Whitepaper: IGEL Linux and Microsoft Remote Desktop Connection Broker 2012 R2
Page 1
Whitepaper
IGEL Linux and Microsoft Remote Desktop Connection
Broker 2012 R2
Version 1.00
Blog: blog.cloud-client.info
Website: www.cloud-client.info
This document can be distributed / used free of charge and has no commercial background.
It’s not allowed to use parts of this document in other documentations, articles or any other way without the permission by the author. For questions related to the document contact [email protected]
The author is not responsible for any damage related to this document incl. usage of 3rd Party Software or configuration suggestions provided by this document. Please test any provided information in advance!
Task
If you are using IGEL Linux based Thin Clients together with the Microsoft Remote Desktop Services you might
want to use the Remote Desktop Connection Broker to setup the connection. This Whitepaper demonstrates
how you can perform the setup.
Requirements
1) Min. two Microsoft Windows Server 2012 R2 installed with the Remote Desktop Session Host role
incl. a fully working RDS environment. Servers are running virtual by using a Microsoft Hyper-V role
running at Windows Server 2012 R2.
2) RDS connection broker “must” be running on one of the servers running the Remote Desktop
Session Host role, otherwise you could get errors for the connection. I don’t know why but it
happens for me a couple of times.
3) A working IGEL Universal Management Suite environment
4) One or more IGEL Linux based Thin Clients or migrated devices (UDC)
Please Note
This Whitepaper is provided for free without any warranty or support from Microsoft, IGEL Technology or
cloud-client.info. All configuration tasks are done at your own risk, we are not responsible for any damage
related to the use of this whitepaper.
Do not perform these configurations in a running production environment! User might by disconnected from
session or the infrastructure cannot be available during the configuration steps.
Whitepaper: IGEL Linux and Microsoft Remote Desktop Connection Broker 2012 R2
Page 3
Used Environement
Do setup this I’ve prepared two Windows Server 2012 R2 running a fully working Microsoft Remote Desktop Services environement. Only thing missing is the Remote Desktop Connection Broker Setup. The Servers have the Windows Patch Level 08/2014 and belongs to a Active Directory Domain running on Windows Server 2012 R2 Domain Level.
The IGEL Thin Clients are installed with Firmware Version 5.03.190.
Open configuration task
Configuration for the Remote Desktop Connection Broker role and the IGEL Thin Clients.
Setup the connection Broker
After you setup your RDS environment open the Server Manager on the System that you use for your environment configuration and browse to the RDS setup site. It should look like this:
Edit the deployment properties (Tasks) and verify that all certificates are assigned and no other configurations tasks are open in the environment.
Setup the DNS (this is a must have!)
Now open the DNS Management for you domain and create a new host entry in your domain pfad. For example “rds” with the ip that points to the server that run the connection broker service.
After this is done do always use this new DNS name as FQDN for the connections! Do never, I repeat never use the real hostname of the connection broker with a Linux or Microsoft RDS Client! This will bypass the broker process and you will always land at the connection broker desktop if enabled! Only the Microsoft RD Web Access and RD Gateway can handle it but not the “normal” clients if you enter the server by your own.
Whitepaper: IGEL Linux and Microsoft Remote Desktop Connection Broker 2012 R2
Page 5
Setup the IGEL Linux
Open a profile in the IGEL Universal Management Suite or the local client setup.
Now browse to Sessions->RDP->RDP Global->Local Logon and enable the local login Window.
Enter your domain and make sure that “Enable network authentication” is enabled. It should look like the screenshot below.
Browse to RDP->RDP Sessions and create a new RDP Session, I will not go thru all settings here but important (did I already mention it?): Use the DNS name you have setup before as FQDN and not the real connection broker hostname!
Click on Ok to take over the configuration or assign the UMS Profile to the client you want to use now. To verify that everything is working open the Windows Server Manager again and deny the new connections for the Remote Desktop Connection Broker Server in the collection.
Do explain this test, my new DNS Entry “rds.software-online.ch” points to the IP Address of SOMRDS01 which runs the RD Connection Broker and the RD Session Host role. If I deny new sessions for this server the Connection Broker should forward all request now to the available SOMRDS02 Terminal Server.
SOMRDS02 runs only the Session Host role and nothing more. You can also try it from a Windows device.. If you use the FQDN of the new entry you will be forwarded and if you use the native hostname you will get an error that the access is denied. Funny right.. Both hostnames are pointing to the same IP but the real hostname will bypass the connection broker process. This is how it should and must work!
Whitepaper: IGEL Linux and Microsoft Remote Desktop Connection Broker 2012 R2
Page 7
Click on the OK button, if everything is working you should now get a message to confirm the certificate, you can bypass this thru the IGEL configuration or to deploy the Server SSL certificate to the Thin Client.
For my test I select “Save certificate if accepted” and I click on yes. Now the session should come up and everything should work as it should.
In the Windows Server Manager you should now see the connection, that’s it. I repeat, do always use the new created DNS Name as FQDN and do never use the “real” Hostname of the RD Connection Broker. Don’t forget to enable the connections for the RD Session Host running at the RD Connection Broker again.
