Deploying Windows 2016 Terminal Services help needed

So, first, you'll *REALLY* want to set up a lab.  Microsoft re-architected RDS significantly in 2012.  Things you knew no longer apply.

1) You can transfer licenses, yes, as long as you have the necessary info.

2) You want *two* connection brokers.  Your load balancers will balance between those two things.  They will, in turn, handle redirecting connections to the various session hosts (which are divided into one or more "collections" in 2012.)

3) RDWA is optional, but useful. It is used not just to present a web interface for selecting session collections, but is also used to present an XML feed for group policy based distribution or modern app feed subscriptions.

4) RDSH is the core for a session based deployment.  It is the actual environment users end up logging into.

5) RDGateway should be set up if you want to allow access externally.  It tunnels RDP traffic over 443 and handles external authentication in a secure way.  Again, you may be load balancing across multiple gateways for highly available external access.

---

Take note, Microsoft has recently(ish) announced their "modern infrastructure" design plan.   You can find blog posts and an ignite session on it, and shifts much of the infrastructure requirements to Azure as well as Azure AD support (much needed IMO) so depending on your timeline, that is worth keeping an eye on.  

-Cliff

So if i was using an external LB then the flow would be this?

• user connects LB
• LB redirects user to one of the connection brokers
• Connection broker then connects the user to a RDSH server that's in the farm

A few more questions

• Since I am using an external LB for load balancing/HA. Is it necessary to configure HA within the connection brokers?
• Can I start the farm with 1 Broker and 1 RDSH and then add more later?

Thanks, very helpful information

In regards to collections

• Can 2 different CB point to the same collection?
• Can the same servers be in 2 different collections?

For the first, yes, but that'd be unusual. You'd usually only have one CB... Or two configured for HA. When configured for HA, they share a SQL database so they effect Tibet share their entire configuration. You don't configure them individually.

For the second, no. A server is a member of a single collection.

Thanks, if we add another CB we will be using an external LB between the 2 so configuring HA for the 2 CB will prob be overkill.

So if i understand everything correctly, If i end with 6 servers in 1 farm, This will be the outcome

• 2 will be CB,  
• 4 will be RDSH,
• 2 of RDSH will be in 1 collection for the 1st CB
• Remaining 2 RDSH will be in another collection for the 2nd CB.

While it's not a supported solution (searching online) I see that it is possible to run with just the licensing and RDSH portion. It technically will not be a farm and  management tools will be missing since there is no more TSADMIN.  But I can use the LB and round robin users to different RDS servers

You'd have issues. Speaking of, overkill or not you'd have issues running two CB without configuring HA. Since they'd be unaware of each other resources would be misallocated and potential issues with licensing and profiles as well.

Configuring HA is trivial. Configure it right the firat time and you won't have problems down the road. Advice applies to running tow connection brokers or none. Just  stick to the supported scenarios. The management overhead and the troubleshooting effort just kills any benefit from breaking outside that box.

Yes, you should still set up HA for the connection brokers.

thanks for all the help