Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4092
  • Last Modified:

Help designing RDS on Server 2008 R2

I am working on a project to set up RDS on Windows Server 2008 R2 to serve as a application hosting server.  I have the solution working in a test environment with the TS Gateway taking requests from outside, viewed by the TS Web Access server, which passes the request to the TS Connection Broker, being served by two TS Session Host servers.  My problem now is getting the high availability working.

I would like two identical TS Session Host servers to be served by the TS Connection Broker.  Right now, if I add both servers to the Connection Broker, the identical applications being hosted by the two servers are showing up twice in the web interface.  I need the applications to only show up once and then load balance between the two Session Hosts.

In researching, I see the option of doing DNS round robin as well as the built in NLB into Server 2008 R2.  However, I think this was the solution to the pre-R2 version which didn't have Connection Broker functions.  Now I'm a bit confused as to what options are for what version and how it all fits together.

Ultimately, I want high availability on our Session Hosts.  If having two identical servers is considered legacy design, another solution is acceptable.  
0
NZulli
Asked:
NZulli
  • 3
  • 3
  • 3
  • +1
2 Solutions
 
Cláudio RodriguesCommented:
The Session Broker was there since 2008. It is not a new thing on 2008 R2.
DNS Round Robin or NLB are the way to go.
All explained here:
http://technet.microsoft.com/en-us/library/cc772418(WS.10).aspx

Cláudio Rodrigues
Citrix CTP
0
 
NZulliAuthor Commented:
Ah, I knew I must have been overthinking it or looking at the topology incorrectly.  I have configured the test environment as described in the link you provided.  It seems when the load balance kicks in, I get an error:

"The connection cannot be completed because the remote computer that was reached is not the one you specified.  This could be caused by and outdated entry in the DNS cache.  Try using the IP address of the computer instead of the name."

Any idea what could be causing this?  I have cleared the DNS cache on all related servers and I'm not sure where I should be specifying IP address rather than DN.
0
 
bzwart77Commented:
I get the same problem when the load balancer kicks in, "The connection cannot be completed because the remote computer that was reached is not the one you specified.  This could be caused by and outdated entry in the DNS cache.  Try using the IP address of the computer instead of the name.".
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Cláudio RodriguesCommented:
Does it happen with all OSs (if the client is XP or Vista or Windows 7)?
What if you try to connect using IP addresses instead of FQDN?
Is the time synchronized on all servers (DCs, TSs, etc)?

Cláudio Rodrigues
Citrix CTP
0
 
AaronITCommented:
I to am having the same connection problems. I have verified that all Time\Dates\Timezones are correct and for me it's on Windows 7, XP and W2K3
0
 
Cláudio RodriguesCommented:
Did you configure RDS Web Access to get the apps from the Session Broker and not from each individual TS?

Cláudio Rodrigues
Citrix CTP
0
 
bzwart77Commented:
We had this problem for some time, " This could be caused by and outdated entry in the DNS cache"  it was resolved by a step that I have not seen in any documentation yet.

Go onto each host, select RemoteApp Manager, Select Change RD Sessoin Host Server Settings, Under Connection Settings enter the FQDN of the farm name  in the server name: box.  After this we rebooted our entire enviornment including broker and the issue instantly went away on all computers including Vista - Win 7.  Hope this helps.

Now we are having fun trying to make the SSO work with a farm and certificates.  
0
 
AaronITCommented:
Bzwart.

Good call.  I figure that out. Late last night.  I too am now on your step with the certs.  I was thinkin of trying one o those UC certs.  What have you tried so far?
0
 
AaronITCommented:
Bzwart.

Good call.  I figure that out. Late last night.  I too am now on your step with the certs.  I was thinkin of trying one o those UC certs.  What have you tried so far?
0
 
bzwart77Commented:
Start here,
http://blogs.msdn.com/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

We are testing this using internal Microsoft PKI setup.  This is another poorly documented area on how to configure the Cert.  The key is using a cert with the farm name in the subject field.  For whatever reason this is only discussed in blogs and forums.  See my previous post below.

http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_25158940.html

At this point we are still working on getting this working properly.  We have made some progress however its not 100% yet.  Maybe the best call would be using a 3rd party trusted cert provider like Verisign.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 3
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now