Remote Desktop Services (RDS) is the platform of choice to cost-effectively host Windows desktops and applications. This offering is designed to help you quickly create a RDS on IaaS deployment for testing and proof-of-concept purposes. Feb 06, 2016 Azure MFA server is loading as below: After a while the console appear, this is the MFA server console that you can manage the MFA setup, in the status option it display that the server Secure-Server.demo.lab is online which is the same server we need to secure the RDP connection on it and the MFA server at the same time. Interested in bringing up a whole new environment in Azure. Want to basically live in Azure so that office workstations/notebooks contain no live data. Want to bring up an AD server, a file server, and an RDS server to support around 30 users. Users would live on the RDS server with little or no file transfers in or out. In digging through the Microsoft Product Use Terms and Licensing information, I see that if we purchase RDS CALs with Software Assurance, we gain the License Mobility benefit, which allows us to deploy the licenses on a server from an Authorized Mobility Partner (i.e., Azure in this case).

Remote Desktop Services (RDS) or as it was previously known, Windows Terminal Server, has been the remote access backbone protocol to Windows servers since Windows Server 2003.

The ability to remotely access and interact with the graphical user interface (GUI) on a Windows server is a critical operational function for Windows systems administrators everywhere. For this reason, every Windows server allows up to two concurrent remote desktop connections giving sysadmins the ability to login to a server remotely and manage it.

Click here to download our free ebook and learn more about the top trends for Microsoft Azure

However, this remote access and management capability can do much more for business than merely ease the burden of IT systems management. Giving users the ability to access and work on a remote machine has multiple real business benefits such as reduced costs, improved efficiencies and the option to rapidly deploy and manage advanced end-user applications.

The business benefits of Microsoft Azure RDS

1 – Delivering a single application experience

The Internet has indeed transformed the way we work and communicate. Flexibility is an underlying theme throughout the modern workplace which gives users the freedom to work on a variety of different platforms while engaged on a single task or assignment. However, there are times when users need to use a specific application which only runs on Windows. If the user is on a non-Windows device such as an Apple or Chromebook, working on a Windows-only application is just not possible.

RDS solves this problem as it allows organizations to create a unified remote desktop experience for all users. By configuring an RDS environment, businesses can give users on any platform access to use the specialized application. Also, delivering applications this way also provides standardization and eases management’s burden of making sure every user is on the latest version.

2 – Data security

Working remotely has truly transformed the occupational landscape, but it also creates data security challenges. When all users work in a single location, data security is easier as the organization has direct control over the data storage location and can manage access to the data source. However, when users are accessing data remotely, there is a risk of users copying data to their end-user devices or using public filesharing services which create a serious security risk if left unmanaged.

If organizations choose to deploy RDS as their remote work solution, this data risk is mitigated. All data is stored on servers under the direct management of the organization giving businesses the oversight and control they need over data flow and access.

3 – Processing power

In a world where processing power is increasing on an exponential scale, developers build applications which leverage the additional system resources available. After all, the greater the resources, the better the performance of the application and the more it can accomplish in less time. However, not all end-user devices are capable of running high resource intensive applications. Older devices may struggle to run applications which are CPU and memory intensive, negatively impacting the productivity of the end-user.

Because RDS is server-based, high resource intensive applications can run smoothly. In addition, having a single instance of the application to manage eases the operational burden on the IT team, and the total cost of ownership is much less. For example, if there is a need for additional hardware they can be added to a single server which costs far less than upgrading multiple end-user devices.

4 – Simplified management

Standardization is a crucial principle in IT management as it lightens the administrative burden increasing efficiency while lowering costs. Furthermore, there are real business benefits with adopting simple solutions that have fewer moving parts as these are easier to manage and cost less over time.

Deploying any solution through RDS is an answer which is both standardized and simplified. Administrators can deploy complex solutions in a single instance without the need to manage multiple operating environments. Also, any maintenance needs only to be performed once which dramatically reduces the time and increases security associated with system updates, backups and similar operational tasks.

5 – Reduced costs

Cost reduction is an overarching objective of every organization be it a commercial enterprise or a non-profit. Economic scarcity is a reality every business deals with, and cost reduction allocates more financial resources to invest in strategic initiatives which ultimately ensure the prosperity and survival of the organization.

RDS reduces the overall cost of IT infrastructure. As discussed, it does this directly by minimizing the investment needed in hardware and software and indirectly by reducing overhead costs associated with IT operations.

6 – Improved redundancy and uptime

Today’s world is dependent on online services, and any downtime has a monumental impact on both the organization and its users. Loss of revenue, loss of productivity and a negative impact on reputation are all real consequences when systems and services go down unexpectedly. To ensure optimal uptime, businesses need to invest in solutions with built-in redundancy to ensure resiliency in mitigating risks which threaten system availability.

As RDS is a server-based solution, organizations can easily configure the platform for maximum uptime by deploying multiple instances of the same RDS solution across several servers. In addition, RDS solutions are implemented in data centers which have the necessary infrastructure redundancy built-in. If a single node or service should fail, the impact will be negligible as the solution remains online and users are still able to work. Although building a redundant RDS solution does increase the overall cost, the additional expenditure is negligible when compared to the investment needed in creating redundancy for an end-user computing environment.

Azure Remote Desktop Services

Azure Terminal Services Gateway

Azure Remote Desktop Services takes the benefits of RDS and expands the offering by providing RDS on a global enterprise-grade cloud platform.

With the Microsoft Azure platform, organizations can rapidly deploy a cost-effective, redundant and scalable platform to host Windows desktops and applications. Deployment is further simplified with the option of Azure Marketplace offerings or quickstart templates so organizations can get their RDS platform configured and ready to use in a matter of minutes.

As Microsoft manages the underlying infrastructure, choosing to deploy RDS on Azure gives organizations the flexibility and benefits that come with a world-class Infrastructure as a Service offering. The advanced hardware, software, and networking requirements are taken care of, giving organizations the freedom to concentrate on building solutions which are relevant and add value to their business. Also, the pay-per-use model and no upfront capital expenditure makes Azure RDS an affordable option for businesses of any size looking to deploy and manage remote operating environments.

-->

You can use Azure AD Domain Services (Azure AD DS) in your Remote Desktop Services deployment in the place of Windows Server Active Directory. Azure AD DS lets you use your existing Azure AD identities in with classic Windows workloads.

With Azure AD DS you can:

Azure Remote Desktop Licensing

• Create an Azure environment with a local domain for born-in-the-cloud organizations.
• Create an isolated Azure environment with the same identities used for your on-premises and online environment, without needing to create a site-to-site VPN or ExpressRoute.

When you finish integrating Azure AD DS into your Remote Desktop deployment, your architecture will look something like this:

To see how this architecture compares with other RDS deployment scenarios, check out Remote Desktop Services architectures.

To get a better understanding of Azure AD DS, check out the Azure AD DS overview and How to decide if Azure AD DS is right for your use-case.

Use the following information to deploy Azure AD DS with RDS.

Prerequisites

Before you can bring your identities from Azure AD to use in an RDS deployment, configure Azure AD to save the hashed passwords for your users' identities. Born-in-the-cloud organizations don't need to make any additional changes in their directory; however, on-premises organizations need to allow password hashes to be synchronized and stored in Azure AD, which may not be permissible to some organizations. Users will have to reset their passwords after making this configuration change.

Deploy Azure AD DS and RDS

Use the following steps to deploy Azure AD DS and RDS.

1. Enable Azure AD DS. Note that the linked article does the following:

   • Walk through creating the appropriate Azure AD groups for domain administration.
   • Highlight when you might have to force users to change their password so their accounts can work with Azure AD DS.

2. Set up RDS. You can either use an Azure template or deploy RDS manually.

   • Use the Existing AD template. Make sure to customize the following:

     • Settings

       • Resource group: Use the resource group where you want to create the RDS resources.

         Note

         Right now this has to be the same resource group where the Azure resource manager virtual network exists.

       • Dns Label Prefix: Enter the URL that you want users to use to access RD Web.

       • Ad Domain Name: Enter the full name of your Azure AD instance, for example, 'contoso.onmicrosoft.com' or 'contoso.com'.

       • Ad Vnet Name and Ad Subnet Name: Enter the same values that you used when you created the Azure resource manager virtual network. This is the subnet to which the RDS resources will connect.

       • Admin Username and Admin Password: Enter the credentials for an admin user that's a member of the AAD DC Administrators group in Azure AD.

     • Template

       • Remove all properties of dnsServers: after selecting Edit template from the Azure quickstart template page, search for 'dnsServers' and remove the property.

         For example, before removing the dnsServers property:

         And here's the same file after removing the property:

   • Deploy RDS manually.