recommend RD gateway with a public certificate if you're going to be allowing outs users in it does. The controversy comes in where it adds a lot of additional security and sometimes it breaks things, so you can deploy this out on the Internet without the RD gateway role if you would like, and still use a public certificate, but I definitely recommend you add the Gateway because it does add additional security. But we'll just go ahead and leave that off because we're only going to be accessing this from the inside or from the LAN, so there's no need to have that gateway additional security added in.
Glad it could help and thanks for watching.
I deployed RDS during the walkthrough, absolutely brilliant video!
Awesome, thank you!
Thanks, It's nice to be able to watch one of these videos by someone without a thick accent
Aye laddy.
The way you explain difficult stuff is magical Sir!! More power to you!
Much appreciated!
Absolutely excellent! You left me in the dust a hundred times but, thanks to being able to back up and go over it a hundred times I got there. Very clear audio. Very clear presentation. Thank you!
Great to hear!
Thank you so much! This is the best Guide.
finally solved the internal application problems which didn't work with VPN
Glad I could assist.
It is great stuff - even I'm not a server-side person even can understand easily what needs to do for remote desktop. Absolutely brilliant.
Awesome!
The Best tutorial I have ever seen. I have had to implement these services a few times and struggled with misinformation or hard to follow. Thank You for this
I appreciate the feedback!
Awesome video. I sppent my whole day watching wrong viseos and it wasnt working untill i watched your video. Thanks Sir
Great to hear!
Wish you could create a video for the RD Gateway role. But this was a great refresher now that I have to do another deployment for a new client after a couple years. Highly appreciated!
I will add it to the list.
Excellent video easy to follow. After reviewing multiple You Tube how to videos, I found this video which helped me finally get Remote Desktop Connection to actually work.
Thanks Robert...
Thanks for watching!
Hi Robert. I have struggled to understand most of the videos for the same topic. You just made it so easy to understand. Thank you. keep up the great work.
Glad it was helpful!
Thanks a lot Robert. You made this video very much simple to understand. Hats off to you.
Glad it was helpful!
Thanks Robert for your guidance and the precise instructions. Helped me out a lot!
Great to hear!
Thank you very much for taking the time to create and publish this tutorial.
.
You're welcome!
Many thanks. I always wondered how this was setup. Now i actually have some insight into my company have this setup.
Glad it helped.
Wow, so good that I pushed this out into production :)
Nice!
Robert, this is brilliant! Thank you! It worked perfectly for me!!
Impressive work. Thank you for this high quality video.
Glad you enjoyed it!
Excellent video, easy to follow and explained well. Thank you Robert.
So glad I could help.
what a simple explanation and so nice voice. Top class stuff !!
Thank you kindly!
This is amazing Robert thank you!
Glad to hear it helped you out.
Very informative, thanks so much for publishing this! :)
Very good video. Easy to follow. Clear. Straight forward.
Glad it helped.
Damn great tutorial video! Well done Robert, thank you
Thanks for watching.
Great video, one of the best I've ever seen :)
Thanks a lot, very clear and simple. btw it works on Windows Server 2019 too 🙂
You are welcome!
Finally a real good guide, thank you.
But unfortenately you don't show how to use the regular Win Remote Desktop, the vid stopped just before that step, as I saw it - I was finnaly loooking forward to that part...
Or have I totaly mixed them up? Then I¨m lost again. Since I can't get that to work with others guides so far.
(I will try this guide tomorrow. More deep and bettter explained than others). Thanks Robert..
There is a part about opening up the desktop using the remote desktop application. If you're thinking of a different one just let me know what it is.
Thanks for this wonderful and detailed session on Remote Desktop Services.
Glad it helped you!
Great Video. simple to understand . Well done Robert!
Much appreciated!
Thank you excellent video with clear explanations!!
Glad I could help.
Helped me tons, appreciate it!
Glad it helped!
Thanks Robert, a really helpful video, just the info I was looking for.
Glad it was helpful!
Very nice video. I really liked the amount of detail WITHOUT all the techy stuff. Unfortunately, this did not work for me. I am trying to set up a 2016 Terminal Services server and I ran into an error where the Powershell remote something or another had to be active. Had to go back to the piecemill method and install the licensing. Thanks though.
Just what I was looking for, thank you!
Glad it helped you!
Awesome video. Much appreciated.
Glad it helped. Please consider subbing.
Very clearly explained well made video, thank you so much for making this!
Glad it helped.
Great tutorial. Exactly what I was looking for! Thanks!
So glad I could help.
Excellent Video
Glad I could help.
This is really helpful. Thanks a lot Prof McMillen. :)
You're very welcome!
Awesome manual. Thank you very much for your help.
All in details! You did a great job 👏
Glad you liked it. Thanks for watching!
Really clearly explained video. Thank you so much for making it!
Glad it helped you!
Incredibly well explained! Well done!
You are welcome. Thanks for watching.
you are brillient sir .....good job
Glad I could help!
This tutorial was great!
Thanks for watching!
Excellent video Prof. Do you have one where you discuss setting up Connection Broker on a separate server for handling RDS servers in a High Availability environment? Would like to see that because it is very different than doing it for 2008R2. Thanks again for the videos
Well done Robert. This helped me a lot!
Glad to hear it.
Thanks! You are Brilliant!
Glad to help!
Well explained. Great job Robert :)
Glad I could help!
Worth watching it!
Glad it helped!
Thanks, Robert. Very well explained..
You're welcome. Glad you stopped by.
Hi Robert, excellent reference video, concise, precise and practical.
Awesome walk-through. However, I have some minor problems understanding the concept. In the company I work for I have admin access to a barebone server with Win 2016 Server on it.
On that server I have installed a guest system Win Server 2016 as a virtual machine and added this VM to the domain of the company.
So now I can RDP into the VM, which is Win Server 2016, with my domain (administrator) account. I was also able to let normal users access it by creating a security group for just this purpose. But everyone is on a SERVER environment.
What I once saw in another company was that people have on their physical desks just a tiny mini-PC and they use RDP to work on their personal (non-server) account on a remote machine.
So I was under the impression I have to enable Win server 2016 to hand out "normal" Windows Pro environments to each user that connects via RDP.
This is why I watched your tutorial.
But I am confused because in the end you log into RDP and it shows your exact SERVER environment you where working on all the time.
How can I supply normal users with Win Pro (non-server) environments to work on?
Also: You used the DNS Manager to setup a hostname for the remote access. On my Win Server 2016 VM I don't have this option (DNS Manager is not installed). I probably could install it. But I guess it's not necessary anyway, since I am on a domain already, right?
I see the issue. It is true that when the users log in, they'll see the server environment, but you can use group policy to keep server manager from launching and other programs as well. It will never look like Win 10 though.
Brilliant Sir
Thanks for watching!
Excelent tutorial!!! the best one in the internet
Glad it was helpful!
thank for your easy English, your video.
Glad to hear it helped.
Thanks for making this video, something to try this weekend. :)
Have fun with it. I did.
Hi Robert, great how-to, thanks for sharing! One question, does IIS need to be installed or the Web component inclusion will install it?
Glad to help! When setting up the web component, it will install.
good summary of M$ RDS.
Thanks for watching!
This was such an amazing tutorial. I only had one issue at the very end. When I'm logged into the rdweb and I try to launch the Remote Desktop Connection app it does not auto populate the server field. I was however able to manually type in the server name and remote into the server. Not sure if there is a fix for this.
Also, do you teach any classes on Udemy or anything? I had so much fun learning this with you as the instructor. Thank you!
Glad it helped. I teach a lot of Lynda.com/ LinkedIn Learning classes along with Pluralsight. I have stayed away from UDemy because they stole my classes in the past and wouldn't pay the royalties they took from me.
Thank you Professor very helpful!
Glad it was helpful!
Awesome video. Thank you!!
Glad you liked it!
Was the $pwd required, you define $pwd in PowerShell but I don' see how $pwd was applied to the selfsign cert ?
You could include the password in the command but this is faster.
OK - I get how the web interface could be handy... but when the users are on a site to site VPN wouldn't I just load RDP on their workstation and have them directly connect without that extra step?
Correct. no web needed. Just just mstsc from command line or open remote desktop connection from the search menu.
Well explained, thank you sir!
You are welcome!
I'm currently trying this setup but for my remote users outside of the local network, how can I create the right certificate since outside of my local network I can only access it by port forwarding thru my firewall?
Hi Robert, I have referred to this video so many times, it is brilliant. I have one question though... Do you have the steps on using a certified SSL certificate instead of a self-signed certificate?
Glad it helped! I will add this to my Windows Server 2022 video. Basically, you just buy the public certificate and then use it instead of the self signed one you saw in the video.
Perfect!. Thank you very much.
really great guide. Thanks
Glad it was helpful!
Great. Thanks.
Is it somehow possible to directly stream the whole desktop session via https (and not connect via rdp / download a .rdp-file)?
Thanks
Great Video!!! thank you for publishing.
Glad it helped!
We are planning to setup a Microsoft RDS (Remote Desktop Services) on our Datacenter and want to know some details about the licensing. Here are our concerns:
1. Do we need a Windows Server OS license?
2. Do we need a Windows Server CAL license?
3. DO we need Remote Desktop Services (RDS) CAL as well? If yes, do we still need the Windows Server CAL license and why?
Please let us know the details so we can analyze the server hardware we would require from your side.
Yes to all of those. Give CDW a call and ask for a Microsoft licensing specialist.
The RD Web Access didn't didn't certify the state is warning and the status is error
Very Usefull and detailed, worked for me .
have a small problem tough, remote apps are not showing up
also want to verify that i'm not under trial period and my licences are installed and activated properly...any clues
Hard to say on rmeote apps other than check which group they apply to. The license error will pop up if you're not compliant.
Great Video! By chance do you have a video showing how to configure RD Gateway?
Not yet but I'll add it in my Server 2022 update shortly.
Great job 👍
Thank you! Cheers!
Great video thank you!
Glad you liked it!
Thank you!
Happy to help!
Subscribed. Thank you
Thanks for watching!
Thank you
Glad I could help.
Great Video!! Do you have a follow-up of how to add a second terminal server to share the load of remote connections to that environment? Thank you.
Good idea. I'll do that for the 2022 video shortly. Thanks for watching!
Such a good video. I however am not able to open the file. Unlike your tutorial, when I click the app it downloads the rdp file. When I try to open that downloaded file, it says I cannot connect to the remote computer. Anyone else have the same issue?
You should run a netstat -an | more command on your server and see if it is listening on TCP 3389. If it isn't, then add a firewall rule for inbound on that port.
nice tutorial man thank you :)
Glad it helped. Thanks for watching.
Very good Video!!
Glad you liked it!
Attached is the cert Command @Robert McMillen explains on 8:37 in the video.
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname "RDP"
$pwd = ConvertTo-SecureString -String "Passw0rd" -Force -AsPlainText
Remember to change "Passw0rd" to something different example: "R0bertMc01"
Very helpful.
Any guide for IIS deployment so you can access it over the web?
Perfect! Thank you!
Glad I could help.
Great Help! My deployment will have a broker server and multiple host servers. Do I create a cert from the hosts or the broker?
Whichever server will be your web server is where you would do that, but I strongly suggest you use a public cert for $50 per year instead to avoid web browser cert warnings.
Thanks for helpful video
Glad it helped.
waw, thank's very much.
Very useful Thank you!
Glad to hear it!
Perfect, thanks mate
Glad it helped