Windows Server 2008 R2: Remote Desktop Services Component Architecture

ll O ll O
ta ta

rd
rd
Acronyms Remote Desktop Session Host Remote Desktop Virtualization Host

Ins
Ins
1 Remote Desktop Services Architecture 3

er
er
An RD Session Host server hosts Windows-based programs or the full Windows desktop for Remote Remote Desktop Services provides a virtualization platform for accelerating and extending desktop and application deployments from the data center to any device. It provides Understanding Remote Desktop Virtualization Host
AD DS Desktop Services clients. Users can connect to an RD Session Host server to run programs, to save files, an extensible platform for a Virtual Desktop Infrastructure. Remote Desktop Virtualization Host is a new Remote Desktop Services role service included with Windows Server 2008 R2. RD Virtualization Host integrates with Hyper-V to provide virtual
Active Directory Domain Services and to use network resources on that server. Users can access an RD Session Host server by using RD machines that can be used as personal virtual desktops or virtual desktop pools. User accounts can be assigned a unique personal virtual desktop or be redirected to a virtual desktop pool
Connection Broker, RD Web Access, or RemoteApp and Desktop Connection. RD Session Host RD Virtualization Host Personal Virtual Desktop where a virtual desktop is dynamically assigned. RD Virtualization Host is an essential component to the VDI solution offered by Microsoft.
APP-V Enumerating programs and desktops for users Hosts centralized RemoteApp programs Hosts centralized virtual desktops using servers
and session-based desktops. running Hyper-V. Dedicated, exclusive virtual RD Connection Broker An RD Virtualization Host server
Application Virtualization RD Session Host RD Session Host App-V for RDS 1 Client queries and enumerates RemoteApp desktop per user An RD Connection Broker server is has the following functions:
server farms App-V for RDS provides programs, session-based desktops, and virtual Required RDS infrastructure used for coordinating the availability of
CAL Monitoring virtual desktop sessions
RemoteApp programs a method to stream and desktops. Remote Desktop virtual desktops for users and ensuring and reporting these sessions to the RD Virtualization Host
You can use a load- RD Session Host server running in redirection
client access license balanced RD Session When a user accesses a RemoteApp program isolate applications to RemoteApp Connection client mode that a virtual machine is running RD Connection Broker server. configuration
Host server farm to on an RD Session Host server, the program RD Session Host 2 RD Web Access queries for RemoteApp programs, programs before a user connection is To deploy personal virtual
GPU An RD Session Host server running in Preparing the virtual machine for a
scale the runs on the server. Each user sees only their servers. They can be session-based desktops, and virtual desktops from redirection mode redirects an RDP client
established. Remote Desktop connection when desktops, the schema for the
performance of a individual session. The session is managed published directly to the the RD Connection Broker server. Session-based When using more than one RD requested by the RD Connection Active Directory forest must be
graphics processing unit single RD Session client computer. This Virtual Desktop Pool connection to a virtual machine.
Virtualization Host server, the RD at least Windows Server 2008.
transparently by Remote Desktop Services desktops Broker server.
reduces the need to set Connection Broker server also Ensure that the RD Virtualization
MSI Host server by and is independent of any other client session.
up multiple isolated 3 If using a personal virtual desktop, the assignment is Shared, identical virtual determines which RD Virtualization Host server meets the Hyper-V
distributing Remote verified by using AD DS. desktops for users Users requesting connection or reconnection to
Microsoft Installer Package Desktop Services server farms. virtual desktops Host server to use. installation prerequisites.
sessions across Session-based AD DS RD Virtualization The RDS Connector for VMM You cannot install Windows
RDC multiple servers. desktops 4 RemoteApp programs and session-based RD Session Host enables Remote Desktop Server 2008 R2 on a virtual
desktops are aggregated from multiple RD Host
Remote Desktop Connection D RD Web Access Services in Windows Server machine and add it to a
App-V Session Host servers. Website with RemoteApp 2008 R2 to use the virtual Virtual personal virtual desktop or
machine dynamic placement virtual desktop pool.
RDS applications programs and virtual desktops desktops
5 For Windows 7 computers, icons are presented RD Gateway
capabilities of SCVMM 2008 R2
for personal virtual desktops by
Remote Desktop Services on the Start menu for RemoteApp programs, 4 3 User requests remote access enabling communication
RDP Remote Desktop session-based desktops, and virtual desktops. RD Session Host server from the Internet between an RD Connection
Session Host For computers not running Windows 7, the running in Broker server and a VMM server. RD Connection Broker
When the RD Virtualization Host role service is installed, Server Manager checks
Remote Desktop Protocol icons are available by using RD Web Access. redirection mode to see if Hyper-V is installed. If Hyper-V is not installed, Server Manager will RD Virtualization Host
install it.
RD Connection Broker RD Connection Broker
Remote Desktop Connection Broker C Personal virtual desktops and virtual desktop pools
A Remote Desktop license
We recommend installing the RD server is required to implement Microsoft VDI stores and runs desktop workloads including a Windows client operating system, applications, and data in a virtual machine running on a Hyper-V server. In Windows Server 2008
RD Gateway Connecting to RemoteApp programs or session-based desktops ConnectionC Broker role service and
Remote Desktop Services. R2 we support two VDI deployment scenarios: personal virtual desktops and virtual desktop pools. These two scenarios present two different models of assigning virtual machines to end users.
Remote Desktop Gateway the RD Session Host server running in
Additional Remote A Client connects to RemoteApp programs or redirection mode on the same server. When delivering your own VDI architecture, it is important to understand the following considerations:
RD Session Host Desktop Services session-based desktops. Tools to assist with application RD Virtualization Host RD Virtualization Host
infrastructure The same Hyper-V server can be used to deploy personal virtual desktops and virtual desktop pools.
and virtual machine
Remote Desktop Session Host components management Administrators can minimize the servicing of virtual desktops for both personal virtual desktops and virtual
RD Web Access RD Connection Active Directory RD Gateway desktop pools by separating the user state from the image. You can separate the user state from the image Virtual
RD Virtualization Host Broker Domain Services Connecting a client computer to a virtual desktop 2 B E Personal by using roaming user profiles and folder redirection.
virtual Applications may be managed outside the image by using App-V.
desktop
Remote Desktop Virtualization Host Application Virtualization for pools
Deliver A User requests a connection to a virtual desktop. desktops
RD Web Access RD Web Access RD Gateway Remote Desktop Services 4.6 When delivering your own VDI architecture, it is important to understand the following requirements:
Remote Desktop Web Access A virtual machine cannot be both a member of a virtual desktop pool and assigned to a user as a personal virtual
Session-based desktops delivery RemoteApp programs delivery B The RDP over HTTPS connection request is routed desktop.
ROI An RD Session Host server can deliver a user through the RD Gateway server to the RD Session
Virtual desktops can only use Windows client operating systems.
desktop session to any designated user in the RemoteApp enables administrators to make
Host server running in redirection mode.
Return On Investment network. programs that are accessed remotely through an
SP1 RD Session Host configuration RD Session Host server appear as if they are C The RD Session Host server running in redirection Personal virtual desktops Virtual desktop pools
running on the client computer. Instead of being mode informs the RD Connection Broker server
Service Pack 1 Configure Network Level Authentication presented to the user in the desktop of the RD that a virtual desktop is needed and waits for the RD Session Host
for the RD Session Host server Session Host server, the RemoteApp program is or Personal virtual desktops are virtual machine-based, centralized desktops for individual users Virtual desktop pools provide virtual machine-based, centralized desktops based on a pool of
SCVMM IP address of the virtual desktop. RD Virtualization Host and are provisioned from the RD Virtualization Host server. virtual machines that are shared by multiple users.
integrated with the client computer.
Configure the Remote Desktop Users
Corporate Perimeter

RDP/HTTPS
System Center Virtual Machine Manager One virtual desktop is assigned to each user. All images share the same operating system and configuration.
group to give users and groups Install the RD Session Host role service on the D The RD Connection Broker server orchestrates the network network App-V simplifies management A virtual machine can be a member of only one virtual desktop pool at a time.
permissions to remotely connect designated server before installing any virtual desktop and returns connection information to 1 5 A F A of virtual desktops and Dedicated virtual desktops allow administrative privileges.
SSE2 applications that will need to run as RemoteApp A virtual desktop is persistent and customizable. If rollback is enabled, changes to the virtual desktop are discarded when the user logs off.
Configure an RD Session Host server running the RD Session Host server running in redirection mode. applications. By using App-V
Streaming SIMD Extensions 2 programs. with Remote Desktop Services, User state is not discarded if the user state and data is stored outside of the virtual desktop.
Windows Server 2008 R2 to use at least one RD Virtualization Host
E The RD Session Host server running in redirection mode

HTML/HTTPS
Remote Desktop license server you can: Applications can either
SLAT Install related applications, or applications that sends the client computer a redirection packet containing be installed in the base
Remote Desktop Connection client configuration have dependencies on other local applications, Internet Increase server farm ROI by Provision a personal virtual Assign the virtual desktop to a Temporarily assign a virtual desktop from
Second-Level Address Translation on the same RD Session Host server. the IP address of the virtual desktop and any connection consolidating servers. desktop domain user account the virtual desktop pool to the user image for all users or
The RD Session Host server can be configured so
that users connecting to a remote session can use information. Minimize application can be provisioned with
SSL Deploy applications on separate RD Session conflicts and regression App-V.
some of the following functionality: Host servers in the following scenarios: F The client computer connects to the virtual desktop.
Secure Sockets Layer testing.
Audio recording redirection Applications have compatibility issues that Full-Fidelity user experience Accelerate application
VDI Windows Aero experience affect other programs.
deployment.
Resource intensive applications that could Bi-directional Windows Media Player Multiple monitor RemoteFX
Virtual Desktop Infrastructure Remote computer’s audio and video affect performance when running multiple audio redirection support Reduce deployment risk.
playback redirection instances on the same server. Users can access the
V-GPU Start Simplify profile management.
personal virtual
virtual graphics processing unit Enhanced functionality Simplify base images with desktop by using
Accessing RemoteApp programs Client requirements for dynamic application RemoteApp and RD Virtualization Host
VMM accessing RemoteApp programs provisioning to clients. Desktop Connection or AD DS
Users access RemoteApp programs in the Remote Desktop Connection RD Web Access.
Virtual Machine Manager following ways: To access RemoteApp programs, Minimize application Remote Desktop A virtual desktop pool is a
the client computer must be client duplication. Connection client Remote Desktop group of identically configured
Remote Desktop Protocol (.rdp) file running at least RDC 6.1. Connection client virtual machines on an RD
RD Web Access Web portal To access RemoteApp programs, Virtualization Host server. Users
RemoteApp And Desktop Connection the client computer must be Redirect user data can access the virtual
by using the Windows 7 Start menu running either Windows 7, Redirect user data machines in a virtual desktop
Windows Vista with SP1, or All user data and profile information can be pool by using RemoteApp and
Windows XP with SP3. stored on the personal virtual desktop, or the Use roaming profiles and folder Desktop Connection or RD Web
To access RemoteApp and Desktop profiles and folders can be redirected. redirection to centrally manage Access.
Remote Desktop Connection through the Start menu File server user data and settings. File server
Connection client requires Windows 7.

ll O ll O ll O ll O
ta ta ta ta
rd

rd
rd

rd
Remote Desktop Web Access Remote Desktop Gateway Microsoft RemoteFX
Ins

Ins
Ins

Remote Desktop Connection Broker

Ins
Remote Desktop Licensing 2 4 5 6
er

er
er

er
Remote Desktop Licensing manages the Remote Desktop Services client access licenses and VDI Suite Remote Desktop Connection Broker provides a single, personalized, and aggregated view of RemoteApp A Remote Desktop Web Access server provides users with a customizable web portal for accessing session- Microsoft RemoteFX delivers a rich user experience for VDI by using graphics processing units
programs, session-based desktops, and virtual desktops to users. RD Connection Broker supports load based desktops, virtual desktops, and RemoteApp programs. The Remote Desktop Gateway role service in Windows Server 2008 R2 enables compatible devices to that are present on the server and shared across multiple virtual desktops.
licenses that are required for each device or user to connect to session-based desktops, RemoteApp programs, securely connect over the Internet to RD Session Host servers or RD Virtualization Host servers behind
or virtual desktops. balancing and reconnection to existing sessions on virtual desktops, session-based desktops, and RemoteApp RemoteFX contains the following elements:
programs. Remote Desktop Connection Client connection options a corporate firewall. Network resources can be any authorized session-based desktops, RemoteApp
When a client connects to an RD Session Host server, the RD Session Host server determines if a license is programs, or virtual desktops. Host-side V-GPU rendering and capture for 3D Generic USB redirection
needed. The RD Session Host server then requests an RDS CAL or VDI Suite license from a Remote Desktop Client queries an
Connect by using a web browser Improved encode/decode within RDP Enablement of ultra-thin client types
Active Directory RD Web Access RD Gateway RD Session Host Connect using a web browser by signing into the
license server on behalf of the client. If an appropriate license is available from a license server, the RDS CAL or RD Session Host server farm RD Web Access
VDI Suite license is issued to the client, and the client will be able to connect to the session-based desktop, Domain Services (optional) (optional) RD Web Access website. In this case, a computer
server over HTTPS RemoteFX for RD Session Host
RemoteApp program, or virtual desktop. Users can connect to that is running Windows 7 is not required. RD Gateway uses the RDP over HTTPS to establish a
RemoteFX for RD Virtualization Host
RD Gateway is not new or established RemoteFX enables: RemoteFX enables:
required - except RemoteApp and Internet Explorer secure, encrypted connection between remote users
Each user or device that connects to the sessions in a load-
Desktop Connection web browser Connect by using RemoteApp and Desktop on the Internet and the internal network resources Rendered rich 3D content by using a Improved encode/decode that improves
Client connects to virtual desktop Remote Desktop for access from balanced RD Session Connection virtualized GPU with Windows 7 Enterprise
RD Session Host server must have its the Internet. on which their production applications run. efficiency and user experience
own license. Connection client Host server farm. with SP1 or Windows 7 Ultimate with SP1
All resources will show up in the Start menu under Remote Desktop RDP Ultra-thin client support
5 Required RDS All Programs in a folder called RemoteApp and Generic USB redirection
Active Directory Domain Services must Connection client RemoteFX support requirements:
Remote Desktop be installed for Per User licensing. The infrastructure RD Web Access Desktop Connections. A computer running Improved encode/decode that improves

RDP / HTTPS
Connection RD Session Host server queries AD DS
RD Connection Broker Connect to... RD Web Access enables the following: Windows 7 is required. Perimeter RD Session Host efficiency and user experience Optional dedicated RemoteFX encode
for the license assigned to the user. Ultra-thin client support hardware
RD Connection Broker connects or reconnects a NEW session-based Access to RemoteApp programs, session- Remote Desktop Connection webpage External network Internal Session-based desktops
client computer to either a session-based desktop, desktops or RemoteApp based desktops, and virtual desktops from A user can view all RemoteApp programs and firewall firewall and RemoteFX support requirements: SSE2-capable processor in the RD
1 Client requests license virtual desktop, or RemoteApp program. programs the RD Web Access website.
2 Request license for client virtual desktops published to that user. (Port 443 OPEN)
RD Gateway (Port 3389 OPEN)
RemoteApp programs
GPU in the RD Virtualization Host server Session Host server
The RD Connection Broker server stores Display resources from more than one
the following session state information: farm, or a combination of farm and X for 3D rendering
RemoteApp Reconnect to...
Client receives license 4 Remote Desktop license programs Session IDs individual servers. Optional dedicated RemoteFX encode
server issues license 3 EXISTING session-based hardware
Session-based User names
desktops or RemoteApp
Filter the view on a per-user basis so that each user RemoteApp Users only enter their user name and RDP
SLAT-capable processor in the RemoteFX
desktops Name of the RD Session Host programs sees only the authorized programs. programs password once when connecting to a
RemoteApp program by using RD Internet server
Client connects to server where each session resides Web Access. For redundancy and
5 session-based desktop RD Session Host Group Policy can assist in the
load-balancing, RD
Connect to... Gateway can be
RD Session Host Remote Desktop license server RD Connection Broker deployment of RemoteApp programs configured as a cluster.
Virtual desktops RD Connection Broker connects or reconnects a RD Connection Broker for enterprise-sized businesses. RD Virtualization
There is a licensing grace To use Remote Desktop Services, you must have at least one license server. For RemoteFX-enabled
period (120 days) during small deployments, the RD Session Host role service and the RD Licensing role client computer to either a personal virtual NEW virtual desktops The RD Connection Broker server RD Gateway configuration Host
desktop or a virtual desktop pool. authenticates the user and retrieves a list Session-based For enterprise deployments, the RD Install the RD Gateway role service. Virtual desktops virtual desktops by
which no license server is service can be on the same computer. For larger deployments, it is recommended
required. of all RemoteApp programs, session- desktops Web Access server can be installed using RDP
that the RD Licensing role service be installed on a separate computer from the RD
RD Session Host server running in redirection Obtain and configure an SSL-compatible X.509 certificate
Session Host role service. based desktops, and virtual desktops and on a front-end web server to service
mode Reconnect to... multiple RD Session Host servers on on the RD Gateway server. RDP
presents it to the RD Web Access server.
In a VDI environment, the RD Session Host server the back end. Create a Remote Desktop connection authorization policy RemoteFX integrates with RDP,
Microsoft Virtual Desktop Infrastructure Licensing running in redirection mode communicates with EXISTING virtual desktops (RD CAP). which enables shared encryption,
For VDI implementations, the following options are available: the RD Connection Broker server. Personal virtual desktops and virtual Create a Remote Desktop resource authorization policy authentication, management, and Remote Desktop
Virtual RDP
VDI Standard Suite desktop pools are hosted on the RD
(RD RAP). device support. Connection client
desktops Virtualization Host server.
The VDI Standard Suite is for deploying the basic infrastructure for VDI. Hyper-V Server 2008 R2 provides the Configure the RDC client to use RD Gateway. Client access RemoteFX supports a range of client devices including rich clients, thin clients, and
An RD Session Host server running in redirection mode is not available to publish RD Session Host RD Virtualization Host The RD Virtualization Host server can Client computers that
virtualization platform; management of the virtual infrastructure is provided by system center components. RemoteApp programs or host new remote sessions. be configured so that each user in
ultra-thin clients.
have Remote Desktop
VDI Premium Suite When a user requests connection to a virtual machine, the RD Session Host server
RD Virtualization Host
Assigned Assigned the organization is assigned to a enabled The software client is part of Remote Desktop Connection that is included with
The VDI Premium Suite is for customers wanting additional flexibility from their VDI environment. It includes all
running in redirection mode queries the RD Connection Broker server. session-based personal virtual unique virtual desktop, or are Users can securely access session-based desktops, Windows client and server operating systems and Windows Embedded.
The RD Connection Broker server provisions a virtual machine for the user and returns desktops and desktops and redirected to a virtual desktop pool RemoteApp programs, and virtual desktops from the Internal An RDP client with RemoteFX can run as software or by using a RemoteFX hardware
of the VDI Standard Suite options, including unrestricted Remote Desktop Services, enabling customers to connection details to the RD Session Host server running in redirection mode. RemoteApp virtual desktop where a virtual desktop is network
deliver both session-based desktops and virtual desktops. The server then redirects the RDP client to connect to the appropriate virtual machine. programs pools dynamically assigned. Internet. decoder.

© 2007 Microsoft Corporation. Microsoft, Active Directory, Hyper-V, Windows, Windows 7 and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All rights reserved. Other trademarks or trade names mentioned herein are the property of their respective owners. Author: Martin McClean with contributions from Brian Lich and Thomas Willingham (Microsoft Windows Server Information Experience Team, Redmond WA email: rdsua@microsoft.com)