Link to home
Start Free TrialLog in
Avatar of USSCITSysAdmins
USSCITSysAdmins

asked on

No Hosts in Server Pool

New 2012 RDS Farm has been created and all servers added to Broker but when I try to create a collection none of the Host are listed.  Not sure what the deal is, I created the Broker first and started up 3 new 2012 servers and deployed the Host Role to each new server from the Broker.  All three show up has having the host role but they do not show up in the server pool when I try to create a collection.
Avatar of Philip Elder
Philip Elder
Flag of Canada image

Open Server Manager on the Broker and click All Servers then add all Session Hosts so that they are listed there.

Once in, run the wizard to create the Collection and the RDSH servers should be listed as options.
Avatar of USSCITSysAdmins
USSCITSysAdmins

ASKER

After I added them as host servers I had to go back and install the Host Role to them,  they show up now.  Thanks.
My next issue is trying to figure out how to get them certed with our standalone CA I have created.  I am totally lost on that, lol.
We normally cert RD Web and Gateway with a trusted third party SSL certificate and generate self-issued certs for the two internal ones. This is done in the console. IIS is used to generate the CSR for the third party cert.
This is where I am confused.  Since I have no experience in certs and the company wanting to setup a Standalone CA nothing I have read makes sense and I don't understand it very well.  I am having a hard time understanding the idea behind the Farm and the way to cert it so users don't get the annoying cert popup when connecting to the farm.  Since I am in a Jr role the tasks I have been given I want to do to show I can one day move up the ladder but I want to be able to understand what I am doing and not just throwing darts.  I think I get it for a second and then nope something else blows my mind.
Getting a zero certificate pop-up scenario going is pretty tough in the first place.

We get everything set up with third party for Gateway/Web and internal self-issued for the other two.

We deliver the RD Web URL to Trusted Sites via Group Policy so that all domain joined systems will see the "This is not a public computer" on RDWeb. Once that is ticked, and they log on they will get one certificate prompt that is due to the self-issued cert on the session host they are connecting to. After adding to Trusted Sites and ticking the option on the logon page they then get the option to tick "Don't ask me this question again".

That's all we do because it's really painful to get rid of the second prompt.

A year later, they'll see the prompt again and they know to tick the "Don't ask ... ". Done.

EDIT: BTW, I worked pretty hard at getting the zero cert warning setup going. At the time I didn't have enough upstairs to figure it out either. Now, I think I can do it, but it's not high on the priority list at this time.
Thanks for the help.  This FARM will never be accessed from outside and I guess I will study up on the self-cert and GPO settings since the user only access the system from with in the network.  Maybe I am going the right direction, it just messed up that these are domain joined machines and they should already be seen as trusted but I am not the sharpest tool so there must be a reason for this.

Thank you,
Wade
ASKER CERTIFIED SOLUTION
Avatar of Philip Elder
Philip Elder
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial