About Remote Desktop Session Host
Published: May 26, 2010
Updated: February 16, 2011
Applies To: Windows Server 2008 R2
Remote Desktop Services, formerly Terminal Services, is a server role in Windows Server® 2008 R2 that provides technologies that enable users to access Windows-based programs that are installed on a Remote Desktop Session Host (RD Session Host) server, or to access the full Windows desktop. With Remote Desktop Services, users can access an RD Session Host server from within a corporate network or from the Internet.
Remote Desktop Services lets you efficiently deploy and maintain software in an enterprise environment. You can easily deploy programs from a central location. Because you install the programs on the RD Session Host server and not on the client computer, programs are easier to upgrade and to maintain.
When a user accesses a program on an RD Session Host server, the program runs on the server. Each user sees only their individual session. The session is managed transparently by the server operating system and is independent of any other client session. Additionally, you can configure Remote Desktop Services to use Hyper-V™ to either assign virtual machines to users, or have Remote Desktop Services dynamically assign an available virtual machine to a user upon connection.
If you deploy a program on an RD Session Host server instead of on each device, there are many benefits. These include the following:
Application deployment: You can quickly deploy Windows-based programs to computing devices across an enterprise. Remote Desktop Services is especially useful when you have programs that are frequently updated, infrequently used, or difficult to manage.
Application consolidation: Programs are installed and run from an RD Session Host server, eliminating the need for updating programs on client computers. This also reduces the amount of network bandwidth that is required to access programs.
Remote access: Users can access programs that are running on an RD Session Host server from devices such as home computers, kiosks, low-powered hardware, and operating systems other than Windows.
Branch office access: Remote Desktop Services provides better program performance for branch office workers who need access to centralized data stores. Data-intensive programs sometimes do not have client/server protocols that are optimized for low-speed connections. Programs of this kind frequently perform better over a Remote Desktop Services connection than over a typical wide area network.
Remote Desktop Services is a server role that consists of several role services. In Windows Server 2008 R2, Remote Desktop Services consists of the following role services:
RD Session Host: Remote Desktop Session Host (RD Session Host), formerly Terminal Server, enables a server to host Windows-based programs or the full Windows desktop. Users can connect to an RD Session Host server to run programs, to save files, and to use network resources on that server.
RD Web Access: Remote Desktop Web Access (RD Web Access), formerly TS Web Access, enables users to access RemoteApp and Desktop Connection through the Start menu on a computer that is running Windows 7 or through a Web browser. RemoteApp and Desktop Connection provides a customized view of RemoteApp programs and virtual desktops to users.
RD Licensing: Remote Desktop Licensing (RD Licensing), formerly TS Licensing, manages the Remote Desktop Services client access licenses (RDS CALs) that are required for each device or user to connect to an RD Session Host server. You use RD Licensing to install, issue, and track the availability of RDS CALs on a Remote Desktop license server.
RD Gateway: Remote Desktop Gateway (RD Gateway), formerly TS Gateway, enables authorized remote users to connect to resources on an internal corporate network, from any Internet-connected device.
RD Connection Broker: Remote Desktop Connection Broker (RD Connection Broker), formerly TS Session Broker, supports session load balancing and session reconnection in a load-balanced RD Session Host server farm. RD Connection Broker is also used to provide users access to RemoteApp programs and virtual desktops through RemoteApp and Desktop Connection.
RD Virtualization Host: Remote Desktop Virtualization Host (RD Virtualization Host) integrates with Hyper-V to host virtual machines and provide them to users as virtual desktops. You can assign a unique virtual desktop to each user in your organization, or provide them shared access to a pool of virtual desktops.
An RD Session Host server is the server that hosts Windows-based programs or the full Windows desktop for Remote Desktop Services clients. Users can connect to an RD Session Host server to run programs, to save files, and to use network resources on that server. Users can access an RD Session Host server by using the Remote Desktop Connection client or by using RemoteApp programs.
RD Web Access enables users to access RemoteApp and Desktop Connection through the Start menu on a computer that is running Windows 7 or through a Web browser. RemoteApp and Desktop Connection provides a customized view of RemoteApp programs and virtual desktops to users.
When a user starts a RemoteApp program, a Remote Desktop Services session is started on the RD Session Host server that hosts the RemoteApp program. If a user connects to a virtual desktop, a remote desktop connection is made to a virtual machine that is running on an RD Virtualization Host server.
To configure which RemoteApp programs and virtual desktops will be available through RemoteApp and Desktop Connection, you must install the RD Connection Broker role service on a computer that is running Windows Server 2008 R2, and then use the Remote Desktop Connection Manager tool.
You can also use RD Web Access if you only want to make RemoteApp programs on an RD Session Host server available to users through a Web browser.
RD Licensing manages the RDS CALs that are required for each user or device to connect to an RD Session Host server. You use RD Licensing to install, issue, and track the availability of RDS CALs on a Remote Desktop license server.
To use Remote Desktop Services, you must have at least one license server. For small deployments, you can install both the RD Session Host role service and the RD Licensing role service on the same computer. For larger deployments, it is recommended that the RD Licensing role service be installed on a separate computer from the RD Session Host role service.
You must configure RD Licensing correctly for your RD Session Host server to continue to accept connections from clients.
RD Gateway enables authorized remote users to connect to resources on an internal corporate network, from any Internet-connected device. The network resources can be RD Session Host servers running RemoteApp programs [hosting line-of-business (LOB) applications], virtual desktops, or computers with Remote Desktop enabled. RD Gateway encapsulates RDP over HTTPS to help form a secure, encrypted connection between users on the Internet and the internal network resources on which their productivity applications run.
RD Gateway provides these benefits:
RD Gateway enables remote users to connect to internal network resources over the Internet by using an encrypted connection, without needing to configure virtual private network (VPN) connections.
RD Gateway provides a comprehensive security configuration model that enables you to control access to specific internal network resources.
RD Gateway enables remote users to connect to internal network resources that are hosted behind firewalls in private networks and across network address translators (NATs).
Remote Desktop Gateway Manager (RD Gateway Manager) enables you to configure authorization policies to define conditions that must be met for remote users to connect to internal network resources.
RD Gateway Manager provides tools to help you monitor RD Gateway connection status, health, and events.
You can configure RD Gateway servers and Remote Desktop Services clients to use Network Access Protection (NAP) to enhance security.
You can use an RD Gateway server with Microsoft Internet Security and Acceleration (ISA) Server to further enhance security.
RD Connection Broker keeps track of user sessions in a load-balanced RD Session Host server farm. The RD Connection Broker database stores session state information that includes session IDs, their associated user names, and the name of the server where each session resides. When a user with an existing session connects to an RD Session Host server in the load-balanced farm, RD Connection Broker redirects the user to the RD Session Host server where their session exists. This prevents the user from being connected to a different server in the farm and starting a new session.
If the RD Connection Broker Load Balancing feature is enabled, RD Connection Broker also tracks the number of user sessions on each RD Session Host server in the farm, and redirects users who do not have an existing session to the server with the fewest sessions. This functionality enables you to evenly distribute the session load between servers in a load-balanced RD Session Host server farm.
RD Connection Broker is also used to provide users with access to RemoteApp and Desktop Connection. RemoteApp and Desktop Connection provides a customized view of RemoteApp programs and virtual desktops to users. RD Connection Broker supports load balancing and reconnection to existing sessions on virtual desktops accessed by using RemoteApp and Desktop Connection.
To configure RemoteApp and Desktop Connection, use the Remote Desktop Connection Manager tool on the RD Connection Broker server.
RD Virtualization Host integrates with Hyper-V to provide virtual machines by using RemoteApp and Desktop Connection. RD Virtualization Host can be configured so that each user in your organization is assigned a unique virtual desktop, or users are redirected to a shared pool where a virtual desktop is dynamically assigned.
RD Virtualization Host requires RD Connection Broker to determine where the user is redirected. If a user is assigned a personal virtual desktop, RD Connection Broker will redirect the user to this virtual machine. If the virtual machine is not turned on, RD Virtualization Host turns the virtual machine on and then connects the user to the personal virtual desktop. If the user is connecting to a shared virtual machine pool, RD Connection Broker will first check to see if the user has a disconnected session in the pool. If the user has a disconnected session, they are reconnected to that virtual desktop. If the user does not have a disconnected session, a virtual desktop in that pool is dynamically assigned to the user.