1/26/2018 Hosting Windows Desktops and Applications Using Remote Desktop Services and Azure Windows Server 2016 + Azure Resource Manager © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Module Outline What is Remote Desktop Services (RDS)? Technical overview Demonstrations Scale guidance Licensing Stay Current
Prerequisites General knowledge of the following is highly recommended. Azure portal Azure virtual networking Azure virtual machines Managing virtual machine availability Azure storage Azure SQL Database Storage Spaces Direct in Azure Deploying Windows Server Active Directory on Azure Virtual Machines
Remote Desktop Services 1/26/2018 2:03 PM Remote Desktop Services The platform for your virtual workspace strategy Windows apps anywhere Deployment flexibility Cost reduction Secure extensible platform Enable users to access Windows applications and data from any device and any location On-premises, cloud-based, or hosted deployments Consolidate your infrastructure to improve efficiency Protect against loss and leaks of sensitive corporate data Build customized solutions VALUE PROPOSITION Simple and secure partner access Partner managed identities Customer managed access All partners large and small And by apps I mean: SaaS apps (Office 365, Salesforce, Box) On-premises apps (claims aware only for preview) Mobile or cloud apps 1. Bulk invite 1000’s of users at a time 2. Bulk add invited users to groups and applications 3. Partner managed credentials to access your resources 4. Email verified sign up for Azure AD accounts Windows apps anywhere: RD Client Apps on multiple platforms, including mobile App compatibility and performance with a single client app No need to re-write the Windows-based app Deployment flexibility: Windows Server 2016 enables efficient deployments in the cloud Hybrid deployments Cost reduction: Reduce the number of physical and virtual servers Reduce disaster recovery and security burden Extend lifecycle of client machines Secure extensible platform: Azure AD App Proxy integration Azure AD Domain Services integration Apps and data don’t run on the client device RD client app is manageable using Intune / EMS MAM Strong catalog of partner solutions (hosted apps, layering) © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Solutions to meet your requirements Microsoft Ignite 2015 1/26/2018 2:03 PM Solutions to meet your requirements Session-based desktops and RemoteApp Cost-effective, easy to manage Session-based computing Access to pooled or personal Virtual Desktops running Windows Client OS High performance, app compatibility Virtual Desktop infrastructure Session-based computing in the cloud Remote Desktop Session Host deployed on cloud infrastructure services Customizable with minimum capital expenditure Windows Server session-based applications delivered from the Azure cloud Turnkey solution; scale without large capital expenditure Enterprise Application delivery from the cloud On-premises In cloud © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Remote Desktop Services Components Session Host (RDSH) User’s desktop and applications execute on the RDSH servers Connection Broker (RDCB) Distributes connections to RDSH servers Web Access (RDWeb) Provides user logon and selection of desktops and applications Gateway (RDGW) Routes RDP traffic between the Internet and a tenant’s network License Server (RDLic) Tracks usage of the system Web Access Connection Broker Session Host Gateway database License Server
Microsoft Remote Desktop App Multiple device platforms Windows Windows Phone iOS Mac OS X Android Provides access to Session-based desktops RemoteApp programs Great Windows experience Productivity with secure data
Documentation https://technet.microsoft.com/en-us/library/mt718499.aspx
Auto-Scaling RDSH Servers https://gallery.technet.microsoft.com/scriptcenter/Automatic-Scaling-of-9b4f5e76
Azure Quickstart Templates https://azure.microsoft.com/en-us/documentation/templates/?term=RDS More coming…
Supported Configurations Windows Server 2016 Windows Server 2012 R2 Connection Broker Licensing Gateway Web Access Session Host Not supported in HA NA Supported Not supported Supported in separate collections Recommendations: WS2016 for all RD infra (Web Access, Gateway, Connection Broker, Licensing) Collections of either WS2012R2 or WS2016 Session Hosts.
Differences Between On-prem & Cloud You don’t have to build and maintain hardware fabric. You must monitor and turn-off unused resources to control costs.
RDS Concepts Collections Pooled RDSH collection Farms or sets of RDSH server VMs. Users are assigned to one or more collection. Pooled RDSH collection Users are connected to next available RDSH VM each time they logon. Personal RDSH collection A user is assigned a specific VM and is always connected to that VM each time they logon. Users may be given admin access to the RDSH server. User profile disk (UPD) RDS built-in user profile solution for pooled collections in which each user has a virtual disk that contains their Windows profile information. The UPD is stored on a file share and mounted on the appropriate pooled RDSH VM before logon. User profile disks cannot span multiple collections.
Azure Concepts Resource Group Virtual network Availability set 1/26/2018 Resource Group Azure resources that you want to deploy, manage, and monitor as a group, e.g. vnets, VMs, load balancers, etc. Virtual network Private address space (e.g. 192.168.0.0/24) for virtual machines Availability set 2+ VMs in high availability configuration Load balancer 2+ VMs for Azure load balancer to route traffic across. Public IP Address Used to publish your applications for access over the Internet. Source IP affinity load balancer distribution mode Connections from a client connected to the same RD Gateway VM Cloud Service was replaced by Resource Groups and external IP addresses © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Reference Architecture Concepts Basic RDS Deployment Azure deployment Hybrid deployment Extended RDS Deployment RemoteApp collections High availability Auto-scaling
Desktop Hosting Design Goals 1/26/2018 Desktop Hosting Design Goals Secure Strong tenant-to-tenant and tenant-to-provider isolation Performance Quick connect/reconnect, responsive user experience Scalable Wide range of tenant sizes (e.g. 15 to 5000 users) Flexible Desktops & RemoteApps, variety of offerings (e.g. admin access) Reliable Resilient to failures and servicing events © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Tenant Basic Deployment Steps Create tenant’s networking environment Create tenant’s VMs Deploy AD, DNS, and file share Join RDS VMs into AD Domain Run RDS deployment wizard Add RD Licensing, RD Gateway, session desktop collection Secure the deployment Color key: Azure Portal, Server Manager
Basic RDS Deployment - Small 1/26/2018 Basic RDS Deployment - Small Combine for small deployments © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Basic RDS Deployment - Large 1/26/2018 Basic RDS Deployment - Large Separate for larger deployments © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Mobile Worker Access User Access via Internet
Hybrid RDS Deployment 1/26/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Extending Basic Deployment Create custom RDSH image with applications Add RemoteApp collection Add Personal Session Desktop collection High availability and scale out: Add RD Session Host servers to each collection Add RD WEB and Gateway servers to create a farm Create RD Connection Broker cluster using Azure SQL Database Add a second RD License server Add replica domain controller Create Scale-Out File Server (SOFS) for user profile disks Deploy RDSH auto-scaling script
Enhanced RDS Deployment 1/26/2018 Source IP Affinity Availability Sets Auto-Scaling Script Duplicate VM role instances are placed in the same availability set to ensure continuous availability. RDWebGw VM external load balancer is set with IP affinity enabled (unless AAD AppProxy is used). © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.