terminal server 2012


we need to install a virtual server in a datacenter for a customer. this customer wants to work with 8 users on this machine.

so we need to install terminal server. but if i run the terminal server setup he says he need a domain.

is this needed? and can this domain controller be the same server? the client rents only one server.
Rik Van LierCEOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Yes, you do need a domain.  What you could do is create another VM as a DC for that environment.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
The domain doesn't have to be a real domain but it REALLY makes things easier but to manage the remote desktop you really need it to be a domain.  You can fudge it but a lot of the tools will NOT work and server manager will not work.  They should be using Server 2012 Essentials as that will save the cost of CALS and also give them a domain for free (managed by microsoft)
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Microsoft is really pushing the domain config but you can have a completely workable remote desktop / terminal server while just being a standalone workgroup server. I have experience with building a handful of 1-off small 2012 RDP servers with no domain. There are really only a few annoyances, no show stoppers.  I had to use local group policy (gpedit.msc) to set all of my terminal server settings because the snap-in GUI tools are only on domain joined machines. That is just a slight inconvenience. All settings are easy to find and edit in group policy.  The other issue was being able to shadow / remote control another user's RDP session. But I wrote a 1-line batch file and saved it as a shortcut to allow me to shadow a user easily. So with those areas covered, I found no other stumbling points of not being on a domain.  Yes, there are rich features you won't have access to on just a workgroup.  But there are cases where being on a domain just isn't feasible, I don't know why Microsoft cut out this stuff from workgroup mode....answer is probably $$$ driven.
Rik Van LierCEOAuthor Commented:
ok i have installed a second server. installed AD on this and created a new forest.

then on the client server i also installed AD and created a child domain.

now the same client need terminal server like a Original asked. do i need to install terminal server on the client server or do i install this also on the DC controller?
You should have just joined your 2nd machine to the domain you  created on the first server, not added a child domain.
Then you'd just add terminal server (aka remote desktop) roles onto the 2nd server. 2nd server only needs to be joined to a domain, not a domain controller itself (in fact MS frowns upon terminal servers being DCs).

This is a nice walk-through: (do this on 2nd server)
Rik Van LierCEOAuthor Commented:
ok i understand but the client server cannot use the same domainname as the dc controller.

thats why i tought lets create a child domain. so the client has his own domainname and i can control it from the dc controller.

even when another customer buys a server a can create a second child domain and use that. so i do not need to add Always a dc controller.

or do i see this wrong. how would you do this?

and  thanks for the walktrough! i will use that!
So a domain controller is on your own site and the child domain server is at their site? I guess it depends on your setup.
I don't have a clear picture of what your topology is.  The way we interact with our clients, that setup wouldn't work for me. But it depends on your business / needs. Your setup sounds like it would work. But, you're better off not putting remote desktop server roles on a domain controller. So ideally a customer would have a remote desktop server and a domain controller (2 separate servers). Your parent DC would be a 3rd machine in that scenario.

So maybe I can see why David Johnson offered up the 2012 Essentials solution.
David Johnson, CD, MVPOwnerCommented:
client server cannot use the same domainname as the dc controller.
First a lesson: use industry standard terminology
A member server cannot use the same computer name as any other computer in the domain

thats why i thought lets create a child domain. so the client has his own domainname and i can control it from the dc controller.

every domain requires at least 1 domain controller.. you can add a distinct domain to your forest.. A good explanation of Forest and Trees and Active Directory

you can add domains to your forest, a forest with only 1 domain then domain and forest are the same,

Normally one would want to have two way transitive trust between the various domains and the forest root
Forests can also be defined as:
Collections of Domain Containers that Trust Each Other
Units of Replication
Security Boundaries
Domain ForstUnits of Delegation

There is a problem with your setup. you have 2 companies that buy/rent servers from you these companies may be competitors of each other, but either way, each company wants their data to be THEIR data no outsider should be able to access this data EVER.  So each should be totally distinct and if you need to manage then you are given an administrators account that they control in order to manage on their behalf.
This is one of the links I've personally used to step thru a remote desktop install in 2012

Rik Van LierCEOAuthor Commented:
the Server 2012 Essentials is also no option as this is a domain controller and then i also need to install a second server. also classic terminal server is nog allowed at an essential server.

so i installed a second domeincontroller. and then i installed terminal server on the client server using the walktrough of


but when i want to login with a client username and password we get the fault that the user is not member of the Remote desktop services....

The group remote desktop services contains the group domain users. so she is in that group...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.