Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Updated: May 6, 2010

Applies To: Windows Server 2008 R2

A failover cluster is a group of independent computers that work together to increase the availability of applications and services. The clustered servers (called nodes) are connected by physical cables and by software. If one of the cluster nodes fails, another node begins to provide service (a process known as failover). Users experience a minimum of disruptions in service.

This guide describes the steps for configuring Remote Desktop Connection Broker (RD Connection Broker) in a failover cluster, as part of a configuration that provides users with access to personal virtual desktops or virtual machines in a virtual desktop pool through RemoteApp and Desktop Connection. To configure RD Connection Broker in this way, you start with a server that can act as an RD Session Host and RD Connection Broker, configure that server as a one-node failover cluster, then add additional servers (configured in the same way) to the cluster. This can increase the availability of the access you provide to users.

As you work with the configuration in this guide, you can also learn about failover clusters and familiarize yourself with the Failover Cluster Manager snap-in in Windows Server® 2008 R2 Enterprise or Windows Server 2008 R2 Datacenter.

Note

The failover cluster feature is not available in Windows Web Server 2008 R2 or Windows Server 2008 R2 Standard.

For information about the features and functionality in Remote Desktop Services and in failover clustering in Windows Server 2008 R2, see the following topics:

Overview of Remote Desktop Services and virtual machine redirection in the context of a failover cluster

By using the steps in this guide, you can provide users access to personal virtual desktops or virtual machines in a virtual desktop pool, through RemoteApp and Desktop Connection. This is called virtual machine redirection. You can provide virtual machine redirection by configuring a server with specific role services and settings that are available through the Remote Desktop Services server role (as described in Role, role services, and feature requirements for a failover cluster that supports virtual machine redirection, later in this topic). Then, to increase the availability of the services that you are providing, you configure that server as a one-node failover cluster and add more servers (configured with the same role services and settings) to the failover cluster. If one of the servers fails or must be taken offline for maintenance, another server begins to provide service through a process known as failover.

The following illustration shows a failover cluster with a clustered instance of RD Connection Broker. Node 1 and Node 2 are connected by multiple networks. Node 1 has failed, and Node 2 has begun running the clustered instance of RD Connection Broker. Node 2 is also running RD Session Host, although not as part of a cluster. When Node 1 recovers from the failure, it will also be able to run RD Session Host. In other words, even if one node fails, RD Session Host and RD Connection Broker continue to be available.

Figure 1   Failover of clustered RD Connection Broker

Although it is not called out in the previous illustration, the clustered instance of RD Connection Broker stores important state information in registry keys that the Cluster service monitors and replicates between the cluster nodes. (This differs from some other clustered services or applications, which typically store such information in cluster storage.) Because the information is automatically replicated between nodes, when Node 2 begins running the clustered instance of RD Connection Broker, the state information it needs is already stored in the local registry on the node.

The following illustration shows the sequence of events that begins with the user requesting a connection to a virtual desktop, and ends with the virtual desktop being displayed on the client.

Figure 2   Servers providing a virtual desktop

  1. The user requests a connection to a virtual desktop, either a personal virtual desktop or one from a virtual desktop pool.

  2. The RD Gateway receives the request.

  3. The RD Gateway sends the request to a virtual machine redirector (that is, RD Session Host running in virtual machine redirection mode). The virtual machine redirector informs RD Connection Broker, and then waits for the IP address of a virtual machine.

  4. RD Connection Broker requests information about a virtual machine from the RD Virtualization Host.

  5. RD Connection Broker receives information about a virtual machine and then provides that information to the virtual machine redirector.

  6. The virtual machine redirector communicates through the RD Gateway, providing the client with the IP address and connection information for a virtual desktop.

  7. The client connects to a virtual desktop.

  8. The virtual desktop is displayed on the client.

The following illustration shows the same sequence of events occurring despite the failure of one node of the cluster. Because a second cluster node is still running, it can respond to client requests as they occur.

Figure 3   Servers providing a virtual desktop after a failure

From time to time, a user might attempt to connect with a clustered server just before it fails. In that case, when the server fails, the user will have to try again. On the next attempt, assuming that the connection attempt is made with a functioning server, it will succeed.

When you create a clustered instance of RD Connection Broker, you configure certain settings differently than you would for a standalone RD Connection Broker server. For a table of the differences, see Appendix A: Differences between a clustered RD Connection Broker and a standalone RD Connection Broker.

Hardware, software, and network infrastructure requirements for a failover cluster

For a list of the hardware, software, and network infrastructure requirements for a failover cluster, see Understanding Requirements for Failover Clusters (https://go.microsoft.com/fwlink/?LinkId=178500). When reviewing those requirements, keep the following items in mind:

  • If you begin the procedures in this document with a failover cluster already in use, you cannot have a clustered Generic Service configured in your cluster before you configure a clustered instance of Remote Desktop Connection Broker. If you have a clustered Generic Service already configured in your cluster, see the alternative procedures at On Windows 2008 R2 when trying to add Remote Desktop Connection Broker... (https://go.microsoft.com/fwlink/?LinkId=191563).

  • For the configuration in this step-by-step, connecting the cluster servers to storage is only required if your cluster will have an even number of nodes and you choose the cluster quorum configuration called Node and Disk Majority. If your cluster will have an even number of nodes, you will not be required to connect the servers to storage if you choose the quorum configuration called Node and File Share Majority. (If your cluster will have an odd number of nodes, it also does not require storage.) For more information about these two quorum configurations, see Failover Cluster Step-by-Step Guide: Configuring the Quorum in a Failover Cluster (https://go.microsoft.com/fwlink/?LinkId=180628).

  • Because the servers in the failover cluster in this configuration are referenced by IP addresses in host resource records that are used by clients, we recommend that you assign static IP addresses on the servers, rather than using DHCP. Otherwise, the lease for an IP address used by one of the cluster servers could expire in DHCP, and the server would become unavailable until the host resource records were updated.

Role, role services, and feature requirements for a failover cluster that supports virtual machine redirection

Each server that will be in a failover cluster that supports virtual machine redirection requires the following role, role services, and feature:

  • Server role: Remote Desktop Services

Note

We do not recommend that you install the Remote Desktop Services role on domain controllers (that is, servers with the Active Directory Domain Services role installed).

**Role services**:  
  
  - Remote Desktop Connection Broker  
      
  - Remote Desktop Session Host  
      
    As described in this guide, you configure this role service to support virtual machine redirection. When you do this, the following changes are made to the RD Session Host server:  
      
      - The user logon mode is changed to **Allow reconnections, but prevent new logons**.  
          
      - All programs are removed from the **RemoteApp Programs** list in RemoteApp Manager.  
          
      - The Authenticated Users group is added to the Remote Desktop Users group.  
          

Note

To connect remotely to administer an RD Session Host server that is configured to provide virtual machine redirection, use the mstsc /admin command.

  • Feature: Failover Clustering

For more information about Remote Desktop Services and virtual machine redirection, see the links in Additional references, later in this topic.

Steps for installing a failover cluster that runs Remote Desktop Connection Broker with virtual machine redirection

Step 1: Connect the cluster servers to the networks and optionally to storage

Step 2: Make sure that the necessary role, role services, and feature are installed

Step 3: Validate the cluster configuration

Step 4: Configure RD Connection Broker as a one-node cluster

Step 5: Configure a certificate and additional settings on the first server

Step 6: Deploy the certificate and configure necessary settings on additional servers

Step 7: Add one or more additional servers to the failover cluster

Step 8: Complete the configuration and test failover

Step 1: Connect the cluster servers to the networks and optionally to storage

Use the following instructions to connect your selected cluster servers to networks and optionally to storage.

Important

For the configuration in this step-by-step, connecting the cluster servers to storage is only required if your cluster will have an even number of nodes and you choose the quorum configuration called Node and Disk Majority. If your cluster will have an even number of nodes but you choose Node and File Share Majority, or if it will have an odd number of nodes, you do not need to connect the cluster servers to storage.

To connect the cluster servers to the networks and optionally to storage

  1. Review the details about hardware and network requirements in Understanding Requirements for Failover Clusters (https://go.microsoft.com/fwlink/?LinkId=178500).

    For a failover cluster network, avoid having single points of failure. There are multiple ways of accomplishing this. You can connect your cluster nodes by multiple, distinct networks. Alternatively, you can connect your cluster nodes with one network that is constructed with teamed network adapters, redundant switches, redundant routers, or similar hardware that removes single points of failure. (If you use a network for iSCSI, you must create this network in addition to the other networks).

  2. Connect and configure the networks that the servers in the cluster will use.

  3. Your test configuration will probably include a non-clustered domain controller and may include clients. Make sure that these computers can connect to the clustered servers through at least one network.

  4. If your cluster will have an even number of nodes and you choose the quorum configuration called Node and Disk Majority, follow the instructions for connecting the servers to storage in Prepare Hardware Before Validating a Failover Cluster (https://go.microsoft.com/fwlink/?LinkId=190316). Note that a disk witness (the disk used for Node and Disk Majority) must use NTFS.

Step 2: Make sure that the necessary role, role services, and feature are installed

In this step, you review the necessary role, role services, and feature, and make sure that all of them are installed on two or more servers. The servers must be members of a domain, but we do not recommend that you install the Remote Desktop Services role on domain controllers (that is, servers with the Active Directory Domain Services role installed).

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To make sure that the necessary role, role services, and feature are installed

  1. On one of the servers, if you recently installed Windows Server 2008 R2, and the Initial Configuration Tasks interface is displayed, click Close (on the lower right). After Initial Configuration Tasks closes, Server Manager opens.

  2. If the Initial Configuration Tasks interface is not displayed and Server Manager is not running, click Start, click Administrative Tools, and then click Server Manager. (If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.)

    Figure 4   Server Manager

  3. In the console tree, select Roles, and in the center pane, expand items as necessary to see whether the following have all been installed:

    • Role: Remote Desktop Services

    • Role Service: Remote Desktop Session Host

    • Role Service: Remote Desktop Connection Broker

  4. Install the role, role services, or both, depending what has already been installed:

    • If the Remote Desktop Services role has not been installed, under Roles Summary, click Add Roles to open the Add Roles Wizard. On the Before You Begin page, click Next and on the Select Server Roles page, select Remote Desktop Services, and then click Next twice. Continue to step 5.

    • If the Remote Desktop Services role is installed, but the Remote Desktop Session Host and Remote Desktop Connection Broker role services are not both installed, under Roles Summary, click Remote Desktop Services and then under Role Services, click Add Role Services.

  5. On the Select Role Services page, if Remote Desktop Session Host has not been installed, select it. Likewise, if Remote Desktop Connection Broker has not been installed, select it.

    If you are installing the Remote Desktop Session Host role service, follow the instructions in the wizard to specify the authentication mode and licensing mode. For the user groups and the client experience, accept the defaults. For more information, see Install the RD Session Host Role Service (https://go.microsoft.com/fwlink/?LinkId=185917).

  6. When the wizard finishes, close it. As needed, restart the server.

  7. Add this server (the server you are configuring) to the Session Broker Computers group. To do this:

    1. In Server Manager, expand Configuration, expand Local Users and Groups, and then select Groups.

    2. In the center pane, double-click Session Broker Computers.

    3. In the Session Broker Computers Properties dialog box, click Add.

    4. In the Select Users, Computers, Services Accounts, or Groups dialog box, click Object Types.

    5. Select the Computers check box, clear other check boxes, and then click OK.

    6. In the Enter the object names to select box, specify the name of the server you are currently configuring. (You will add other objects to this group in later steps in this guide.)

    7. Click OK twice.

  8. In Server Manager, expand Roles, expand Remote Desktop Services, and then click RD Session Host Configuration.

  9. In the center pane, right-click the setting that is displayed under RD Connection Broker, click Properties, and then click the Change Settings button.

    Figure 5   RD Connection Broker settings

  10. To configure RD Session Host for virtual machine redirection, make sure that Virtual machine redirection is selected. For RD Connection Broker server name, specify the name of the server you are configuring. You will change this name later to the name of the clustered instance of RD Connection Broker (rather than the name of a particular physical server).

  11. When prompted, click Yes, and then click OK twice to close all dialog boxes.

Important

After performing this step, to connect remotely to administer your RD Session Host server, use a command of the form mstsc /v:<servername> /admin where <servername> is the name of the server you want to connect to.

  1. In Server Manager, in the console tree, select Features, and then under Features Summary, click Add Features.

  2. In the Add Features Wizard, select Failover Clustering, click Next, and then click Install.

  3. Follow the instructions in the wizard to complete the installation of the feature. When the wizard finishes, close it.

  4. Repeat the process to install the role, role services, and feature on each server that you want to include in the cluster.

Step 3: Validate the cluster configuration

Before you create a cluster, we strongly recommend that you validate your configuration. Validation helps you confirm that the configuration of your servers, network, and storage meets a set of specific requirements for failover clusters.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To validate the failover cluster configuration

  1. To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Manager. (If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.)

    Figure 6   Failover Cluster Manager snap-in

  2. Confirm that Failover Cluster Manager is selected, and then in the center pane under Management, click Validate a Configuration.

    Figure 7   Validate a Configuration Wizard

  3. Follow the instructions in the wizard to specify this server and any other servers that will be in the cluster, select the tests, and then run the tests. To fully validate your configuration, run all tests before you create a cluster.

Important

Even though you will initially create a one-node cluster in the procedure that follows, we recommend that you run all tests now on all the servers that you plan to include in the failover cluster. If you run tests on only one server now, you will need to run tests later on all the servers (some tests require at least two servers to run).

  1. The Summary page appears after the tests run. To view Help topics that will help you interpret the results, click More about cluster validation tests.

  2. While still on the Summary page, click View Report and read the test results.

    To view the results of the tests after you close the wizard, see

    SystemRoot\Cluster\Reports\Validation Report date and time.html

    where SystemRoot is the folder in which the operating system is installed (for example, C:\Windows).

  3. Close the wizard. As necessary, make changes in the configuration and rerun the tests.

  4. To view Help topics about cluster validation after you close the wizard, in Failover Cluster Manager, click Help, click Help Topics, click the Contents tab, expand the contents for the failover cluster Help, and click Validating a Failover Cluster Configuration.

Step 4: Configure RD Connection Broker as a one-node cluster

In this procedure, you run the Create Cluster Wizard on one server and configure a clustered instance of RD Connection Broker. Later you will add one or more additional servers to the failover cluster.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. In addition, if your account is not a Domain Admins account, either the account or the group that the account is a member of must be delegated the Create Computer Objects permission in the domain.

To configure RD Connection Broker as a one-node cluster

  1. To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Manager. (If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.)

  2. Confirm that Failover Cluster Manager is selected, and then in the center pane under Management, click Create a Cluster.

    Figure 8   Create Cluster Wizard

  3. Follow the instructions in the wizard to specify:

    • The name of this server (only).

    • The name of the cluster, to be used for administering the cluster itself.

    • Any IP address information that is not automatically supplied by DHCP.

  4. After the wizard runs and the Summary page appears, to view a report of the tasks that the wizard performed, click View Report.

  5. In Failover Cluster Manager, if the console tree is collapsed, expand the tree under the cluster that you just created.

  6. Click Services and Applications and then, under Actions (on the right), click Configure a Service or Application.

  7. If the Before You Begin page appears, click Next. The Select Service or Application page appears.

    Figure 9   High Availability Wizard

  8. Select Remote Desktop Connection Broker and then click Next.

    If you see a message that says Only one instance of this role is allowed in the cluster, it indicates that a Generic Service has already been configured in this cluster. In this situation, see the alternative procedures at On Windows 2008 R2 when trying to add Remote Desktop Connection Broker... (https://go.microsoft.com/fwlink/?LinkId=191563).

  9. Follow the instructions in the wizard to specify the following details:

    • A name for the clustered instance of Remote Desktop Connection Broker. This name will be registered in DNS. You will specify this name (not the name of a physical server) for the RD Connection Broker instance to be used by RD Session Host (in virtual machine redirection mode).

    • Any IP address information that is not automatically supplied by your DHCP settings—for example, a static IPv4 address.

    After the wizard runs and the Summary page appears, if you want to view a report of the tasks that the wizard performed, click View Report.

  10. To close the wizard, click Finish.

  11. In the console tree, make sure Services and Applications is expanded. Right-click the clustered Remote Desktop Connection Broker that you just created, click Add a resource, and then click 4- Generic Service.

  12. In the New Resource Wizard, scroll down in the list of services and then select RemoteApp and Desktop Connection Management.

    Figure 10   New Resource Wizard

  13. Click Next twice and then click Finish to close the wizard.

  14. In Server Manager (not Failover Cluster Manager), expand Configuration and then click Services. Scroll down until you see the Remote Desktop Connection Broker service and the RemoteApp and Desktop Connection Management service. If the services are started, right-click each one and then click Stop.

  15. In Failover Cluster Manager (not Server Manager), in the console tree, right-click the clustered Remote Desktop Connection Broker that you created. If Take this service or application offline is available, click it and when prompted, confirm your action. Otherwise, skip to the next step.

  16. In the console tree, right-click the clustered Remote Desktop Connection Broker again, and then click Bring this service or application online.

Step 5: Configure a certificate and additional settings on the first server

At this point, a number of items must be configured on the first server, the one that you configured as a one-node failover cluster. These items include DNS settings, a certificate, and settings for the RD Session Host role service. The certificate is needed so that clients can verify the identity of the RD Session Host server and encrypt communication between the RD Session Host server and the client.

To configure a certificate and additional settings on the first server in the configuration

  1. Create (or work with your DNS or network administrator to create) one or two host resource records that map to the fully qualified domain names of all servers that will be in the failover cluster:

    • If all of your clients run version 7.0 or later of RDC, create one record. The name in this record references the common name of the certificate that clients will use.

    • If you have clients running a version of RDC earlier than version 7.0, create an additional record. This record will not have an associated certificate.

    The host resource record or records are necessary for DNS round robin. In later steps in this document, you will specify host resource record names as part of the configuration for virtual desktops. After you perform the appropriate configuration steps, the names will be made available in the RDP file that clients use to connect to personal virtual desktops.

  2. Obtain and deploy a certificate that meets the requirements of your organization. This certificate, used by clients that run version 7.0 or later of RDC, verifies the identity of the RD Session Host server and encrypts communication between the RD Session Host server and the client. The common name of the certificate should match the name of the corresponding resource record created in step 1. Use the same certificate for all the servers in the cluster.

    For general information about using certificates, see Common Scenarios for Using Active Directory Certificate Services (https://go.microsoft.com/fwlink/?LinkId=190315).

  3. Add the appropriate servers to the Session Broker Computers group on the first server. To do this:

    1. On the server that you configured as a one-node failover cluster, in Server Manager, expand Configuration, expand Local Users and Groups, and then select Groups.

    2. In the center pane, double-click Session Broker Computers.

    3. In the Session Broker Computers Properties dialog box, click Add.

    4. In the Select Users, Computers, Services Accounts, or Groups dialog box, click Object Types.

    5. Select the Computers check box, clear other check boxes, and then click OK.

    6. In the Enter the object names to select box, specify all the servers that you plan to have in the failover cluster, separating the names with semicolons. (If you have RD Session Host farm members, also add all of them to the list.)

    7. Click OK twice.

  4. Configure the virtual machine redirection setting as follows:

    1. In Server Manager, expand Roles, expand Remote Desktop Services, and then click RD Session Host Configuration.

    2. In the center pane, right-click the setting that is displayed under RD Connection Broker, click Properties, and then click the Change Settings button. Make sure that Virtual machine redirection is selected.

    3. In RD Connection Broker server name, specify the name of the clustered instance of RD Connection Broker, that is, the name that you specified in the High Availability Wizard. Click OK twice.

Important

Be sure to complete this step. It provides a name that always remains the same, even if the clustered RD Connection Broker moves from one physical server to another in the failover cluster.

  1. In Server Manager, in the console tree, make sure that RD Session Host Configuration is selected.

  2. In the center pane, under Connections, double-click RDP-Tcp.

    Figure 11    RDP-Tcp Properties sheet

  3. On the General tab, click the Select button, and then select the certificate that you deployed to the certificate store. Click OK twice.

  4. In the console tree, expand Remote Desktop Connection Manager, click RD Virtualization Host Servers, and then in the Action pane, click Configure Virtual Desktops.

    The Configure Virtual Desktops Wizard starts.

  5. Follow the instructions in the wizard to complete the following tasks:

    • Specify the RD Virtualization Host server in your configuration.

    • Specify the host resource record name that you created in step 1 (of this procedure) for clients that run version 7.0 or later of RDC (for Redirection Settings).

    • Specify the RD Web Access server in your configuration.

  6. On the Summary Information page of the wizard, review the information. If you do not want to assign personal virtual desktops, clear the Assign personal virtual desktop check box, and then click Finish. Otherwise, leave the check box selected and then click Finish.

    If you want to assign personal virtual desktops at another time, you can expand RD Virtualization Host Servers (in the console tree), click Personal Virtual Desktops, and then in the Action pane, click Assign Personal Desktops to users.

  7. If you are not assigning personal virtual desktops, skip to the next step. Otherwise, follow the instructions in the Assign Personal Virtual Desktop Wizard to select a user, specify a virtual machine to assign to that user, and confirm the assignment. You can repeat this process multiple times before clicking Finish to close the wizard.

  8. If you want to use a virtual desktop pool in your configuration, take the following actions:

    1. In the console tree, make sure that Remote Desktop Connection Manager is expanded, click RD Virtualization Host Servers, and then in the Action pane, click Create Virtual Desktop Pool.

    2. Follow the instructions in the wizard to select the virtual machines to add to the pool, the display name for the pool, and a pool ID. Users will see the display name but not the pool ID.

    3. Close the wizard.

    4. In the left pane, make sure RD Virtualization Host Servers is expanded, right-click the name of the virtual desktop pool that you created, and then click Properties.

    5. Configure appropriate properties for the pool. For example, on the General tab, if you want the virtual machines in the virtual desktop pool to automatically save after a set time if users log off or disconnect, select Automatically save virtual machines and specify a time (in minutes) in the Wait for box. To close the Properties sheet, click OK.

  9. If you have clients running a version of RDC earlier than version 7.0, in the console tree, with Remote Desktop Connection Manager still expanded, click RD Virtualization Host Servers, and then in the Action pane, click Properties. Enable redirection for the clients, and in Alternative server name, specify the additional host resource record name that you created for those clients.

Step 6: Deploy the certificate and configure necessary settings on additional servers

At this point, on the servers that you plan to add to the failover cluster, you must deploy the certificate that you created and configure necessary settings.

Important

As you configure the settings described in the following procedure, make sure that the settings match the corresponding settings on the first server. The one exception is that if you create a pool for virtual desktops, you must leave it empty (rather than placing virtual desktops in the pool), as described in the following procedure.

To deploy the certificate and configure necessary settings on additional servers

  1. Deploy the certificate that you obtained in the previous procedure on a server that you plan to add to the failover cluster. Use the same certificate for all the servers in the cluster.

  2. For the server you are currently configuring, confirm that the server name has been included in the host resource record or records that you created at the beginning of the previous procedure, Step 5: Configure a certificate and additional settings on the first server.

  3. Add the appropriate servers to the Session Broker Computers group on the server you are currently configuring. To do this:

    1. In Server Manager, expand Configuration, expand Local Users and Groups, and then select Groups.

    2. In the center pane, double-click Session Broker Computers.

    3. In the Session Broker Computers Properties dialog box, click Add.

    4. In the Select Users, Computers, Services Accounts, or Groups dialog box, click Object Types.

    5. Select the Computers check box, clear other check boxes, and then click OK.

    6. In the Enter the object names to select box, specify all the servers that you plan to have in the failover cluster, separating the names with semicolons. (If you have RD Session Host farm members, also add all of them to the list.)

    7. Click OK twice.

  4. Configure the virtual machine redirection setting as follows:

    1. In Server Manager, expand Roles, expand Remote Desktop Services, and then click RD Session Host Configuration.

    2. In the center pane, right-click the setting that is displayed under RD Connection Broker, click Properties, and then click the Change Settings button. Make sure that Virtual machine redirection is selected.

    3. In RD Connection Broker server name, specify the name of the clustered instance of RD Connection Broker, that is, the name that you specified in the High Availability Wizard. Click OK twice.

Important

Be sure to complete this step. It provides a name that always remains the same, even if the clustered RD Connection Broker moves from one physical server to another in the failover cluster.

  1. In Server Manager, in the console tree, make sure that RD Session Host Configuration is selected.

  2. In the center pane, under Connections, double-click RDP-Tcp.

    Figure 12    RDP-Tcp Properties sheet

  3. On the General tab, click the Select button, and then select the certificate that you deployed to the certificate store. Click OK twice.

  4. In the console tree, expand Remote Desktop Connection Manager, click RD Virtualization Host Servers, and then in the Action pane, click Properties.

    The Virtual Desktops Properties sheet appears.

  5. Configure redirection settings:

    • For clients that run version 7.0 or later of RDC, on the Redirection Settings tab, in the Server name box, specify the host resource record name that you created at the beginning of Step 5: Configure a certificate and additional settings on the first server.

    • If you have clients running a version of RDC earlier than version 7.0, select the Enable redirection for earlier RDC versions check box, and then for Alternative server name, specify the additional host resource record name that you created for those clients.

  6. If you do not want to use a virtual desktop pool, skip this step. Otherwise, review the name and settings you used for the virtual desktop pool that you created on the first server (the single-node failover cluster). You will use these settings to create an empty pool. Even though the pool is empty, it will function correctly later when failover occurs. To create an empty virtual desktop pool:

    1. In the console tree, make sure that Remote Desktop Connection Manager is expanded, click RD Virtualization Host Servers, and then in the Action pane, click Create Virtual Desktop Pool.

    2. Click Next to progress through the Welcome page and the Select Virtual Machines page.

      A message box appears, saying that you have not selected any virtual machines for this pool. Because you already selected the virtual machines when you configured the first server, do not add virtual machines now. Click Yes to confirm that you want to continue.

    3. On the Set Pool Properties page, enter the display name and pool ID that you specified when you created the pool on the first server. Click Finish to close the wizard.

    4. In the left pane, make sure RD Virtualization Host Servers is expanded, right-click the name of the virtual desktop pool, click Properties, and configure the same properties that you configured for the virtual desktop pool on the first server.

  7. Return to step 1 in this procedure, Step 6: Deploy the certificate and configure necessary settings on additional servers, and repeat the process for each of the servers that you will add to the failover cluster.

Step 7: Add one or more additional servers to the failover cluster

After an additional server has been configured to match the server in the one-node cluster, you can add the additional server to the failover cluster. You can repeat this process to add more servers to the failover cluster.

To add one or more additional servers to the failover cluster

  1. If you have not already run validation tests on all the servers you plan to include in the cluster, run the Validate a Configuration Wizard as described in Step 3: Validate the cluster configuration.

  2. On a server that you want to add to the failover cluster, review the configuration settings for the Remote Desktop Services server role to confirm that they match the settings on each server that is already in the cluster. Note, however, that if you configure a virtual desktop pool on a server other than the first server, you should leave the pool empty (without virtual desktops in the pool).

  3. On the server that you want to add, start Server Manager, expand Configuration, click Services, and scroll down until you see the Remote Desktop Connection Broker service and the RemoteApp and Desktop Connection Management service. If the services are started, right-click each one and then click Stop.

  4. On a server that is already in the failover cluster, click Start, click Administrative Tools, and then click Failover Cluster Manager. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

  5. In the Failover Cluster Manager snap-in, if the cluster that you created is not displayed, in the console tree, right-click Failover Cluster Manager, click Manage a Cluster, and then select or specify the cluster.

  6. In the console tree, select the cluster, and then in the Actions pane, click Add Node.

  7. Follow the instructions in the wizard to specify the server to add to the cluster.

  8. After the wizard runs and the Summary page appears, if you want to view a report of the tasks the wizard performed, click View Report.

  9. To add another server, repeat the procedure.

Step 8: Complete the configuration and test failover

After you have added all intended servers to the failover cluster, be sure to complete the configuration and test failover, as described in the following procedure. One of the actions that you perform in the procedure is to check the quorum configuration to ensure that it is appropriate for the number of nodes in the cluster (an even number or an odd number of nodes).

To complete the configuration and test failover

  1. To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Manager. (If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.)

  2. In the Failover Cluster Manager snap-in, if the cluster that you created is not displayed, in the console tree, right-click Failover Cluster Manager, click Manage a Cluster, and then select or specify the cluster.

  3. If your cluster has an odd number of nodes, or if it has an even number of nodes and you want to use the quorum configuration called Node and File Share Majority, skip this step. Otherwise, if your cluster has an even number of nodes and you want to use Node and Disk Majority, in the console tree, expand the cluster and then expand Storage. Check to see if there is a disk in Available Storage for the disk witness (part of the Node and Disk Majority quorum configuration). If you need to add a disk to Available Storage, in the Actions pane, click Add a disk and follow the steps in the wizard.

    Before you can add a disk to Available Storage, it must be accessible from both nodes in the cluster. A disk to be used for a disk witness can be a relatively small disk, but not less than 512 MB in size. For more information about the disk witness and the Node and Disk Majority quorum configuration, see Failover Cluster Step-by-Step Guide: Configuring the Quorum in a Failover Cluster (https://go.microsoft.com/fwlink/?LinkId=180628).

  4. In the console tree, right-click the cluster, click More Actions, and then click Configure Cluster Quorum Settings.

  5. Follow the instructions in the wizard to configure the most appropriate quorum configuration for the availability of your cluster:

    • If the cluster has an odd number of nodes, Node Majority is the recommended quorum configuration.

    • If the cluster has an even number of nodes, either Node and File Share Majority or Node and Disk Majority is the recommended quorum configuration. If you choose either of these configurations, the wizard will prompt you to specify an appropriate file share (for a file share witness) or disk (for a disk witness).

  6. Finish and close the Configure Cluster Quorum Wizard (but leave Failover Cluster Manager running).

  7. Perform a basic test of failover for the clustered Remote Desktop Connection Broker. To do this, in Failover Cluster Manager, right-click the clustered Remote Desktop Connection Broker, click Move this service or application to another node, and then click an available choice of node. When prompted, confirm your choice.

    You can observe the status changes in the center pane of the snap-in as the clustered service or application is moved.

  8. With the clustered Remote Desktop Connection Broker still running on the node that you just moved it to (not the node that was the first node in the cluster), test the configuration. To do this, open a browser connection to the RD Web Access server and click an application icon. If you cannot open the application, review the following:

    • Use the troubleshooting procedures that you would use if RD Connection Broker were on a standalone server instead of a cluster. For example, check the host resource record, the certificates, and the settings that provide RD Connection Broker with information about other servers in the Remote Desktop configuration. Also confirm that all servers in the failover cluster are configured identically for all settings related to Remote Desktop.

      For a set of scripts that you can use for testing your configuration, see Verify Connection broker cluster configuration (https://go.microsoft.com/fwlink/?LinkId=188508). For a list of scripts related to Remote Desktop Services, see Additional references, later in this topic.

      To see a table of key settings specifically related to clustering an RD Connection Broker, see Appendix A: Differences between a clustered RD Connection Broker and a standalone RD Connection Broker.

    • View events in Failover Cluster Manager. To do this, in the console tree, right-click Cluster Events, and then click Query. In the Cluster Events Filter dialog box, select the criteria for the events that you want to display, or to return to the default criteria, click the Reset button. Click OK. To sort events, click a heading, for example, Level or Date and Time.

    • Still on the server that currently owns the clustered RD Connection Broker, in Server Manager, expand Configuration, click Services, and scroll down until you see the Remote Desktop Connection Broker service and the RemoteApp and Desktop Connection Management service. If the services are stopped, in Failover Cluster Manager, repeat steps 7 and 8 in this procedure (taking the clustered instance offline and bringing it online). Then return to the Services snap-in to see if the services have started.

  9. Repeat the testing process described in steps 7 and 8 until you have confirmed that the clustered RD Connection Broker runs correctly regardless of which cluster node it is running on.

Appendix A: Differences between a clustered RD Connection Broker and a standalone RD Connection Broker

When you create a clustered RD Connection Broker, you configure certain settings differently than you would for a standalone RD Connection Broker server. The following table provides a condensed list of those settings that differ:

Action needed to configure RD Connection Broker in a failover cluster Interface where setting is configured Setting

Create a clustered instance of RD Connection Broker, rather than running RD Connection Broker on a standalone server.

After creating the cluster, in Failover Cluster Manager, run the High Availability Wizard.

When creating the clustered instance, choose Remote Desktop Connection Broker from the list of services and applications.

Configure the RemoteApp and Desktop Connection Management service to run in the context of a clustered instance on a failover cluster, not on a standalone server.

In Failover Cluster Manager, run the New Resource Wizard.

For the clustered instance of the Remote Desktop Connection Broker, add a Generic Service resource and select the RemoteApp and Desktop Connection Management service.

For the virtual machine redirector, specify the clustered instance of RD Connection Broker, not the name of a physical server.

In RD Session Host Configuration, open the RD Connection Broker Settings dialog box (the dialog box where Virtual machine redirection is selected as the mode).

For the virtual machine redirector, adjust the RD Connection Broker Name to specify the clustered instance of RD Connection Broker.

On all servers in the cluster, in the Session Broker Computers group, include all servers that are in the cluster, not just a single standalone server.

In Local Users and Groups, in Groups, open Session Broker Computers Properties.

In the Session Broker Computers group, add all servers that are in the cluster.

Ensure that the host resource record or records map to all servers in the failover cluster, not just to one standalone server.

In a DNS interface, specify one or more host resource records.

Host resource records must map to the fully qualified domain names of all servers that are in the failover cluster.

If you use a virtual desktop pool, on the first server in the cluster, place virtual desktops in it and configure it as you normally would. On later servers, leave the pool empty, but give it the same name and other properties as you gave it on the first server.

In the console tree, make sure that Remote Desktop Connection Manager is expanded, click RD Virtualization Host Servers, and then in the Action pane, click Create Virtual Desktop Pool.

On the first server, on the Select Virtual Machines page, select virtual machines. On later servers, do not select virtual machines on this page.

Additional references