I put this blog post and video together to document setting up a basic RDP Server for setting up access for organizations that need to quickly move users from an on site workstation based setup to a mobile VPN based work environment. I had set this up in anticipation that my organization would be required to work from home because of CORVID-19. To take care of the VPN I used our PFSENSE firewall to handle the VPN connection.
How the setup was done you can find the documentation here for site2site VPN https://optionkey.blogspot.com/2019/12/setting-up-site-to-site-vpn-on-pfsense.html or client2site VPN https://optionkey.blogspot.com/2017/03/setting-up-pfsense-with-openvpn-using.html. Almost all users were setup using client to site.
For the setup of the server 2019 Hyper-V virtual I machine, I downloaded the Server 2019 ISO on a trial basis from microsoft https://www.microsoft.com/en-us/cloud-platform/windows-server-trial (RDP is 120 day trial). The server was configured with the following specs 24 Gigabytes of dynamic ram (use non-dynamic setting for better performance), a quad core CPU and 127GB disk. You can view a full video of the install, setup and configuration on my youtube channel https://www.youtube.com/watch?v=mQG8TN_yf6Q
For the setup of the server 2019 Hyper-V virtual I machine, I downloaded the Server 2019 ISO on a trial basis from microsoft https://www.microsoft.com/en-us/cloud-platform/windows-server-trial (RDP is 120 day trial). The server was configured with the following specs 24 Gigabytes of dynamic ram (use non-dynamic setting for better performance), a quad core CPU and 127GB disk. You can view a full video of the install, setup and configuration on my youtube channel https://www.youtube.com/watch?v=mQG8TN_yf6Q
What this post will do:
This post will help you get a RDP server setup without a domain and it will explain the process of letting local users to connect and use the RDS server, and then connect it to a domain to get some additional features such as App-V, additional user permissions, etc.
Setup:
After your initial install of Windows, you will want to go to the add and remove features tab in server manager.
Select a Role-based or feature-based installed
Install roles and features you want for a RDP Server I use the following:
● .net 3.5● Multipath IO● Network Load Balancing● Remote Server Admin Tools● Remote Desktop Services
● Remote Access
● Multipath IO
● Network Load Balancing● Remote Desktop Licensing Diagnoser Tools● RAS Connection Manager● Windows Internal DB● Windows Standards Based Storage Management● Simple TCP/IP Services
When installing the services select the following:
● Remote Desktop Session Host● Remote Desktop Connection Broker● Remote Desktop Gateway● Remote Desktop Licencing● Remote Desktop Web Access
To install all these features you will need to specify the additional source as well in my case it is D:\sources\sxs
Installing these services and features will take several reboots. Once the installation is finished local machine users can login to the server with remote desktop services. However without a domain, we can't really use services like App-V. The App-V service is available by ip/machine dns resolution https://$IPADDRESS/rdweb/ but will not have any published apps available. If your setting up a remote desktop server your doing this because you have multiple users that need to login to your network remotely so most likely your going to use active directory for managing this. So to get all the features for the remote desktop services you will need connect your system to the domain. I renamed the machine from the auto generated WIN-HM7LU99C2OG TO RDSv8 and connected the server to the domain controller I was using.
Once you've rebooted the system and are on the domain, go manage -> Add Roles and Features
Select "Start the Remove Roles and Features Wizard"
Now select Remote Desktop Services Installation
Since we are using a single server select our server RDSv8 select the Quick Start.
We want to still use our session-based desktop deployment
Select the RDSv8 server
Once everything has finished installing reboot the server
After reinstalling the services after renaming the machine and connecting to the domain, you can then access remote app and published applications by the URL https://$COMPUTER.DOMAIN/rdweb. Now your regular RDP session server is available but no you also have App-V and by default the calculator, paint and wordpad are default apps that are available for use.
Something which I recommend doing if your using the RDP server the traditional way instead of using app-v, I would recommend disabling the server manager at login.
Disable server manager on login:
Click on Start > Run.
Type GPEDIT> MSC > hit OK.
The Local Group Policy Editor snap-in will open.
The policy that we are interested in can be found by expanding the following:
Computer Configuration\Administrative Templates\System\Server Manager.
Now if users can connect to the network using the VPN, you should be able to access the remote desktop server and have access to all the apps that are available on the server.
Once I finished installing the server, I installed Office 2019 as a trial. Now we had got it licensed before the licence period expired; so I included a link in the Reference Links to how to extend the trial (though I have not tried it myself)
Download and install the trial version of office
Reference Links
Install office 365, extend the trial for up to 180 days
https://www.howtogeek.com/148347/how-to-extend-your-office-2013365-trial-to-180-days/
https://www.howtogeek.com/148347/how-to-extend-your-office-2013365-trial-to-180-days/
Remote desktop load tester
