Вы находитесь на странице: 1из 23

Deploying Virtual Desktop Pools by using

Remote Desktop Web Access Step-by-Step


Guide
Microsoft Corporation
Published: May 2009
Updated: April 2010
Abstract
Virtual desktop pools are groups of identically configured irtual !achines that users can connect
to by using either "e!oteApp and #esktop Connection or "e!ote #esktop $eb Access
%"# $eb Access&' (n this guide) *e *ill set up a irtual desktop pool and connect to the pool by
using "# $eb Access'
Copyright Inormation
+his docu!ent supports a preli!inary release of a soft*are product that !ay be changed
substantially prior to final co!!ercial release) and is the confidential and proprietary infor!ation
of Microsoft Corporation' (t is disclosed pursuant to a non,disclosure agree!ent bet*een the
recipient and Microsoft' +his docu!ent is proided for infor!ational purposes only and Microsoft
!akes no *arranties) either e-press or i!plied) in this docu!ent' (nfor!ation in this docu!ent)
including U". and other (nternet $eb site references) is sub/ect to change *ithout notice' +he
entire risk of the use or the results fro! the use of this docu!ent re!ains *ith the user' Unless
other*ise noted) the co!panies) organi0ations) products) do!ain na!es) e,!ail addresses)
logos) people) places) and eents depicted in e-a!ples herein are fictitious' 1o association *ith
any real co!pany) organi0ation) product) do!ain na!e) e,!ail address) logo) person) place) or
eent is intended or should be inferred' Co!plying *ith all applicable copyright la*s is the
responsibility of the user' $ithout li!iting the rights under copyright) no part of this docu!ent
!ay be reproduced) stored in or introduced into a retrieal syste!) or trans!itted in any for! or
by any !eans %electronic) !echanical) photocopying) recording) or other*ise&) or for any
purpose) *ithout the e-press *ritten per!ission of Microsoft Corporation'
Microsoft !ay hae patents) patent applications) trade!arks) copyrights) or other intellectual
property rights coering sub/ect !atter in this docu!ent' 2-cept as e-pressly proided in any
*ritten license agree!ent fro! Microsoft) the furnishing of this docu!ent does not gie you any
license to these patents) trade!arks) copyrights) or other intellectual property'
3 2009 Microsoft Corporation' All rights resered'
Microsoft, and Active Directory, RemoteApp, Windows, and Windows Server are trade!arks of
the Microsoft group of co!panies'
All other trade!arks are property of their respectie o*ners'
Contents
#eploying Virtual #esktop Pools by Using "e!ote #esktop $eb Access 4tep,by,4tep 5uide'''''6
About this guide''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 6
$hat this guide does not proide''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 6
+echnology reie*''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 7
4cenario: #eploying irtual desktop pools by using "# $eb Access in a test eniron!ent''''''''8
4tep 1: 4etting Up the Contoso #o!ain''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 9
Configure the "# Virtuali0ation :ost serer %"#V:,4"V&'''''''''''''''''''''''''''''''''''''''''''''''''''''''9
Configure the "# Connection ;roker serer %"#C;,4"V&''''''''''''''''''''''''''''''''''''''''''''''''''''11
Configure the "# $eb Access serer %"#$A,4"V&'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''1<
4tep 2: (nstalling and Configuring Virtual Machines''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''17
(nstall the irtual desktop pool co!puters %V#P1,C.1+ and V#P2,C.1+&'''''''''''''''''''''''''''''''18
Configure the irtual !achine for "e!ote #esktop 4erices''''''''''''''''''''''''''''''''''''''''''''''''''''1=
4tep <: Configuring the Virtual #esktop Pool'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 1=
4tep 6: Verifying Virtual #esktop Pool >unctionality'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''20
Appendi- A: Configuring the Virtual Machine Manually'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''21
Deploying Virtual Desktop Pools by !sing
Remote Desktop Web Access Step-by-Step
Guide
About this guide
+his step,by,step guide *alks you through the process of setting up a *orking irtual desktop
pool accessible by using "e!ote #esktop $eb Access %"# $eb Access& in a test eniron!ent'
#uring this process) you *ill create a test deploy!ent that includes the follo*ing co!ponents:
A "e!ote #esktop Virtuali0ation :ost %"# Virtuali0ation :ost& serer
A "e!ote #esktop Connection ;roker %"# Connection ;roker& serer
A "e!ote #esktop 4ession :ost %"# 4ession :ost& serer in redirection !ode
A "e!ote #esktop $eb Access %"# $eb Access& serer
+*o irtual !achines configured in a irtual desktop pool
+his guide assu!es that you preiously co!pleted the steps in the (nstalling "e!ote #esktop
4ession :ost 4tep,by,4tep 5uide %http:??go'!icrosoft'co!?f*link?@.ink(dA169292&) and that you
hae already deployed the follo*ing co!ponents:
An "# 4ession :ost serer
A "e!ote #esktop Connection client co!puter
An Actie #irectory #o!ain 4erices do!ain controller
As you co!plete the steps in this guide) you *ill:
4et up the necessary serers in the CB1+B4B do!ain'
(nstall and configure the irtual !achines to be used in the irtual desktop pool'
Configure the irtual desktop pool'
Verify that the irtual desktop pool is functioning correctly'
+he goal of a irtual desktop pool is to proide users *ith a irtual desktop that is dyna!ically
assigned fro! a pool of identically configured irtual !achines' Users can connect to a irtual
desktop pool and run progra!s and consu!e resources as if they *ere using a local client
co!puter'
What this guide does not pro"ide
+his guide does not proide the follo*ing:
An oerie* of "e!ote #esktop 4erices'
5uidance for setting up Actie #irectory #o!ain 4erices or an "# 4ession :ost serer' +his
infor!ation can be found in the (nstalling "e!ote #esktop 4ession :ost 4tep,by,4tep 5uide
%http:??go'!icrosoft'co!?f*link?@.ink(dA169292&' >or a do*nloadable ersion of this
6
docu!ent) see the (nstalling "e!ote #esktop 4ession :ost 4tep,by,4tep 5uide
%http:??go'!icrosoft'co!?f*link?@.ink(dA16929<& in the Microsoft #o*nload Center'
(f you hae preiously configured the co!puters in the (nstalling "e!ote #esktop
4ession :ost 4tep,by,4tep 5uide) you should repeat the steps in that guide *ith ne*
installations'
5uidance for setting up and configuring a personal irtual desktop' +his infor!ation can be
found in the #eploying Personal Virtual #esktops by Using "e!ote #esktop $eb Access
4tep,by,4tep 5uide %http:??go'!icrosoft'co!?f*link?@.ink(dA16990=&' >or a do*nloadable
ersion of this docu!ent) see the #eploying Personal Virtual #esktops by Using "e!ote
#esktop $eb Access 4tep,by,4tep 5uide %http:??go'!icrosoft'co!?f*link?@.ink(dA169909& in
the Microsoft #o*nload Center'
5uidance for i!porting a certificate used for digitally signing the "#P file of the irtual
desktop pool'
5uidance for setting up and configuring a irtual desktop pool in a production eniron!ent'
Co!plete technical reference for "e!ote #esktop 4erices'
#echnology re"ie$
A irtual desktop pool is a group of identically configured irtual !achines installed on an
"# Virtuali0ation :ost serer and !anaged through :yper,V Manager' Users can access the
irtual desktop pool through "e!oteApp and #esktop Connection or "# $eb Access' ;ecause
the irtual !achines are identically configured) the user sees the sa!e irtual desktop) regardless
of *hich irtual !achine in the irtual desktop pool the user connects to'
+he follo*ing are i!portant considerations *hen deploying a irtual desktop pool:
2nsure that the "#V:,4"V co!puter !eets the :yper,V installation prereCuisites
%http:??go'!icrosoft'co!?f*link?@.ink(dA1221=<&'
+he irtual !achines in a irtual desktop pool !ust be identically configured) including *hich
progra!s are installed'
Virtual desktops can only use $indo*sD client operating syste!s' Eou cannot install
$indo*s 4ererD 200= "2 on a irtual !achine and add it to a irtual desktop pool'
A irtual !achine can be a !e!ber of only one irtual desktop pool at a ti!e'
Eou can !ake !ultiple irtual desktop pools aailable through "# $eb Access' +he user
sees a different icon for each irtual desktop pool'
Users should not sae files on a irtual !achine that is in a irtual desktop pool' (f a user logs
off fro! a irtual !achine in a irtual desktop pool) the ne-t ti!e that the user logs on to the
irtual desktop pool) the user !ight be connected to a different irtual !achine in the irtual
desktop pool'
A user is connected to a irtual desktop pool in the follo*ing *ay:
1' A user initiates the connection to the irtual desktop pool by using "# $eb Access or by
using "e!oteApp and #esktop Connection'
Important
7
2' +he reCuest is sent to the "# 4ession :ost serer running in redirection !ode'
<' +he "# 4ession :ost serer running in redirection !ode redirects the reCuest to the
"# Connection ;roker serer'
6' +he "# Connection ;roker serer checks to see if an e-isting session e-ists for the
reCuesting user account' (f a session already e-ists) proceed to step 8' (f the session does
not e-ist) proceed to step 7'
7' +he "# Connection ;roker serer sends a reCuest to the "# Virtuali0ation :ost serer to
locate and start the irtual !achine'
8' +he "# Connection ;roker serer returns the irtual !achine na!e to the "# 4ession :ost
serer running in redirection !ode'
9' +he "# 4ession :ost serer running in redirection !ode redirects the reCuest to the client
co!puter that initiated the connection'
=' +he client co!puter connects to the irtual desktop pool'
Scenario% Deploying "irtual desktop pools by
using RD Web Access in a test en"ironment
$e reco!!end that you first use the steps proided in this guide in a test lab eniron!ent' 4tep,
by,step guides are not necessarily !eant to be used to deploy $indo*s 4erer features *ithout
additional deploy!ent docu!entation and should be used *ith discretion as a stand,alone
docu!ent'
Upon co!pletion of this step,by,step guide) you *ill hae a irtual desktop pool that users can
connect to by using "# $eb Access' Eou can then test and erify this functionality by connecting
to the irtual desktop pool fro! "# $eb Access as a standard user'
+he test eniron!ent described in this guide includes eight co!puters connected to a priate
net*ork using the follo*ing operating syste!s) applications) and serices:
Computer name &perating system Applications and ser"ices
CB1+B4B,#C $indo*s 4erer 200= "2 Actie #irectory #o!ain
4erices %A# #4&) #14
"#4:,4"V $indo*s 4erer 200= "2 "# 4ession :ost
CB1+B4B,C.1+ $indo*s 9 "e!ote #esktop Connection
"#V:,4"V $indo*s 4erer 200= "2 "# Virtuali0ation :ost) :yper,V
"#C;,4"V $indo*s 4erer 200= "2 "# Connection ;roker
"#$A,4"V $indo*s 4erer 200= "2 "# $eb Access
V#P1,C.1+
V#P2,C.1+
$indo*s 9 Virtual !achines
8

+he co!puters for! a priate net*ork and are connected through a co!!on hub or .ayer 2
s*itch' +his step,by,step e-ercise uses priate addresses throughout the test lab configuration'
+he priate net*ork (# 10'0'0'0?26 is used for the net*ork' +he do!ain controller is na!ed
CB1+B4B,#C for the do!ain na!ed contoso'co!' +he follo*ing figure sho*s the configuration
of the test eniron!ent'
Step '% Setting !p the Contoso Domain
+o prepare your irtual desktop pool test eniron!ent in the CB1+B4B do!ain) you !ust
co!plete the follo*ing tasks:
Configure the "e!ote #esktop Virtuali0ation :ost %"# Virtuali0ation :ost& serer %"#V:,
4"V&
Configure the "e!ote #esktop Connection ;roker %"# Connection ;roker& serer %"#C;,
4"V&
Configure the "e!ote #esktop $eb Access %"# $eb Access& serer %"#$A,4"V&
Use the follo*ing table as a reference *hen setting up the appropriate co!puter na!es)
operating syste!s) and net*ork settings that are reCuired to co!plete the steps in this guide'
;efore you configure your co!puters *ith static (nternet Protocol %(P& addresses) *e
reco!!end that you first co!plete $indo*s product actiation *hile each of your
co!puters still has (nternet connectiity' Eou should also install any aailable critical
security updates fro! $indo*s Update %http:??go'!icrosoft'co!?f*link?@.ink(#A69<90&'
Important
9
Computer name &perating system
re(uirement
IP settings D)S settings
CB1+B4B,#C $indo*s
4ererD 200= "2
(P address:
10'0'0'1
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Configured by #14
serer role'
"#4:,4"V $indo*s 4erer 200= "2 (P address:
10'0'0'2
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
CB1+B4B,C.1+ $indo*sD 9 (P address:
10'0'0'<
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
"#V:,4"V $indo*s 4erer 200= "2 (P address:
10'0'0'6
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
"#C;,4"V $indo*s 4erer 200= "2 (P address:
10'0'0'7
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
"#$A,4"V $indo*s 4erer 200= "2 (P address:
10'0'0'8
4ubnet !ask:
Preferred:
10'0'0'1
=
Computer name &perating system
re(uirement
IP settings D)S settings
277'277'277'0
#efault gate*ay:
10'0'0'1
Conigure the RD Virtuali*ation +ost ser"er ,RDV+-SRV-
+o configure the "# Virtuali0ation :ost serer) you !ust:
(nstall $indo*s 4erer 200= "2'
Configure +CP?(P properties'
Foin "#V:,4"V to the contoso'co! do!ain'
(nstall the "# Virtuali0ation :ost role serice'
+his *ill also install the :yper,V role serice'
>irst) install $indo*s 4erer 200= "2 on a stand,alone serer'
1' 4tart your co!puter by using the $indo*s 4erer 200= "2 product C#'
2' $hen pro!pted for a co!puter na!e) type RDV+-SRV'
<' >ollo* the rest of the instructions that appear on your screen to finish the installation'
1e-t) configure +CP?(P properties so that "#V:,4"V has an (P6 static (P address of 10'0'0'6'
1' .og on to "#V:,4"V *ith the "#V:,4"VGAd!inistrator account'
2' Click Start) click Control Panel) click )et$ork and Internet) click )et$ork and Sharing
Center) click Change adapter settings) right,click .ocal Area Connection) and then
click Properties'
<' Bn the )et$orking tab) click Internet Protocol Version / ,#CP0IP"/-) and then click
Properties'
6' Click !se the ollo$ing IP address' (n the IP address bo-) type '121212/' (n the Subnet
mask bo-) type 3442344234421' (n the Deault gate$ay bo-) type '121212''
7' Click !se the ollo$ing D)S ser"er addresses' (n the Preerred D)S ser"er bo-) type
'121212''
8' Click &5) and then close the .ocal Area Connection Properties dialog bo-'
1e-t) /oin "#V:,4"V to the contoso'co! do!ain'
1' Click Start) right,click Computer) and then click Properties'
2' Under Computer name6 domain6 and $orkgroup settings) click Change settings'
)ote
#o install Windo$s Ser"er 3117 R3 #o conigure #CP0IP properties #o 8oin RDV+-SRV to the contoso2com domain
9
<' Bn the Computer )ame tab) click Change'
6' (n the Computer )ame0Domain Changes dialog bo-) under 9ember o) click Domain)
and then type contoso2com'
7' Click 9ore) and in the Primary D)S sui: o this computer bo-) type contoso2com'
8' Click &5) and then click &5 again'
9' $hen a Computer )ame0Domain Changes dialog bo- appears pro!pting you for
ad!inistratie credentials) proide the credentials for CB1+B4BGAd!inistrator) and then
click &5'
=' $hen a Computer )ame0Domain Changes dialog bo- appears *elco!ing you to the
contoso'co! do!ain) click &5'
9' $hen a Computer )ame0Domain Changes dialog bo- appears telling you that the
co!puter !ust be restarted) click &5) and then click Close'
10' Click Restart )o$'
>inally) install the "# Virtuali0ation :ost role serice by using 4erer Manager'
1' .og on to "#V:,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) and then click Ser"er 9anager'
<' Under the Roles Summary heading) click Add Roles'
6' Bn the ;eore <ou ;egin page) click )e:t'
7' Bn the Select Ser"er Roles page) select the Remote Desktop Ser"ices check bo-) and
then click )e:t'
8' Bn the Remote Desktop Ser"ices page) click )e:t'
9' Bn the Select Role Ser"ices page) select the Remote Desktop Virtuali*ation +ost
check bo-'
=' "eie* the infor!ation about adding :yper,V) click Add Re(uired Role Ser"ices) and
then click )e:t'
9' Bn the Conirm Installation Selections page) click Install'
10' After the installation is co!plete) click Close'
Conigure the RD Connection ;roker ser"er ,RDC;-SRV-
+o configure the "# Connection ;roker serer by using $indo*s 4erer 200= "2) you !ust:
(nstall $indo*s 4erer 200= "2'
Configure +CP?(P properties'
Foin "#C;,4"V to the contoso'co! do!ain'
(nstall the "# Connection ;roker role serice'
Configure a certificate used to digitally sign the "#P file'
#o install the RD Virtuali*ation +ost role ser"ice
10
Add the thu!bprint of the certificate used to digitally sign the "#P file to the #efault #o!ain
Policy by using 5roup Policy Manage!ent'
>irst) install $indo*s 4erer 200= "2 as a stand,alone serer'
1' 4tart your co!puter by using the $indo*s 4erer 200= "2 product C#'
2' $hen pro!pted for a co!puter na!e) type RDC;-SRV'
<' >ollo* the rest of the instructions that appear on your screen to finish the installation'
1e-t) configure +CP?(P properties so that "#C;,4"V has a static (P address of 10'0'0'7' (n
addition) configure the #14 serer by using the (P address of CB1+B4B,#C %10'0'0'1&'
1' .og on to "#C;,4"V *ith the "#C;,4"VGAd!inistrator account or another user
account in the local Ad!inistrators group'
2' Click Start) click Control Panel) click )et$ork and Internet) click )et$ork and Sharing
Center) click Change adapter settings) right,click .ocal Area Connection) and then
click Properties'
<' Bn the )et$orking tab) click Internet Protocol Version / ,#CP0IP"/-) and then click
Properties'
6' Click !se the ollo$ing IP address' (n the IP address bo-) type '1212124' (n the Subnet
mask bo-) type 3442344234421' (n the Deault gate$ay bo-) type '121212''
7' Click !se the ollo$ing D)S ser"er addresses' (n the Preerred D)S ser"er bo-) type
'121212''
8' Click &5) and then close the .ocal Area Connection Properties dialog bo-'
1e-t) /oin "#C;,4"V to the contoso'co! do!ain'
1' Click Start) right,click Computer) and then click Properties'
2' Under Computer name6 domain6 and $orkgroup settings) click Change settings'
<' Bn the Computer )ame tab) click Change'
6' (n the Computer )ame0Domain Changes dialog bo-) under 9ember o) click Domain)
and then type contoso2com'
7' Click 9ore) and in the Primary D)S sui: o this computer bo-) type contoso2com'
8' Click &5) and then click &5 again'
9' $hen a Computer )ame0Domain Changes dialog bo- appears pro!pting you for
ad!inistratie credentials) proide the credentials for CB1+B4BGAd!inistrator) and then
click &5'
=' $hen a Computer )ame0Domain Changes dialog bo- appears *elco!ing you to the
contoso'co! do!ain) click &5'
9' $hen a Computer )ame0Domain Changes dialog bo- appears telling you that the
#o install Windo$s Ser"er 3117 R3 #o conigure #CP0IP properties #o 8oin RDC;-SRV to the contoso2com domain
11
co!puter !ust be restarted) click &5) and then click Close'
10' Click Restart )o$'
1e-t) install the "# Connection ;roker role serice by using 4erer Manager'
1' .og on to "#C;,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) and then click Ser"er 9anager'
<' Under the Roles Summary heading) click Add Roles'
6' Bn the ;eore <ou ;egin page) click )e:t'
7' Bn the Select Ser"er Roles page) select the Remote Desktop Ser"ices check bo-) and
then click )e:t'
8' Bn the Remote Desktop Ser"ices page) click )e:t'
9' Bn the Select Role Ser"ices page) select the Remote Desktop Connection ;roker
check bo-) and then click )e:t'
=' Bn the Conirm Installation Selections page) click Install'
9' After the installation is co!plete) click Close'
1e-t) configure a digital certificate used to digitally sign the "#P file'
1' Bpen "e!ote #esktop Connection Manager' +o open "e!ote #esktop Connection
Manager) click Start) point to Administrati"e #ools) point to Remote Desktop Ser"ices)
and then click Remote Desktop Connection 9anager'
2' Under the Virtual Desktops% Resources and Coniguration heading) click Speciy ne-t
to Digital Certiicate'
<' Bn the Digital Signature tab) select the Sign $ith a Digital Certiicate check bo-'
6' Click Select'
7' (n the Conirm Certiicate dialog bo-) click the certificate that you *ant to use for signing
the "#P files) and then click &5'
>inally) you !ust add the thu!bprint of the certificate used to digitally sign the "#P file to the
#efault #o!ain 5roup Policy setting' +his is reCuired so that the trusted publisher *arning dialog
bo- is not sho*n to the user each ti!e the personal irtual desktop is started'
1' .og on to CB1+B4B,#C as CB1+B4BGAd!inistrator'
2' Bpen 5roup Policy Manage!ent' +o open 5roup Policy Manage!ent) click Start) point
to Administrati"e #ools) and then click Group Policy 9anagement'
<' 2-pand =orest% contoso2com) e-pand Domains) and then e-pand contoso2com'
6' "ight,click Deault Domain Policy) and then click >dit'
7' 1aigate to Computer Coniguration?Policies?Administrati"e #emplates?Windo$s
Components?Remote Desktop Ser"ices?Remote Desktop Connection Client'
#o install the RD Connection ;roker role ser"ice #o conigure a certiicate used to digitally sign the RDP ile #o add the certiicate thumbprint to the Deault Domain Group Policy setting
12
8' #ouble,click Speciy S+A' thumbprints o certiicates representing trusted 2rdp
publishers'
9' 4elect the >nabled option'
=' (n the Comma-separated list o S+A' trusted certiicate thumbprints bo-) type the
certificate thu!bprint used to digitally sign the "#P file) and then click &5'
Conigure the RD Web Access ser"er ,RDWA-SRV-
+o configure the "# $eb Access serer by using $indo*s 4erer 200= "2) you !ust:
(nstall $indo*s 4erer 200= "2'
Configure +CP?(P properties'
Foin "#$A,4"V to the contoso'co! do!ain'
(nstall the "# $eb Access role serice'
>irst) install $indo*s 4erer 200= "2 on a stand,alone serer'
1' 4tart your co!puter by using the $indo*s 4erer 200= "2 product C#'
2' $hen pro!pted for a co!puter na!e) type RDWA-SRV'
<' >ollo* the rest of the instructions that appear on your screen to finish the installation'
1e-t) configure +CP?(P properties so that "#$A,4"V has an (P6 static (P address of 10'0'0'8'
1' .og on to "#$A,4"V *ith the "#$A,4"VGAd!inistrator account'
2' Click Start) click Control Panel) click )et$ork and Internet) click )et$ork and Sharing
Center) click Change adapter settings) right,click .ocal Area Connection) and then
click Properties'
<' Bn the )et$orking tab) click Internet Protocol Version / ,#CP0IP"/-) and then click
Properties'
6' Click !se the ollo$ing IP address' (n the IP address bo-) type '121212@' (n the Subnet
mask bo-) type 3442344234421' (n the Deault gate$ay bo-) type '121212''
7' Click !se the ollo$ing D)S ser"er addresses' (n the Preerred D)S ser"er bo-) type
'121212''
8' Click &5) and then close the .ocal Area Connection Properties dialog bo-'
1e-t) /oin "#$A,4"V to the contoso'co! do!ain'
1' Click Start) right,click Computer) and then click Properties'
2' Under Computer name6 domain6 and $orkgroup settings) click Change settings'
<' Bn the Computer )ame tab) click Change'
6' (n the Computer )ame0Domain Changes dialog bo-) under 9ember o) click Domain)
#o install Windo$s Ser"er 3117 R3 #o conigure #CP0IP properties #o 8oin RDWA-SRV to the contoso2com domain
1<
and then type contoso2com'
7' Click 9ore) and in the Primary D)S sui: o this computer bo-) type contoso2com'
8' Click &5) and then click &5 again'
9' $hen a Computer )ame0Domain Changes dialog bo- appears pro!pting you for
ad!inistratie credentials) proide the credentials for CB1+B4BGAd!inistrator) and then
click &5'
=' $hen a Computer )ame0Domain Changes dialog bo- appears *elco!ing you to the
contoso'co! do!ain) click &5'
9' $hen a Computer )ame0Domain Changes dialog bo- appears telling you that the
co!puter !ust be restarted) click &5) and then click Close'
10' Click Restart )o$'
>inally) install the "# $eb Access role serice by using 4erer Manager'
1' .og on to "#$A,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) and then click Ser"er 9anager'
<' Under the Roles Summary heading) click Add Roles'
6' Bn the ;eore <ou ;egin page) click )e:t'
7' Bn the Select Ser"er Roles page) select the Remote Desktop Ser"ices check bo-) and
then click )e:t'
8' Bn the Remote Desktop Ser"ices page) click )e:t'
9' Bn the Select Role Ser"ices page) select the Remote Desktop Web Access check
bo-'
=' "eie* the infor!ation about adding $eb 4erer %((4& and the "e!ote 4erer
Ad!inistration +ools) click Add Re(uired Role Ser"ices) and then click )e:t'
9' Bn the Web Ser"er ,IIS- page) click )e:t'
10' Bn the Select Role Ser"ices page) click )e:t'
11' Bn the Conirm Installation Selections page) click Install'
12' After the installation is co!plete) click Close'
Step 3% Installing and Coniguring Virtual
9achines
+he irtual !achines are configured in a irtual desktop pool' +he irtual !achines are
dyna!ically assigned to user accounts as they connect to the pool' (n this step) you *ill install
and configure the irtual !achines'
#o install the RD Web Access role ser"ice
16
Use the follo*ing table as a reference *hen setting up the appropriate co!puter na!es)
operating syste!s) and net*ork settings that are reCuired to co!plete the steps in this guide'
Computer name &perating system
re(uirement
IP settings D)S settings
V#P1,C.1+ $indo*s 9 (P address:
10'0'0'9
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
V#P2,C.1+ $indo*s 9 (P address:
10'0'0'=
4ubnet !ask:
277'277'277'0
#efault gate*ay:
10'0'0'1
Preferred:
10'0'0'1
Install the "irtual desktop pool computers ,VDP'-
C.)# and VDP3-C.)#-
(nstall $indo*s 9 on the irtual !achines'
Configure +CP?(P properties'
Foin the irtual !achine to the contoso'co! do!ain'
2nable the irtual !achine to support rollback'
1' .og on to "#V:,4"V as CB1+B4BGAd!inistrator'
2' (nsert the $indo*s 9 product #V# into the #V# drie on the "#V:,4"V serer'
<' Bpen :yper,V Manager' +o open :yper,V Manager) click Start) point to Administrati"e
#ools) and then click +yper-V 9anager'
6' "ight,click RDV+-SRV) point to )e$) and then click Virtual 9achine'
7' Bn the ;eore <ou ;egin page) click )e:t'
8' (n the )ame bo-) type "dp'-clnt2contoso2com and then click )e:t'
9' Bn the Assign 9emory page) click )e:t'
=' Bn the Conigure )et$orking page) in the Connection bo-) select the irtual net*ork
#o install Windo$s A on a "irtual machine
17
that contains the other !achines in the contoso'co! do!ain) and then click )e:t'
9' Bn the Connect Virtual +ard Disk page) in the )ame bo-) type "dp'-
clnt2contoso2com) in the Si*e bo-) type B1 and then click )e:t'
10' Bn the Installation &ptions page) click Install an operating system rom a boot
CD0DVD-R&9 dri"e'
11' (n the Physical CD0DVD dri"e bo-) select the #V# drie that contains the $indo*s 9
product #V#) and then click )e:t'
12' Bn the Completing the )e$ Virtual 9achine Wi*ard page) reie* the installation
options) and then click =inish'
1<' (n the Virtual 9achines area) right,click "dp'-clnt2contoso2com) and then click
Connect'
16' Click Action) and then click Start'
17' "epeat these steps for the V#P2,C.1+ co!puter'
1e-t) configure +CP?(P properties so that V#P1,C.1+ has a static (P address of 10'0'0'9' (n
addition) configure the #14 serer of CB1+B4B,#C %10'0'0'1&'
1' .og on to V#P1,C.1+ as a !e!ber of the local Ad!inistrators group'
2' Click Start) click Control Panel) click )et$ork and Internet) and then click )et$ork
and Sharing Center'
<' Click Change adapter settings) right,click .ocal Area Connection) and then click
Properties'
6' Bn the )et$orking tab) click Internet Protocol Version / ,#CP0IP"/-) and then click
Properties'
7' Click !se the ollo$ing IP address' (n the IP address bo-) type '121212A' (n the Subnet
mask bo-) type 3442344234421' (n the Deault gate$ay bo-) type '121212''
8' Click !se the ollo$ing D)S ser"er addresses' (n the Preerred D)S ser"er bo-) type
'121212''
9' Click &5) and then close the .ocal Area Connection Properties dialog bo-'
=' "epeat these steps for the V#P2,C.1+ co!puter'
1e-t) /oin V#P1,C.1+ to the contoso'co! do!ain'
1' Click Start) right,click Computer) and then click Properties'
2' Under Computer name6 domain6 and $orkgroup settings) click Change settings'
<' Bn the Computer )ame tab) click Change'
6' (n the Computer )ame0Domain Changes dialog bo-) under 9ember o) click Domain)
and then type contoso2com'
7' Click 9ore) and in the Primary D)S sui: o this computer bo-) type contoso2com'
#o conigure #CP0IP properties #o 8oin VDP'-C.)# to the contoso2com domain
18
8' Click &5) and then click &5 again'
9' $hen a Computer )ame0Domain Changes dialog bo- appears pro!pting you for
ad!inistratie credentials) proide the CB1+B4BGAd!inistrator credentials) and then
click &5'
=' $hen a Computer )ame0Domain Changes dialog bo- appears *elco!ing you to the
contoso'co! do!ain) click &5'
9' $hen a Computer )ame0Domain Changes dialog bo- appears telling you that the
co!puter !ust be restarted) click &5) and then click Close'
10' Click Restart )o$'
11' "epeat these steps for V#P2,C.1+'
>inally) rollback is a feature in "e!ote #esktop 4erices that reerts all changes !ade by a user
to a irtual !achine *hen the user logs off fro! the irtual !achine'
1' .og on to "#V:,4"V as the CB1+B4BGAd!inistrator user account'
2' Bpen :yper,V Manager' +o open :yper,V Manager) click Start) point to Administrati"e
#ools) and then click +yper-V 9anager'
<' Under Virtual 9achines) right,click "dp'-clnt2contoso2com) and then click Snapshot'
6' Under Snapshots) right,click "dp'-clnt2contoso2com) and then click Rename'
7' +ype RDVCRollback and then press 21+2"'
8' Close :yper,V Manager'
9' "epeat these steps for the V#P2,C.1+ irtual !achine'
Conigure the "irtual machine or Remote Desktop
Ser"ices
Eou can configure the irtual !achine by using $indo*s Po*er4hell' (f you prefer to configure
the irtual !achine !anually) see Appendi- A: Configuring the Virtual Machine Manually in this
docu!ent'
+he $indo*s Po*er4hell script does the follo*ing on the irtual !achine:
2nables "e!ote #esktop
2nables "e!ote Procedure Call %"PC&
Adds selected users to the "e!ote #esktop Users group
Adds the proper "#P,+CP listener per!issions for the "# Virtuali0ation :ost serer
Adds a $indo*s >ire*all e-ception for "e!ote #esktop 4erices
Adds a $indo*s >ire*all e-ception for "e!ote 4erices Manage!ent
"estarts the "e!ote #esktop 4erices serice
#o enable rollback on a "irtual machine
19
+he script is found on the Microsoft +ech1et 4cript Center %http:??go'!icrosoft'co!?f*link?@
.ink(dA1=6=06&'
+o configure the irtual !achine) type the follo*ing co!!ands at the $indo*s Po*er4hell
pro!pt:
1' Set->:ecutionPolicy remotesigned Dorce and then press 21+2"'
2' Conigure-Virtual9achine2ps' DRDV+ost contoso?rd"h-sr" DRD!sers
contoso?mskinner and then press 21+2"'
Step B% Coniguring the Virtual Desktop Pool
(n this step) *e *ill configure the irtual desktop pool' +o do this) you should do the follo*ing:
Add "#$A,4"V to the +4 $eb Access Co!puters security group on "#C;,4"V'
Configure a source on "e!ote #esktop $eb Access %"# $eb Access&'
Configure the irtual desktop pool on the "e!ote #esktop Connection ;roker
%"# Connection ;roker& serer %"#C;,4"V&'
Add V#P1,C.1+ and V#P2,C.1+ to the irtual desktop pool'
>irst) add the co!puter account ob/ect of the "# $eb Access serer %"#$A,4"V& to the +4
$eb Access Co!puters security group on "#C;,4"V'
1' .og on to "#C;,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) and then click Computer 9anagement'
<' 2-pand .ocal !sers and Groups) and then click Groups'
6' "ight,click #S Web Access Computers) and then click Add to Group'
7' Click Add'
8' (n the Select !sers6 Computers6 Ser"ice Accounts6 or Groups dialog bo-) click
&b8ect #ypes'
9' (n the &b8ect #ypes dialog bo-) select the Computers check bo-) and then click &5'
=' (n the >nter the ob8ect names to select bo-) type rd$a-sr" and then click &5'
9' Click &5 to close the #S Web Access Computers dialog bo-'
1e-t) configure a source on the "# $eb Access serer %"#$A,4"V&'
1' .og on to "#$A,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) point to Remote Desktop Ser"ices) and then
click Remote Desktop Web Access Coniguration'
<' Click Continue to this $ebsite ,not recommended-'
#o add RDWA-SRV to the #S Web Access Computers group on RDC;-SRV #o conigure a source on RDWA-SRV
1=
Important
+his guide uses a self,signed certificate for the "# $eb Access serer' 4elf,
signed certificates are not reco!!ended in a production eniron!ent' Eou
should use a certificate that is trusted fro! a certification proider *hen
deploying "# $eb Access in a production eniron!ent'
6' (n the Domain?user name bo-) type C&)#&S&?Administrator'
7' (n the Pass$ord bo-) type the pass*ord that you specified for CB1+B4BGAd!inistrator)
and then click Sign in'
8' Bn the Coniguration page) click An RD Connection ;roker ser"er'
9' (n the Source name bo-) type rdcb-sr" and then click &5'
1e-t) configure the irtual desktop pool on the "e!ote #esktop Connection ;roker
%"# Connection ;roker& serer %"#C;,4"V&'
1' .og on to "#C;,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) point to Remote Desktop Ser"ices) and then
click Remote Desktop Connection 9anager'
<' (n the Actions pane) click Conigure Virtual Desktops Wi*ard'
6' Bn the ;eore <ou ;egin page) click )e:t'
7' Bn the Speciy an RD Virtuali*ation +ost Ser"er page) in the Ser"er name bo-) type
rd"h-sr") click Add) and then click )e:t'
8' Bn the Conigure Redirection Settings page) in the Ser"er name bo-) type rdsh-sr"
and then click )e:t'
9' Bn the Speciy an RD Web Access Ser"er page) click )e:t'
=' Bn the Conirm Changes page) click Apply'
9' Clear the Assign personal "irtual desktop check bo-) and then click =inish'
>inally) add the irtual !achines %V#P1,C.1+ and V#P2,C.1+& to the irtual desktop pool'
1' .og on to "#C;,4"V as CB1+B4BGAd!inistrator'
2' Click Start) point to Administrati"e #ools) point to Remote Desktop Ser"ices) and then
click Remote Desktop Connection 9anager'
<' (n the Actions pane) click Create Virtual Desktop Pool'
6' Bn the Welcome to the Create Virtual Desktop Pool Wi*ard page) click )e:t'
7' Click "dp'-clnt2contoso2com) hold the C+". key) click "dp3-clnt2contoso2com) and
then click )e:t'
8' Bn the Set Pool Properties page) in the Display name bo-) type C&)#&S& Virtual
Desktop Pool' (n the Pool ID bo-) type C&)#&S&CVDP and then click )e:t'
9' Click =inish'
#o conigure the "irtual desktop pool on RDC;-SRV #o add VDP'-C.)# and VDP3-C.)# to the "irtual desktop pool
19
Step /% Veriying Virtual Desktop Pool
=unctionality
+o erify the functionality of the irtual desktop pool deploy!ent) you *ill log on as Morgan
4kinner and connect to the irtual desktop pool by using "e!ote #esktop $eb Access %"# $eb
Access&'
1' .og on to CB1+B4B,C.1+ as Morgan 4kinner %CB1+B4BG!skinner&'
2' Click Start) point to All Programs) and then click Internet >:plorer'
<' (n the Address bar) type https%00rd$a-sr"2contoso2com0RDWeb and then press 21+2"'
6' Click Continue to this $ebsite ,not recommended-'
Important
+his guide uses a self,signed certificate for the "# $eb Access serer' 4elf,
signed certificates are not reco!!ended in a production eniron!ent' Eou
should use a certificate that is trusted fro! a certification proider *hen
deploying "# $eb Access in a production eniron!ent'
7' (n the Domain?user name bo-) type C&)#&S&?mskinner'
8' (n the Pass$ord bo-) type the pass*ord that you specified for Morgan 4kinner) and then
click Sign in'
)ote
(n you receie a pro!pt asking you to install the 9icrosot Remote Desktop
Ser"ices Web Access Control) click Run Add-on) and then click Run'
9' Click Contoso Virtual Desktop Pool) and then click Connect'
=' $hen pro!pted) enter the credentials for Morgan 4kinner) and then click &5'
Eou hae successfully deployed and de!onstrated the functionality of irtual desktop pools by
using the si!ple scenario of connecting to a irtual desktop pool by using "# $eb Access' Eou
can also use this deploy!ent to e-plore so!e of the additional capabilities of irtual desktop
pools through additional configuration and testing'
#o connect to the "irtual desktop pool
20
Appendi: A% Coniguring the Virtual 9achine
9anually
Using the $indo*s Po*er4hell script !entioned in 4tep < of this guide is reco!!ended'
:o*eer) the steps can be co!pleted !anually by doing the follo*ing:
2nable "e!ote #esktop'
Add the user accounts that *ill be using this irtual !achine to the local "e!ote #esktop
Users security group'
Allo* "e!ote "PC'
Create a fire*all e-ception to allo* "e!ote 4erices Manage!ent'
Add per!issions to the "#P protocol'
>irst) you !ust enable "e!ote #esktop'
1' .og on to V#P1,C.1+ as a !e!ber of the local Ad!inistrators group'
2' Click Start) right,click Computer) and then click Properties'
<' Click Remote settings'
6' Under Remote Desktop) click Allo$ connections only rom computers using
Remote Desktop $ith )et$ork .e"el Authentication ,more secure-) and then click
&5'
7' "epeat steps 1 H 6 for the V#P2,C.1+ co!puter'
1e-t) add the user accounts that *ill be using this irtual !achine to the local "e!ote #esktop
Users security group on PV#1,C.1+' (n this guide) *e *ill add Morgan 4kinner'
1' Click Start) and then click Control Panel'
2' Click System and Security) click Administrati"e #ools) and then double,click
Computer 9anagement'
<' 2-pand .ocal !sers and Groups) and then click Groups'
6' "ight,click Remote Desktop !sers) and then click Add to Group'
7' Click Add) and in the Select !sers6 Computers6 Ser"ice Accounts6 or Groups dialog
bo-) type contoso?mskinner and then click &5'
8' Close the Remote Desktop !sers Properties dialog bo-'
1e-t) allo* "e!ote "PC on V#P1,C.1+'
1' .og on to V#P1,C.1+ as a !e!ber of the local Ad!inistrators group'
2' Click Start) and in the Search programs and iles bo-) type regedit2e:e and then press
21+2"'
#o enable Remote Desktop #o add 9organ Skinner to the local Remote Desktop !sers group #o allo$ Remote RPC or Remote Desktop Ser"ices
21
Caution
(ncorrectly editing the registry !ay seerely da!age your syste!' ;efore !aking
changes to the registry) you should back up any alued data on the co!puter'
<' 1aigate to
:I2EJ.BCA.JMAC:(12G4E4+2MGCurrentControl4etGControlG+er!inal4erer'
6' #ouble,click the Allo$RemoteRPC registry entry' (n the Value data bo-) type ' and then
click &5'
7' Close "egistry 2ditor'
8' "epeat steps 1 H 8 for the V#P2,C.1+ co!puter'
1e-t) enable the "e!ote 4erice Manage!ent $indo*s >ire*all e-ception'
1' Click Start) click Control Panel) and then click System and Security'
2' Under the Windo$s =ire$all heading) click Allo$ a program through Windo$s
=ire$all'
<' 4elect the Remote Ser"ice 9anagement check bo-) and then click &5'
>inally) you !ust grant the "#V:,4"V co!puter account per!issions to the "#P protocol on
V#P1,C.1+ and then restart the "e!ote #esktop 4erices serice on V#P1,C.1+' +he "#V:,
4"V co!puter account needs the $(14+A+(B1JKU2"E) $(14+A+(B1J.B5B>>) and
$(14+A+(B1J#(4CB112C+ per!issions on V#P1,C.1+'
1' Click Start) point to All Programs) and then click Accessories'
2' "ight,click Command Prompt) and then click Run as administrator'
<' (f the !ser Account Control dialog bo- appears) confir! that the action it displays is
*hat you *ant) and then click <es'
6' At the co!!and pro!pt) type the follo*ing co!!ands:
wmic /node:localhost RDPERMISSIONS where TerminalName="RDP-Tcp" !""
!dd!cco#nt "contoso$rd%h-sr%&"'(
wmic /node:localhost RD!O)NT where "*TerminalName=+RDP-Tcp+ or
TerminalName=+onsole+, and !cco#ntName=+contoso$$rd%h-sr%&+" !""
Modi-.Permissions /'(
wmic /node:localhost RD!O)NT where "*TerminalName=+RDP-Tcp+ or
TerminalName=+onsole+, and !cco#ntName=+contoso$$rd%h-sr%&+" !""
Modi-.Permissions 0'(
wmic /node:localhost RD!O)NT where "*TerminalName=+RDP-Tcp+ or
TerminalName=+onsole+, and !cco#ntName=+contoso$$rd%h-sr%&+" !""
Modi-.Permissions 1'(
Net stop termser%ice
#o enable the Remote Ser"ice 9anagement Windo$s =ire$all e:ception #o add RDP protocol permissions to a "irtual machine
22
Net start termser%ice
7' .og off the V#P1,C.1+ co!puter' +his is reCuired in order for Morgan 4kinner to log on
to the personal irtual desktop successfully'
8' "epeat steps 1 H 7 for the V#P2,C.1+ co!puter'
2<

Вам также может понравиться