Wow, Robert, what an unabashed pleasure watching your video. Like other commenters, I'm not used to such a crisp presentation with such a precise and fluid speaking style. I'm now a fan.
Thank you so much for your very clear tutorials. I have waded through a bunch of text and UA-cam garbage before I found you. I am not all the way through yet but you are the best teacher out there.
Drafted this transcript reference from the Closed Captioning :) Great job, Robert! Thank you!! PART 1: (PART 2 will be a reply below) Hello everyone we're on a Windows 2016 server where we will install Remote Desktop Services formerly known as a terminal server. We are on a Windows 2016 domain controller but you can be on a regular domain member server or domain controller doesn't really matter. let's go ahead and click on add roles and features in our server manager and click Next . Now we have the option to install role-based or Remote Desktop Services. If we do role-based for RDS then we'll have to just basically install it piecemeal. If we install this option [Remote Desktop Services] then it puts all of the different options that we need in at one time which I like a little better. We'll go ahead and click Next now we have the option for standard deployment Quick Start or multi-point. So we're going to choose the standard deployment. The QuickStart does do some shortcuts for you but then you don't really learn anything. The multi-point Services is usually for a different type of server such as one that a school might use. Let's go ahead and click Next so we can start our installation. Now the option for virtual desktops which is this first option here, virtual machine-based desktop deployment or session-based. So the difference is virtual desktop or virtual machine-based desktop deployment allows us to create a different virtual machine for every user that logs in and we would have to install hyper-v as well and so we're not going to show that in this video we're gonna do the session based and that's where everyone shares the same server but they get their own customized desktop. Not as secure as virtual desktops but definitely less expensive and faster to deploy. Let's go ahead and click Next. Here are the three remote desktop services that we're going to install today that will happen automatically and these are the three minimum ones. We can install additional ones if we want. We can ignore all of them except for the session host if we want, but these are the ones that it wants to try to install at minimum, but I will go ahead and click Next and I'll show you how each one works. So we see the remote desktop connection broker service and we'll go ahead and click that. We want to add that service and then we'll click and then it's going to give us the option for the Internet Information Services or a remote desktop web server. Let's go ahead and choose to install that as well, and we'll click Next, and same thing with the remote desktop session host server. This is the only one we really need even though it shows us the three there and that's because the session host server basically keeps track of all the sessions and manages them. Let's go ahead and click Next, and now we'll go ahead and choose yes. You can restart the servers if you need to and click deploy now. This could take anywhere from a few minutes depending on the speed of your server all the way up to an hour, so just go ahead and watch as long as the bars are moving forward then you should be fine. It is doing the installation process and our server is now restarting so it was successful. We'll wait for it to restart and then we'll log in and take it from there. [Remote Desktop Connection Broker tends to cause problems, and may require TLS 1.2 so skip it unless it's really needed] We've logged back into our server and it shows that all of our different roles were successful. Go ahead and click close. Now I have remoted into the server using a Remote Desktop and one other thing that we need to make sure that we do is go into the control panel in order to allow this to happen and go to system and then remote settings and then make sure under the remote tab you have “allow remote connections to this computer”. Now if you're connecting to a computer that's a member of the domain, you can check “allow connections only from computers running this NLA type of authentication”, but if you're connecting from a non domain computer, which what I'm doing, then you can make sure that you have that unchecked, otherwise you won't be able to log in. Alright, once you have that set correctly, you can also click on select users. Now I'm only logging in as the administrator, but if you want to log in as other users you can go ahead and search for those names. Now that gives the right to log in using a remote desktop to a server. Now you'll have to be a member of the remote desktop users group, so we'll go to tools, Active Directory, users and computers, and from here we can go to and search for -- we'll just type in remote, and there it is: “remote desktop users” [the "built in" group doesn't work, must create a new one] group. You can just go ahead and click members and you can add anyone that you want to that group and they'll automatically have their rights to get in. So once that's done, we're gonna go to this new section here that wasn't there before, It says Remote Desktop Services. So we'll go ahead and click on that. Now anything that has a plus and it means that it has not been configured. If it's grayed out, it means it's configured and ready to use. So if we go to the tasks menu we can edit our deployment properties, we've already deployed everything, but now we want to edit it so we've got here a Remote Desktop gateway and remote desktop licensing. Let's go ahead and start by clicking on the licensing and we'll add our server that we're working with right here as a licensing server. Now by default we're going to have about I believe 120 days automatically added for unlimited use so as many as people as we want to have connected to it after that we'll need to add licenses into our licensing service so once this is installed, then it's going to look to this particular server to get any Remote Desktop licenses or client access licenses, or CAL's we call them, and we'll go ahead and click close. And now you see this is grayed out because it has been configured. Now we have RD gateway. So this is a little bit of a controversial type of role to add, so if you're going to be Internet facing, then I recommend you use the RD gateway and you'll have to use a public certificate in order to keep people from getting certificate errors unless you deploy the certificate using group policy which usually isn't an easy thing to do for computers that are already in the field, so you can't get group policy applied unless you VPN in first, and if you don't have VPN turned on and the computers never get into the the office then you can never get that installed, so I would definitely recommend RD gateway with a public certificate if you're going to be allowing outs users in it does. The controversy comes in where it adds a lot of additional security and sometimes it breaks things, so you can deploy this out on the Internet without the RD gateway role if you would like, and still use a public certificate, but I definitely recommend you add the Gateway because it does add additional security. But we'll just go ahead and leave that off because we're only going to be accessing this from the inside or from the LAN, so there's no need to have that gateway additional security added in.
I could not even imagine that some can put so simple guide for something Microsoft related. Narration & voice color are like from the commercials. Watched this video, 2 days ago, 2 days in a row I"m browsing youu channel... Unbelievable!
Absolutely excellent! You left me in the dust a hundred times but, thanks to being able to back up and go over it a hundred times I got there. Very clear audio. Very clear presentation. Thank you!
The Best tutorial I have ever seen. I have had to implement these services a few times and struggled with misinformation or hard to follow. Thank You for this
Excellent video easy to follow. After reviewing multiple You Tube how to videos, I found this video which helped me finally get Remote Desktop Connection to actually work. Thanks Robert...
Hi Robert. I have struggled to understand most of the videos for the same topic. You just made it so easy to understand. Thank you. keep up the great work.
Wish you could create a video for the RD Gateway role. But this was a great refresher now that I have to do another deployment for a new client after a couple years. Highly appreciated!
Excellent video Prof. Do you have one where you discuss setting up Connection Broker on a separate server for handling RDS servers in a High Availability environment? Would like to see that because it is very different than doing it for 2008R2. Thanks again for the videos
Very nice video. I really liked the amount of detail WITHOUT all the techy stuff. Unfortunately, this did not work for me. I am trying to set up a 2016 Terminal Services server and I ran into an error where the Powershell remote something or another had to be active. Had to go back to the piecemill method and install the licensing. Thanks though.
Finally a real good guide, thank you. But unfortenately you don't show how to use the regular Win Remote Desktop, the vid stopped just before that step, as I saw it - I was finnaly loooking forward to that part... Or have I totaly mixed them up? Then I¨m lost again. Since I can't get that to work with others guides so far. (I will try this guide tomorrow. More deep and bettter explained than others). Thanks Robert..
This was such an amazing tutorial. I only had one issue at the very end. When I'm logged into the rdweb and I try to launch the Remote Desktop Connection app it does not auto populate the server field. I was however able to manually type in the server name and remote into the server. Not sure if there is a fix for this. Also, do you teach any classes on Udemy or anything? I had so much fun learning this with you as the instructor. Thank you!
Glad it helped. I teach a lot of Lynda.com/ LinkedIn Learning classes along with Pluralsight. I have stayed away from UDemy because they stole my classes in the past and wouldn't pay the royalties they took from me.
Awesome walk-through. However, I have some minor problems understanding the concept. In the company I work for I have admin access to a barebone server with Win 2016 Server on it. On that server I have installed a guest system Win Server 2016 as a virtual machine and added this VM to the domain of the company. So now I can RDP into the VM, which is Win Server 2016, with my domain (administrator) account. I was also able to let normal users access it by creating a security group for just this purpose. But everyone is on a SERVER environment. What I once saw in another company was that people have on their physical desks just a tiny mini-PC and they use RDP to work on their personal (non-server) account on a remote machine. So I was under the impression I have to enable Win server 2016 to hand out "normal" Windows Pro environments to each user that connects via RDP. This is why I watched your tutorial. But I am confused because in the end you log into RDP and it shows your exact SERVER environment you where working on all the time. How can I supply normal users with Win Pro (non-server) environments to work on? Also: You used the DNS Manager to setup a hostname for the remote access. On my Win Server 2016 VM I don't have this option (DNS Manager is not installed). I probably could install it. But I guess it's not necessary anyway, since I am on a domain already, right?
I see the issue. It is true that when the users log in, they'll see the server environment, but you can use group policy to keep server manager from launching and other programs as well. It will never look like Win 10 though.
Hi Robert, I have referred to this video so many times, it is brilliant. I have one question though... Do you have the steps on using a certified SSL certificate instead of a self-signed certificate?
Glad it helped! I will add this to my Windows Server 2022 video. Basically, you just buy the public certificate and then use it instead of the self signed one you saw in the video.
Whichever server will be your web server is where you would do that, but I strongly suggest you use a public cert for $50 per year instead to avoid web browser cert warnings.
I'm currently trying this setup but for my remote users outside of the local network, how can I create the right certificate since outside of my local network I can only access it by port forwarding thru my firewall?
Very Usefull and detailed, worked for me . have a small problem tough, remote apps are not showing up also want to verify that i'm not under trial period and my licences are installed and activated properly...any clues
15:11 My Chrome browser do not give me this window that run the app. it save the file only, and I have to find it and run it by my self. How to change the behavior of my browser?
OK - I get how the web interface could be handy... but when the users are on a site to site VPN wouldn't I just load RDP on their workstation and have them directly connect without that extra step?
Robert, if the self signed cert that we configured originally is about to expire, do we just go through the original process to get a new cert? Basically just follow your steps again for a new cert to replace the expiring one?
you mention in the video that NLA affects or works for domain joined computers only. Do you have documentation to support that? I have never encountered that before.
@@techpub i haven't seen or read that it has anything to do with active directory. Where active directory can come into play with NLA is that if the host machine is joined to a domain and the users that have RDP permissions are domain users, when connecting via RDP, if the host computer cannot contact AD to authenticate the users, it will fail, but that is the point of NLA is to authenticate a user before they are presented with a Windows desktop login screen. It can work with local account or active directory accounts.
Thanks for the video! When I am setting a jumphost on a member server- I get an error that i must be logged on as a domain user to access the Remote Desktop Services installation option. Is this expected- and does this mean other domain users can also use RDP into the jumphost despite my config being on one of the users only?
And when i do try to set this up via a domain user account- i get an error "unable to connect to the server by using windows powershell remoting ". Pretty lost NGL :(
Thank you so much for your video. I completed the setup as per your instructions. I can see the published apps when I open the rdweb url in a browser. But when I click on any app, it just fails to launch. It shows up the screen of the remote machine and just terminates. Any tips to troubleshoot this issue?
Hey Robert, out of curiosity, can you run the Domain Controller on the same server that you're deploying the virtual machine-based desktop deployment for RDS?
Thanks again for another great vid! Would be nice if you added the command for powershell on your video so we can copy and paste. I'm having trouble creating that certificate on powershell also. Can you help?
This is wonderful knowledge!! I had a query. I had configured RD session collection on my 2k12 machine and now I have done renaming my PC i.e. change the name of 2k12 machine. After renaming, I'm not able to see that RD session collection because server manager now says " no collection on remote pool server". Could you please let me know how can I get back my old RD session in such conditions like after renaming PC name?
Such a good video. I however am not able to open the file. Unlike your tutorial, when I click the app it downloads the rdp file. When I try to open that downloaded file, it says I cannot connect to the remote computer. Anyone else have the same issue?
You should run a netstat -an | more command on your server and see if it is listening on TCP 3389. If it isn't, then add a firewall rule for inbound on that port.
It is very hard to believe that amongst some much rubbish on UA-cam, you can actually find a top quality video! Brilliant job Robert :)
So glad to hear it.
I second that, thank you :D
I’m just glad it’s not a robot 🤖 voice
Wow, Robert, what an unabashed pleasure watching your video. Like other commenters, I'm not used to such a crisp presentation with such a precise and fluid speaking style. I'm now a fan.
Thanks for watching and I appreciate the feedback.
Thank you so much for your very clear tutorials. I have waded through a bunch of text and UA-cam garbage before I found you. I am not all the way through yet but you are the best teacher out there.
Thanks for watching!
Drafted this transcript reference from the Closed Captioning :) Great job, Robert! Thank you!!
PART 1: (PART 2 will be a reply below)
Hello everyone we're on a Windows 2016 server where we will install Remote Desktop Services formerly known as a terminal server. We are on a Windows 2016 domain controller but you can be on a regular domain member server or domain controller doesn't really matter.
let's go ahead and click on add roles and features in our server manager and click Next . Now we have the option to install role-based or Remote Desktop Services. If we do role-based for RDS then we'll have to just basically install it piecemeal. If we install this option [Remote Desktop Services] then it puts all of the different options that we need in at one time which I like a little better. We'll go ahead and click Next now we have the option for standard deployment Quick Start or multi-point. So we're going to choose the standard deployment. The QuickStart does do some shortcuts for you but then you don't really learn anything. The multi-point Services is usually for a different type of server such as one that a school might use. Let's go ahead and click Next so we can start our installation.
Now the option for virtual desktops which is this first option here, virtual machine-based desktop deployment or session-based. So the difference is virtual desktop or virtual machine-based desktop deployment allows us to create a different virtual machine for every user that logs in and we would have to install hyper-v as well and so we're not going to show that in this video we're gonna do the session based and that's where everyone shares the same server but they get their own customized desktop. Not as secure as virtual desktops but definitely less expensive and faster to deploy. Let's go ahead and click Next. Here are the three remote desktop services that we're going to install today that will happen automatically and these are the three minimum ones. We can install additional ones if we want. We can ignore all of them except for the session host if we want, but these are the ones that it wants to try to install at minimum, but I will go ahead and click Next and I'll show you how each one works.
So we see the remote desktop connection broker service and we'll go ahead and click that. We want to add that service and then we'll click and then it's going to give us the option for the Internet Information Services or a remote desktop web server. Let's go ahead and choose to install that as well, and we'll click Next, and same thing with the remote desktop session host server. This is the only one we really need even though it shows us the three there and that's because the session host server basically keeps track of all the sessions and manages them. Let's go ahead and click Next, and now we'll go ahead and choose yes. You can restart the servers if you need to and click deploy now. This could take anywhere from a few minutes depending on the speed of your server all the way up to an hour, so just go ahead and watch as long as the bars are moving forward then you should be fine. It is doing the installation process and our server is now restarting so it was successful. We'll wait for it to restart and then we'll log in and take it from there.
[Remote Desktop Connection Broker tends to cause problems, and may require TLS 1.2 so skip it unless it's really needed]
We've logged back into our server and it shows that all of our different roles were successful. Go ahead and click close. Now I have remoted into the server using a Remote Desktop and one other thing that we need to make sure that we do is go into the control panel in order to allow this to happen and go to system and then remote settings and then make sure under the remote tab you have “allow remote connections to this computer”.
Now if you're connecting to a computer that's a member of the domain, you can check “allow connections only from computers running this NLA type of authentication”, but if you're connecting from a non domain computer, which what I'm doing, then you can make sure that you have that unchecked, otherwise you won't be able to log in.
Alright, once you have that set correctly, you can also click on select users. Now I'm only logging in as the administrator, but if you want to log in as other users you can go ahead and search for those names. Now that gives the right to log in using a remote desktop to a server. Now you'll have to be a member of the remote desktop users group, so we'll go to tools, Active Directory, users and computers, and from here we can go to and search for -- we'll just type in remote, and there it is: “remote desktop users” [the "built in" group doesn't work, must create a new one] group. You can just go ahead and click members and you can add anyone that you want to that group and they'll automatically have their rights to get in.
So once that's done, we're gonna go to this new section here that wasn't there before, It says Remote Desktop Services. So we'll go ahead and click on that. Now anything that has a plus and it means that it has not been configured. If it's grayed out, it means it's configured and ready to use. So if we go to the tasks menu we can edit our deployment properties, we've already deployed everything, but now we want to edit it so we've got here a Remote Desktop gateway and remote desktop licensing. Let's go ahead and start by clicking on the licensing and we'll add our server that we're working with right here as a licensing server.
Now by default we're going to have about I believe 120 days automatically added for unlimited use so as many as people as we want to have connected to it after that we'll need to add licenses into our licensing service so once this is installed, then it's going to look to this particular server to get any Remote Desktop licenses or client access licenses, or CAL's we call them, and we'll go ahead and click close. And now you see this is grayed out because it has been configured.
Now we have RD gateway. So this is a little bit of a controversial type of role to add, so if you're going to be Internet facing, then I recommend you use the RD gateway and you'll have to use a public certificate in order to keep people from getting certificate errors unless you deploy the certificate using group policy which usually isn't an easy thing to do for computers that are already in the field, so you can't get group policy applied unless you VPN in first, and if you don't have VPN turned on and the computers never get into the the office then you can never get that installed, so I would definitely recommend RD gateway with a public certificate if you're going to be allowing outs users in it does. The controversy comes in where it adds a lot of additional security and sometimes it breaks things, so you can deploy this out on the Internet without the RD gateway role if you would like, and still use a public certificate, but I definitely recommend you add the Gateway because it does add additional security. But we'll just go ahead and leave that off because we're only going to be accessing this from the inside or from the LAN, so there's no need to have that gateway additional security added in.
Glad it could help and thanks for watching.
I could not even imagine that some can put so simple guide for something Microsoft related. Narration & voice color are like from the commercials. Watched this video, 2 days ago, 2 days in a row I"m browsing youu channel... Unbelievable!
Glad I could help!
Thank you for making this video , finally a fluent English speaking person who can makes how to videos .
Glad it helped.
3 years later but this still is useful Robert. I needed a reminder. Thank you
Glad it was helpful!
@@techpub You're welcome
Absolutely excellent! You left me in the dust a hundred times but, thanks to being able to back up and go over it a hundred times I got there. Very clear audio. Very clear presentation. Thank you!
Great to hear!
This in the best videos for RDP I have came across to date. Well done Robert
Thanks!
Thanks, It's nice to be able to watch one of these videos by someone without a thick accent
Aye laddy.
The way you explain difficult stuff is magical Sir!! More power to you!
Much appreciated!
I deployed RDS during the walkthrough, absolutely brilliant video!
Awesome, thank you!
Awesome video. I sppent my whole day watching wrong viseos and it wasnt working untill i watched your video. Thanks Sir
Great to hear!
The Best tutorial I have ever seen. I have had to implement these services a few times and struggled with misinformation or hard to follow. Thank You for this
I appreciate the feedback!
Thank you so much! This is the best Guide.
finally solved the internal application problems which didn't work with VPN
Glad I could assist.
Excellent video easy to follow. After reviewing multiple You Tube how to videos, I found this video which helped me finally get Remote Desktop Connection to actually work.
Thanks Robert...
Thanks for watching!
Hi Robert. I have struggled to understand most of the videos for the same topic. You just made it so easy to understand. Thank you. keep up the great work.
Glad it was helpful!
It is great stuff - even I'm not a server-side person even can understand easily what needs to do for remote desktop. Absolutely brilliant.
Awesome!
Helped me tons, appreciate it!
Glad it helped!
Wish you could create a video for the RD Gateway role. But this was a great refresher now that I have to do another deployment for a new client after a couple years. Highly appreciated!
I will add it to the list.
Wow, so good that I pushed this out into production :)
Nice!
Thank you very much for taking the time to create and publish this tutorial.
.
You're welcome!
Thanks a lot Robert. You made this video very much simple to understand. Hats off to you.
Glad it was helpful!
Thanks Robert for your guidance and the precise instructions. Helped me out a lot!
Great to hear!
Robert, this is brilliant! Thank you! It worked perfectly for me!!
Very good video. Easy to follow. Clear. Straight forward.
Glad it helped.
what a simple explanation and so nice voice. Top class stuff !!
Thank you kindly!
Excellent video, easy to follow and explained well. Thank you Robert.
So glad I could help.
Many thanks. I always wondered how this was setup. Now i actually have some insight into my company have this setup.
Glad it helped.
Great video, one of the best I've ever seen :)
Damn great tutorial video! Well done Robert, thank you
Thanks for watching.
Great Video. simple to understand . Well done Robert!
Much appreciated!
Very informative, thanks so much for publishing this! :)
This is amazing Robert thank you!
Glad to hear it helped you out.
Just what I was looking for, thank you!
Glad it helped you!
Well explained. Great job Robert :)
Glad I could help!
All in details! You did a great job 👏
Glad you liked it. Thanks for watching!
Incredibly well explained! Well done!
You are welcome. Thanks for watching.
Great tutorial. Exactly what I was looking for! Thanks!
So glad I could help.
Thank you excellent video with clear explanations!!
Glad I could help.
Awesome video. Much appreciated.
Glad it helped. Please consider subbing.
This is really helpful. Thanks a lot Prof McMillen. :)
You're very welcome!
Well done Robert. This helped me a lot!
Glad to hear it.
Awesome manual. Thank you very much for your help.
Thanks Robert, a really helpful video, just the info I was looking for.
Glad it was helpful!
Thanks for this wonderful and detailed session on Remote Desktop Services.
Glad it helped you!
Excelent tutorial!!! the best one in the internet
Glad it was helpful!
you are brillient sir .....good job
Glad I could help!
Very clearly explained well made video, thank you so much for making this!
Glad it helped.
Excellent video Prof. Do you have one where you discuss setting up Connection Broker on a separate server for handling RDS servers in a High Availability environment? Would like to see that because it is very different than doing it for 2008R2. Thanks again for the videos
Very nice video. I really liked the amount of detail WITHOUT all the techy stuff. Unfortunately, this did not work for me. I am trying to set up a 2016 Terminal Services server and I ran into an error where the Powershell remote something or another had to be active. Had to go back to the piecemill method and install the licensing. Thanks though.
Excellent Video
Glad I could help.
Thanks a lot, very clear and simple. btw it works on Windows Server 2019 too 🙂
You are welcome!
Thanks, Robert. Very well explained..
You're welcome. Glad you stopped by.
This tutorial was great!
Thanks for watching!
This was so helpful, thanks so much. Very clear and detailed.
Glad to hear it.
Great Video! By chance do you have a video showing how to configure RD Gateway?
Not yet but I'll add it in my Server 2022 update shortly.
Well explained, thank you sir!
You are welcome!
Finally a real good guide, thank you.
But unfortenately you don't show how to use the regular Win Remote Desktop, the vid stopped just before that step, as I saw it - I was finnaly loooking forward to that part...
Or have I totaly mixed them up? Then I¨m lost again. Since I can't get that to work with others guides so far.
(I will try this guide tomorrow. More deep and bettter explained than others). Thanks Robert..
There is a part about opening up the desktop using the remote desktop application. If you're thinking of a different one just let me know what it is.
Thanks for making this video, something to try this weekend. :)
Have fun with it. I did.
Thank you Professor very helpful!
Glad it was helpful!
Awesome video. Thank you!!
Glad you liked it!
Attached is the cert Command @Robert McMillen explains on 8:37 in the video.
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname "RDP"
$pwd = ConvertTo-SecureString -String "Passw0rd" -Force -AsPlainText
Remember to change "Passw0rd" to something different example: "R0bertMc01"
Very helpful.
really great guide. Thanks
Glad it was helpful!
Great Video!! Do you have a follow-up of how to add a second terminal server to share the load of remote connections to that environment? Thank you.
Good idea. I'll do that for the 2022 video shortly. Thanks for watching!
Hi Robert, great how-to, thanks for sharing! One question, does IIS need to be installed or the Web component inclusion will install it?
Glad to help! When setting up the web component, it will install.
This was such an amazing tutorial. I only had one issue at the very end. When I'm logged into the rdweb and I try to launch the Remote Desktop Connection app it does not auto populate the server field. I was however able to manually type in the server name and remote into the server. Not sure if there is a fix for this.
Also, do you teach any classes on Udemy or anything? I had so much fun learning this with you as the instructor. Thank you!
Glad it helped. I teach a lot of Lynda.com/ LinkedIn Learning classes along with Pluralsight. I have stayed away from UDemy because they stole my classes in the past and wouldn't pay the royalties they took from me.
thank for your easy English, your video.
Glad to hear it helped.
Great Video!!! thank you for publishing.
Glad it helped!
Was the $pwd required, you define $pwd in PowerShell but I don' see how $pwd was applied to the selfsign cert ?
You could include the password in the command but this is faster.
Hi Robert, excellent reference video, concise, precise and practical.
Awesome walk-through. However, I have some minor problems understanding the concept. In the company I work for I have admin access to a barebone server with Win 2016 Server on it.
On that server I have installed a guest system Win Server 2016 as a virtual machine and added this VM to the domain of the company.
So now I can RDP into the VM, which is Win Server 2016, with my domain (administrator) account. I was also able to let normal users access it by creating a security group for just this purpose. But everyone is on a SERVER environment.
What I once saw in another company was that people have on their physical desks just a tiny mini-PC and they use RDP to work on their personal (non-server) account on a remote machine.
So I was under the impression I have to enable Win server 2016 to hand out "normal" Windows Pro environments to each user that connects via RDP.
This is why I watched your tutorial.
But I am confused because in the end you log into RDP and it shows your exact SERVER environment you where working on all the time.
How can I supply normal users with Win Pro (non-server) environments to work on?
Also: You used the DNS Manager to setup a hostname for the remote access. On my Win Server 2016 VM I don't have this option (DNS Manager is not installed). I probably could install it. But I guess it's not necessary anyway, since I am on a domain already, right?
I see the issue. It is true that when the users log in, they'll see the server environment, but you can use group policy to keep server manager from launching and other programs as well. It will never look like Win 10 though.
Hi Robert, I have referred to this video so many times, it is brilliant. I have one question though... Do you have the steps on using a certified SSL certificate instead of a self-signed certificate?
Glad it helped! I will add this to my Windows Server 2022 video. Basically, you just buy the public certificate and then use it instead of the self signed one you saw in the video.
Thanks! You are Brilliant!
Glad to help!
Great Help! My deployment will have a broker server and multiple host servers. Do I create a cert from the hosts or the broker?
Whichever server will be your web server is where you would do that, but I strongly suggest you use a public cert for $50 per year instead to avoid web browser cert warnings.
I'm currently trying this setup but for my remote users outside of the local network, how can I create the right certificate since outside of my local network I can only access it by port forwarding thru my firewall?
nice tutorial man thank you :)
Glad it helped. Thanks for watching.
Worth watching it!
Glad it helped!
Perfect!. Thank you very much.
Very Usefull and detailed, worked for me .
have a small problem tough, remote apps are not showing up
also want to verify that i'm not under trial period and my licences are installed and activated properly...any clues
Hard to say on rmeote apps other than check which group they apply to. The license error will pop up if you're not compliant.
15:11
My Chrome browser do not give me this window that run the app.
it save the file only, and I have to find it and run it by my self.
How to change the behavior of my browser?
Brilliant Sir
Thanks for watching!
Any guide for IIS deployment so you can access it over the web?
The RD Web Access didn't didn't certify the state is warning and the status is error
Gud job 👍...this video helped me
Glad it helped.
OK - I get how the web interface could be handy... but when the users are on a site to site VPN wouldn't I just load RDP on their workstation and have them directly connect without that extra step?
Correct. no web needed. Just just mstsc from command line or open remote desktop connection from the search menu.
Great job 👍
Thank you! Cheers!
good summary of M$ RDS.
Thanks for watching!
Robert, if the self signed cert that we configured originally is about to expire, do we just go through the original process to get a new cert? Basically just follow your steps again for a new cert to replace the expiring one?
You can do that. If you used a root cert authority on the server then you can do a renew cert in IIS.
Thanks for helpful video
Glad it helped.
Subscribed. Thank you
Thanks for watching!
Very useful Thank you!
Glad to hear it!
you mention in the video that NLA affects or works for domain joined computers only. Do you have documentation to support that? I have never encountered that before.
Just experience on my part. if your PC is domain joined then it works if you leave it checked. Not so much if its not.
@@techpub i haven't seen or read that it has anything to do with active directory. Where active directory can come into play with NLA is that if the host machine is joined to a domain and the users that have RDP permissions are domain users, when connecting via RDP, if the host computer cannot contact AD to authenticate the users, it will fail, but that is the point of NLA is to authenticate a user before they are presented with a Windows desktop login screen. It can work with local account or active directory accounts.
Thanks for the video! When I am setting a jumphost on a member server- I get an error that i must be logged on as a domain user to access the Remote Desktop Services installation option. Is this expected- and does this mean other domain users can also use RDP into the jumphost despite my config being on one of the users only?
And when i do try to set this up via a domain user account- i get an error "unable to connect to the server by using windows powershell remoting ". Pretty lost NGL :(
Yes, this is expected for configuration. Other users can use the server as guests if they are added into the remote desktop users group.
Thank you so much for your video. I completed the setup as per your instructions. I can see the published apps when I open the rdweb url in a browser. But when I click on any app, it just fails to launch. It shows up the screen of the remote machine and just terminates. Any tips to troubleshoot this issue?
Make sure you allow it in your trusted websites in control panel- internet options and that pop up blocker is off.
Very good Video!!
Glad you liked it!
Hey Robert, out of curiosity, can you run the Domain Controller on the same server that you're deploying the virtual machine-based desktop deployment for RDS?
Yes you can.
Thanks again for another great vid! Would be nice if you added the command for powershell on your video so we can copy and paste. I'm having trouble creating that certificate on powershell also. Can you help?
I should be making some more of these next week. I will see what I can do.
@@techpub I actually got it to work somehow lol.
This is wonderful knowledge!!
I had a query. I had configured RD session collection on my 2k12 machine and now I have done renaming my PC i.e. change the name of 2k12 machine. After renaming, I'm not able to see that RD session collection because server manager now says " no collection on remote pool server".
Could you please let me know how can I get back my old RD session in such conditions like after renaming PC name?
It might be simplest to just recreate the collection rather than troubleshooting it.
Such a good video. I however am not able to open the file. Unlike your tutorial, when I click the app it downloads the rdp file. When I try to open that downloaded file, it says I cannot connect to the remote computer. Anyone else have the same issue?
You should run a netstat -an | more command on your server and see if it is listening on TCP 3389. If it isn't, then add a firewall rule for inbound on that port.