Avatar of USSCITSysAdmins
USSCITSysAdmins asked on

No Hosts in Server Pool

New 2012 RDS Farm has been created and all servers added to Broker but when I try to create a collection none of the Host are listed.  Not sure what the deal is, I created the Broker first and started up 3 new 2012 servers and deployed the Host Role to each new server from the Broker.  All three show up has having the host role but they do not show up in the server pool when I try to create a collection.
Windows Server 2012Remote Access

Avatar of undefined
Last Comment
Philip Elder

8/22/2022 - Mon
Philip Elder

Open Server Manager on the Broker and click All Servers then add all Session Hosts so that they are listed there.

Once in, run the wizard to create the Collection and the RDSH servers should be listed as options.
ASKER
USSCITSysAdmins

After I added them as host servers I had to go back and install the Host Role to them,  they show up now.  Thanks.
ASKER
USSCITSysAdmins

My next issue is trying to figure out how to get them certed with our standalone CA I have created.  I am totally lost on that, lol.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Philip Elder

We normally cert RD Web and Gateway with a trusted third party SSL certificate and generate self-issued certs for the two internal ones. This is done in the console. IIS is used to generate the CSR for the third party cert.
ASKER
USSCITSysAdmins

This is where I am confused.  Since I have no experience in certs and the company wanting to setup a Standalone CA nothing I have read makes sense and I don't understand it very well.  I am having a hard time understanding the idea behind the Farm and the way to cert it so users don't get the annoying cert popup when connecting to the farm.  Since I am in a Jr role the tasks I have been given I want to do to show I can one day move up the ladder but I want to be able to understand what I am doing and not just throwing darts.  I think I get it for a second and then nope something else blows my mind.
Philip Elder

Getting a zero certificate pop-up scenario going is pretty tough in the first place.

We get everything set up with third party for Gateway/Web and internal self-issued for the other two.

We deliver the RD Web URL to Trusted Sites via Group Policy so that all domain joined systems will see the "This is not a public computer" on RDWeb. Once that is ticked, and they log on they will get one certificate prompt that is due to the self-issued cert on the session host they are connecting to. After adding to Trusted Sites and ticking the option on the logon page they then get the option to tick "Don't ask me this question again".

That's all we do because it's really painful to get rid of the second prompt.

A year later, they'll see the prompt again and they know to tick the "Don't ask ... ". Done.

EDIT: BTW, I worked pretty hard at getting the zero cert warning setup going. At the time I didn't have enough upstairs to figure it out either. Now, I think I can do it, but it's not high on the priority list at this time.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
USSCITSysAdmins

Thanks for the help.  This FARM will never be accessed from outside and I guess I will study up on the self-cert and GPO settings since the user only access the system from with in the network.  Maybe I am going the right direction, it just messed up that these are domain joined machines and they should already be seen as trusted but I am not the sharpest tool so there must be a reason for this.

Thank you,
Wade
ASKER CERTIFIED SOLUTION
Philip Elder

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question