Deploying RDS 2012 R2 On a Domain Controller – the Walk through Guide


This blog post will show you how to deploy RDS on a Domain Controller, I have received a lot of messages over the past months on this saying that it’s not possible. Firstly I would personally never recommend deploying RDS on a domain controller as there are a number of security risks and best practices that get thrown out of the window.

 The first thing I have done is deploy a Domain Controller:

I have spun up a Virtual Machine, installed Active Directory and then promoted it to a Domain Controller.  Domain being the same as the blog site – Ryanmangansitblog.com

Go to Server Manager Select Add roles and Features, then select Remote Desktop Services Installation.

Select the Standard Deployment option

Deplyoment type

Select the Domain Controller for all services, RD Connection Broker, RD Web Access, and RD Session Host.

Connection Broker

RDS Web

Once you have confirmed and selected Restart. RDS will then start to install.

Installing

The installation will Fail………… But wait don’t panic, everything still works !!! I will explain. The Connection Broker installs, but the RD Web and Session Host fails. Running the install process again, will resolve the issue.

Deployment failure

Close the window.

Start the process again ….

This time you will see The RD Connection Broker with the Domain Controller name:

Connection Broker deployment

Continue all the way to completion:

Confirm Selections

Once your happy,  Click Deploy……

Install complete

There you have it ….. The Domain Controller now has the Connection Broker, Web Access and Session Host roles.

RDMS

 

The Other way:

Use the add roles and features wizard, select Remote Desktop Services, Roles Services and then Tick Remote Desktop Connection Broker

Manual way

 

Install the RDCB role. Then start a RDS installation and you will see the connection broker role present.

 

Connection Broker - rdsdc01

 

Follow the same process as before..

RDS install

 

As you can see the install will not fail.

Install complete

I hope this helps…. and answers everyone’s question ! You can deploy RDS on a Domain Controller.

For more information please see the following Links:

Remote Desktop Services role cannot co-exist with AD DS role on Windows Server 2012

Installing RD Session Host on a Domain Controller

17 thoughts on “Deploying RDS 2012 R2 On a Domain Controller – the Walk through Guide

  1. it didn’t work for windows server 2012 R2 domain controller with AD domain and directory services installed. It failed every time

    1. Check your configuration, Build Version and follow the process provided. This method does work. Reboots during the installation of the roles can resolve the issues you stated.

  2. Hi Ryan.
    I’m sorry to bother you.
    How’s that when you install the RDS services and after restart the server, you cannot access again using MSTSC?

    1. Dear Abel Tana,
      I had the same problem as you, after installing RDS in Domain Controller, access via mstsc no longer works, nor using “/ admin”. Were you able to solve this problem? Please, if you could, could you tell us the way? Thank you very much! Julio Rocha

    2. Dear Abel Tana,
      I had the same problem as you, after installing RDS in Domain Controller, access via mstsc no longer works, nor using “/ admin”. Were you able to solve this problem? Please, if you could, could you tell us the way? Thank you very much! Julio Rocha

      1. this sounds like a licensing issue, or a certificate issue. you need to review the event logs. if you have installed a certificate for RDP and its incorrect, then it can break remote access to the server.

  3. I see that it’s possible to setup everything RDS on a single box. I know it’s not recommended, but when setting up the domain for this server should I use the same domain as their FQDN or a subdomain? (IE Contoso.com or AD.contoso.com) The purchased certificate will likely be applied to remote.contoso.com for IIS.

  4. Ryan,

    Thank you for your Article.. I had some questions about a setup I’m trying to build out..

    i”m looking to create a Multi Tennant RDS Environment to host RD Sessions for 3 different customers.

    i’m trying to keep our start cost low and have Provisioned 2 Server. Server A and Server B.

    Server A :would be our PDC and we would create an OU for each customer.
    Server B: Would be a dedicated RDS for Client A
    Server C ( Future Server) : Would be a Dedicated RDS for Client B. (

    The items I can’t wrap my head around would be the following.

    1. Can I Run the Following Services from our PDC – “Server A” RD Web Access, RD Licensing,RD Gateway and RD Connection Broker?
    2. I’m Confused between how the RD Gateway and RD Connection Broker would help me out. I’m not going to be doing any Load balancing or running a Server Farm. My Goal would be to Spin up a dedicatd RDS for each Customer as we onboard them. Could this be just accomplished with the RD Gateway and statically assigning an Organizational Unit to only connect to RDS Server X.

    Thank you in Advance.

    – Ivan

    1. I would avoid using a DC for an RDS deployment. They are fine for labs but not for production. the RD Gateway allows access externally using TLS and SSL (VPN) like connectivity and the connection broker manages reconnects etc.

  5. Hi,
    I’ve tried your suggestions and they just keep failing. I never get to where it says fqdn as connection name for rd broker. The 2nd way you suggest doesn’t come up either. any ideas? I’d be so grateful. Stuck on this and I’m running out of time.

      1. All updates are installed. The hotfixes that I’ve found say they’re not applicable to the server. I don’t know what else to do. Any ideas?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s