?
Solved

single domain controller with remote desktop role

Posted on 2016-09-29
6
Medium Priority
?
115 Views
Last Modified: 2016-09-30
Dear experts,

One of my customers has a single Windows Server 2012 R2 configured as domain controller with a LOB application installed on it. He needs to add remote desktop role to this server, so 4 users can connect via RDP.

I know this is not supported by Microsoft:
https://support.microsoft.com/en-us/kb/2799605 

But I also know that it have to work. Do you have a real experience with this configuration?


Kind Regards,
Jarda
0
Comment
Question by:Jaroslav Latal
6 Comments
 
LVL 27

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 41822020
That's an old article. It's only applicable to Server 2012, not 2012 R2. That configuration is supported in 2012 R2 (and in 2012 after a particular update is installed, as that article states); it's just not recommended. Having users log on quasi-locally to a domain controller just isn't a great idea from a security perspective.
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41822034
Thanks Dave, can you please send me a link to Microsoft site where it is stated? I cannot find the info.

Regards,
Jarda
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41822060
I had to dig around quite a bit to find it, but I finally did in this Technet blog entry from the early days of 2012 R2:

https://blogs.technet.microsoft.com/enterprisemobility/2013/07/09/whats-new-in-remote-desktop-services-for-windows-server-2012-r2/

Single server RDS deployment including Active Directory. We now support running our RD Connection Broker role service on the same physical instance as an Active Directory Domain Controller.

Also, here's a decent walkthrough for deploying RDS on a 2012 R2 domain controller:

https://ryanmangansitblog.com/2015/02/22/deploying-rds-2012-r2-on-a-domain-controller-the-walk-through-guide/
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 41822201
Do this RIGHT - 2012 R2 allows TWO servers when virtualized.  Virtualize the existing and add a second as an RDS server.  There's almost no excuse for not virtualizing these days - it's NOT new technology - it's been a core feature of Windows for 8 years and well established with VMWare before that.  Do it right.
1
 
LVL 61

Expert Comment

by:Cliff Galiher
ID: 41822723
In full agreement with Lee on this. *NEVER* install RDS on a domain controller.

I can tell you, in no uncertain terms, that it is a terrible experience, things don't work as expected, and you'll end up back here in a month asking things like "I want to hide the admin tools icons from a user when they are logged in" and the answer is "you can't do that."

There is no legitimate reason to do this, and support is only there for a political reason back in 2012...not for a practical "you should do this!" reason (long story, half of it NDA, but I was involved in meetings where it was discussed. Nobody *wanted* to add support back...)
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41823028
Lee, Cliif,

I fully agree with you. But we are talking about small company with 4 users. They don't want to pay for administering 3 servers.

I am betting that users do not have permission.

Dave: thanks a lot for link.


Regards,
Jarda
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question