Adding a Hyper-V RDS 2012 member server to an existing 2012 active directory domain

morrisonit
morrisonit used Ask the Experts™
on
Hi.

I have a customer who currently has a Server 2012 Std. active directory domain. They have purchased software that needs to run as a terminal services based application on a server, but they don't want to purchase any more hardware.

Can someone give me an easy step-by-step guide to install a Hyper-V member server on the existing physical machine and then setup RDS. I have tried but I'm having problems with certificates and user access via RDP to the member server.

Thanks in advance.

Dave.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Mohammed KhawajaManager - Infrastructure:  Information Technology

Commented:
What you need to do is the following:

1.  Remove RDS role from the server
2.  Join it to the domain
3.  Install RDS role
4.  If you have a certificate server then issue certificates for RDS server (if not then you could use self signed certificates, however, you will be prompted each time that the certificate is from an unreliable CA

If you would like additional help then provide more details.

Author

Commented:
Hi Mohammed

The virtual server was joined to the domain first and then had the RDS components installed. Do I need to install all components on the virtual member server or do I need the Licensing server on the physical AD machine? And there has been talk of having to install SQL Express on the AD server?

Author

Commented:
I can connect via RDP from users desktops to the virtual RDS server but only administrators are authorized to login. I can't make the RDS server an active directory member server as RDS won't run on a AD server running 2012. So how do I allow the Remote Desktop Users group to access the RDS server?
Become a CompTIA Certified Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

Mohammed KhawajaManager - Infrastructure:  Information Technology

Commented:
The term Active Directory Member server is misleading as it would imply that it would be a member server in the domain, however, from you added in your comment, it seems like you want to run RDS on a Domain Controller.  RDS is not recommended, supported or functional if you want Domain Users to logon.

if you have one physical server then my suggestion would be to install Windows Server 2012 with Hyper-V role.  Create two VMs where one would be your DC and one would be your RD server.  If you already have a domain in place, then just add the server to the domain and then  get your users to connect via RDS.

Author

Commented:
I think we're missing some salient points here.
The active directory domain is in place and live, running on a physical Server 2012 box. This is not going to get touched and will stay as is.
The customer will not spend money on another physical server.
I have installed the Hyper-V role on the physical server and setup a virtual Server 2012 machine and joined it to the domain.
This virtual machine is not a domain controller, it is just a member server, therefore RDS installs OK.
I want domain users, who authenticate on the physical active directory domain controller, to be able to run RDP sessions on the virtual member server.
How do I get them to have the correct permissions on the member server to do this? The domain administrator(s) can login via RDP with no problem, but I don't intend making the RDP users members of the Administrators group!
Manager - Infrastructure:  Information Technology
Commented:
What you could do is create a group in AD, add your users who need to RDP to this group.  On the RDS server, add the AD group to "Remote Desktop Users" and this will allow your users to be able to connect via Remote Desktop.  This resolves users RDP access.

Having said that, do you want users to have desktop access or published applications?  Refer to following links for more information:

http://blogs.technet.com/b/infratalks/archive/2013/02/06/publishing-remoteapps-and-remote-session-in-remote-desktop-services-2012.aspx
http://thewolfblog.com/2014/02/08/deploying-a-2012-2012r2-remote-desktop-services-farm/
http://thewolfblog.com/2014/02/10/collections-publishing-remoteapp-programs-and-session-desktops-on-rds-2012-2012-r2/

Author

Commented:
Thanks, this seems to have worked. AD users can login to the virtual server using RDP. They will be running a desktop app on the server, so all should be fine.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial