• ARTICLES
SEARCH

How-To Geek

IT: How to Set Up Your Own Terminal Server Using Remote Desktop Services On Server 2008 R2

bleeeh

In today’s IT learning article, we are going to take a look at installing Terminal Services, otherwise known as Remote Desktop Services, on a Server 2008 R2 machine.

Note: this is part of our ongoing series teaching IT administration basics, and might not apply to everybody.

What is Terminal Services (Remote Desktop Services)

Starting with Server 2008 R2, Terminal Services has been renamed to Remote Desktop Services. RDS, as it is abbreviated, allows you to have a powerful server that all your users connect to using the Remote Desktop Protocol (RDP). You can think of it as a computer that lots of people remote desktop into at the same time, however they all have there own user session and desktop, and are completely unaware of each other. All you applications are installed once and available for any user to run. The user can remote into the server using the Remote Desktop Connection Manager included in Windows or more often than not can connect from thin clients, in fact they can connect from anything that implements the Remote Desktop Protocol.  If you are looking to save money and already have old machines, you should look at the recently launched OS from Microsoft called Windows Thin PC, which essentially turns your machines into thin clients.

Things to Watch Out For:

  • Application Licensing: Not any application can be installed on a Remote Desktop Server. A prime example is Office 2010. If you want to install Office on a RDS Server you will need the Volume License version, or you wont be able to install it
  • Client Access Licenses: Connecting to a RDS Server also requires licenses in the form of Per User or Per Device Client Access Licenses, this is what allows more than a single user to remote into the server. Although you will still need to purchase licenses, buying CALs is way cheaper than buying everyone a new Windows 7 license.

Note: The applications you wish to run on the Remote Desktop Server should not yet be installed, they should only be installed once you have installed the Remote Desktop Session Host Role.

Installing Remote Desktop Services

Open the Server Manager and right-click on roles, select Add Roles from the context menu

sshot-3

Click next on the Before You Being page to bring up a list of Roles that can be installed, select Remote Desktop Services and click next

sshot-4

On the Introduction To Remote Desktop Services page click next, this will bring you to the Role Services page, select the Remote Desktop Session Host as well as the Remote Desktop Licensing Service and then click next.

sshot-5

When you get to the application compatibility page it tells you that you should install the Session Host Role before you install your applications, just click next as we have not yet installed our applications. You are then asked if you want to require NLA, this will only allow Windows clients to connect to the Remote Desktop Session Host Server, in addition they must be running a Remote Desktop Client that support Network Level Authentication. I will go ahead and require NLA and then click next

sshot-6

Now you have to choose a licensing method, most of you guys wont have Remote Desktop Client Access Licenses, so you can leave your option at Configure Later this will give you unlimited access to the Remote Desktop Server for 4 Months (120 Days). However, if you do have licenses here is some information help you make your choice:

Licensing Modes

The licenses you purchased can be used either as Per User or Per Device. It is purely up to you, however if you already have a RDS Licensing Server you will have to choose the same option you chose when importing the licenses originally.

  • RDS Per User CAL –  This means that every user that connects to the RDS Server must have a license. The user is assigned the license rather than the devices that he/she connects to the server from. This mode is a good choice if your users want to connect from a lot of different computers or devices (iPad, Home PC, Laptop, Phone etc)
  • RDS Per Device CAL – If your users share a common workstation this is the mode for you, the license is given to the device rather than the users, this way many people can connect from a single device. However, if they try to connect from a different device they will not be able to since their user account doesn’t have a license.

I will leave mine at configure later and click next

sshot-7

Now you should specify who can connect to the Remote Desktop Server, I will just add my user account (Windows Geek), then click next

sshot-8

You are now given the option of making the RDS Server look and act more like Windows 7, this is to avoid users getting confused when they see the classic theme. I will enable the all the settings, it requires more bandwidth though, so take your network traffic into account before going click-happy and selecting everything. Once you have made your choice click next

sshot-9

Since we are running Server 2008 R2, we don’t need to specify a Discovery Scope so just click next again

sshot-10

Finally you can click on install.

sshot-11

Once installation is complete, reboot your server, when you log in the configuration will complete. That’s all there is to installing a Remote Desktop Server.

Activation

If you need to install your licenses you can do it through the RD Licensing Manager. You will need to activate the Server first though. I wont go through this, as it is self-explanatory.

sshot-12

Once you have installed you Licenses you will need to specify a license server for the RDS Session Host to use, to do this, open the RDS Session Host Configuration MMC

sshot-13

When the console opens double-click on the Remote Desktop license servers link.

sshot-14

Now you can specify your licensing mode and then hit the add button to specify a licensing server.

sshot-15

As I said before, you can skip this activation section and use Remote Desktop Services for 120 Days before you need to purchase a CAL. Once you have done this you will need to install your applications. However you cant just install them in any fashion you want, there is actually a special method for installing applications on a Remote Desktop Server.

Taylor Gibb is a Microsoft MVP and all round geek, he loves everything from Windows 8 to Windows Server 2012 and even C# and PowerShell. You can also follow him on Google+

  • Published 01/16/12

Comments (10)

  1. TheFu

    A remote desktop article without any mention of using a VPN or seccurity. Impressive.
    Perfect for the corporate LAN user, not so much for anyone outside the firewall.

  2. Taylor Gibb

    Well you could simply use port forwarding

  3. Kurt

    With 2008 R2 is it now possible to share only a specific application (like with Citrix software) or do you still have to offer the whole server desktop?

  4. TheFu

    @Taylor – I think you misunderstand. RDP historically hasn’t been considered secure enough to use without a VPN. Has that changed with R2? http://www.windowsecurity.com/articles/Securing-Remote-Desktop-Services-Windows-Server-2008-R2.html may help explain the concerns. We know that issues with TLSv1.0 exist

    If you are in a corporation chances are that the server team and firewall/network team are managed by different groups. Opening a port that doesn’t use heavy encryption + 2-factor authentication ain’t gonna happen except at smaller, less sophisticated IT shops. Everyplace that I’ve worked has required an IPsec-based VPN for RDP to be used over a WAN connection.

    Do you believe those corporate security experts are overly cautious and the addition of VPN isn’t needed for RDP to be allowed over internet connections?

  5. Clint

    You can share single applications, and deploy a single file to the client, so they can get access after they login with their user credentials.

  6. Taylor Gibb

    @TheFu I totally miss understood what you meant. But i can say that there is a new role service in R2 called the Remote Desktop Gateway which will sit on the perimeter of your network and listens on port 443 which is normally open in most corporate environments, The users connect to the gateway with an SSL encrypted session and then get fed to the Remote Desktop Servers. That is the proper way to do things, as far as Network Level Authentication goes i did mention that i would keep it enabled, but of course you can only do this if you are only running Windows Clients.

    @Kurt yes you can that particular feature is called RemoteApp

  7. Tony

    Or an RDP Gateway, but that might be outside of the scope of the article. I think it was well written as a basic understanding on how to get an RDP server up and running. @TheFu, Instead of being pretentious and obnoxious about it, and believe me, I understand how much fun that can be, HTG isn’t the place to do it. Take that silliness to Reddit or 4Chan, grownups are talking here.

    I really do love these IT professional articles. They solidify concepts many of us have learned either through trial and error, reading TechNet or pursuing professional certification. HTG articles lay out the tech in plain English, and “unmuddy” the proverbial waters. Keep these up, they’re helpful.

  8. jasray

    Wondering if VMware Server or VMware vSphere Hypervisor (both free, EOL for Server) would make a better choice for most users. Can easily convert already made virtual machines, etc. Convenient and wonderful.

  9. John

    Can you use a technet subscription to install Office? or will that not even work for a testing scenario? i wouldn’t want to commit to a VLK only to see that our two weakish servers cannot handle or support our staff.

  10. Taylor Gibb

    Yes you can use a technet VLK key, how many users do you have and what are the specs of your machine? i have personally seen 90 users running off a P4 machine running office 2010

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!