Solved

single domain controller with remote desktop role

Posted on 2016-09-29
6
49 Views
Last Modified: 2016-09-30
Dear experts,

One of my customers has a single Windows Server 2012 R2 configured as domain controller with a LOB application installed on it. He needs to add remote desktop role to this server, so 4 users can connect via RDP.

I know this is not supported by Microsoft:
https://support.microsoft.com/en-us/kb/2799605 

But I also know that it have to work. Do you have a real experience with this configuration?


Kind Regards,
Jarda
0
Comment
Question by:Jaroslav Latal
6 Comments
 
LVL 26

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 41822020
That's an old article. It's only applicable to Server 2012, not 2012 R2. That configuration is supported in 2012 R2 (and in 2012 after a particular update is installed, as that article states); it's just not recommended. Having users log on quasi-locally to a domain controller just isn't a great idea from a security perspective.
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41822034
Thanks Dave, can you please send me a link to Microsoft site where it is stated? I cannot find the info.

Regards,
Jarda
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41822060
I had to dig around quite a bit to find it, but I finally did in this Technet blog entry from the early days of 2012 R2:

https://blogs.technet.microsoft.com/enterprisemobility/2013/07/09/whats-new-in-remote-desktop-services-for-windows-server-2012-r2/

Single server RDS deployment including Active Directory. We now support running our RD Connection Broker role service on the same physical instance as an Active Directory Domain Controller.

Also, here's a decent walkthrough for deploying RDS on a 2012 R2 domain controller:

https://ryanmangansitblog.com/2015/02/22/deploying-rds-2012-r2-on-a-domain-controller-the-walk-through-guide/
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 41822201
Do this RIGHT - 2012 R2 allows TWO servers when virtualized.  Virtualize the existing and add a second as an RDS server.  There's almost no excuse for not virtualizing these days - it's NOT new technology - it's been a core feature of Windows for 8 years and well established with VMWare before that.  Do it right.
1
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 41822723
In full agreement with Lee on this. *NEVER* install RDS on a domain controller.

I can tell you, in no uncertain terms, that it is a terrible experience, things don't work as expected, and you'll end up back here in a month asking things like "I want to hide the admin tools icons from a user when they are logged in" and the answer is "you can't do that."

There is no legitimate reason to do this, and support is only there for a political reason back in 2012...not for a practical "you should do this!" reason (long story, half of it NDA, but I was involved in meetings where it was discussed. Nobody *wanted* to add support back...)
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41823028
Lee, Cliif,

I fully agree with you. But we are talking about small company with 4 users. They don't want to pay for administering 3 servers.

I am betting that users do not have permission.

Dave: thanks a lot for link.


Regards,
Jarda
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my previous 24 VMware Articles (http://www.experts-exchange.com/ARTH_1864316.html?arthOrderBy=3&arthSort=1#arth), most featured Intermediate VMware Topics. My next series of articles concentrated on topics for the VMware Novice;   If you would…
Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question