Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

single domain controller with remote desktop role

Posted on 2016-09-29
6
Medium Priority
?
91 Views
Last Modified: 2016-09-30
Dear experts,

One of my customers has a single Windows Server 2012 R2 configured as domain controller with a LOB application installed on it. He needs to add remote desktop role to this server, so 4 users can connect via RDP.

I know this is not supported by Microsoft:
https://support.microsoft.com/en-us/kb/2799605 

But I also know that it have to work. Do you have a real experience with this configuration?


Kind Regards,
Jarda
0
Comment
Question by:Jaroslav Latal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 27

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 41822020
That's an old article. It's only applicable to Server 2012, not 2012 R2. That configuration is supported in 2012 R2 (and in 2012 after a particular update is installed, as that article states); it's just not recommended. Having users log on quasi-locally to a domain controller just isn't a great idea from a security perspective.
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41822034
Thanks Dave, can you please send me a link to Microsoft site where it is stated? I cannot find the info.

Regards,
Jarda
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41822060
I had to dig around quite a bit to find it, but I finally did in this Technet blog entry from the early days of 2012 R2:

https://blogs.technet.microsoft.com/enterprisemobility/2013/07/09/whats-new-in-remote-desktop-services-for-windows-server-2012-r2/

Single server RDS deployment including Active Directory. We now support running our RD Connection Broker role service on the same physical instance as an Active Directory Domain Controller.

Also, here's a decent walkthrough for deploying RDS on a 2012 R2 domain controller:

https://ryanmangansitblog.com/2015/02/22/deploying-rds-2012-r2-on-a-domain-controller-the-walk-through-guide/
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 41822201
Do this RIGHT - 2012 R2 allows TWO servers when virtualized.  Virtualize the existing and add a second as an RDS server.  There's almost no excuse for not virtualizing these days - it's NOT new technology - it's been a core feature of Windows for 8 years and well established with VMWare before that.  Do it right.
1
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 41822723
In full agreement with Lee on this. *NEVER* install RDS on a domain controller.

I can tell you, in no uncertain terms, that it is a terrible experience, things don't work as expected, and you'll end up back here in a month asking things like "I want to hide the admin tools icons from a user when they are logged in" and the answer is "you can't do that."

There is no legitimate reason to do this, and support is only there for a political reason back in 2012...not for a practical "you should do this!" reason (long story, half of it NDA, but I was involved in meetings where it was discussed. Nobody *wanted* to add support back...)
0
 
LVL 7

Author Comment

by:Jaroslav Latal
ID: 41823028
Lee, Cliif,

I fully agree with you. But we are talking about small company with 4 users. They don't want to pay for administering 3 servers.

I am betting that users do not have permission.

Dave: thanks a lot for link.


Regards,
Jarda
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question