Hi,
I recently installed a RDS farm on Windows Server 2016 with two High Available RD Brokers (RR) with their database on two SQL Server 2016 in AlwaysOn Availability mode.
Last night the backup of the SQL Server databases created an error on the broker servers, that they were no longer able to connect to the SQL server.
«The Remote Desktop Connection Broker server detected that the database is not available and will notify all Remote Desktop Connection Broker plug-ins.»
followed by
«Connection Broker cannot connect to SQL database. Please ensure policy and firewall settings are properly configured to allow connections to the SQL Server. If the SQL Server is configured to listen on a dynamic port either change the port to a static
TCP port or enable outgoing UDP traffic to port 1434 from the Connection Broker»
The problem lasted only for 30 seconds, because after 30 seconds I saw the following in the eventlog.
«The Remote Desktop Connection Broker server detected that the database is available.»
So everything seems ok, but this morning I was not able to connect to the RDS Session hosts via the brokers.
«Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker.
User : xxxxyyyyyyy
Error: Remote Desktop Connection Broker is not ready for RPC communication.»
I restarted the Broker service on both service and everything worked again, but I would like this not to happen in the first place of course.
I have a few questions:
— Is the RPC error related to the SQL errors a few hours earlier, eventhough there was an event that SQL connections were restored?
— If there is a relation with the SQL connectivity errors during backup, is there something I can do about this (except ofcourse not backing up the databases)? For example, can it be solved with some higher timeout settings, if possible at all.
— If there is no relation with the SQL connectivity errors during backup, what else could be causing the RPC errors on both Broker servers?
Thanks in advance.
Jos
As we know, RD Connection Broker is the brain of the RDS deployment which is responsible for directing clients to an available RD Session Host, reconnecting to existing sessions. It manages all session collections and published RemoteApps. It distributes the RDS configuration among the farm members. Having a single RD Connection Broker server creates a single point of failure. Back in 2008 R2, connection broker had a big disadvantage. We was able to configure High Availability but only as active / passive. Second server was used only when the first server failed. This provided high availability but not scalability. This is not the case any more (That was changed in RDS 2012) and now we can have multiple ative connection brokers in a single RDS environment.
Enabling Connection Broker HA is a one way ticket. Once a RD Connection Broker HA configuration is done, you cannot revert back without decommissioning the whole RDS configuration so be aware of it.
When RDS is configured, you will notice that there is a small database on RD Connection Broker server located in C:WindowsrdcbDb
Database contains information about the farm and because it is stored locally on this machine there is no way for other Connection Brokers to access, read or modify it. For us to make RD Connection Broker highly available we need to move this database to SQL server so that other RD Brokers can talk to the database.
Prerequisites
- Be sure to add second connection broker to All Servers in Server Manager (on your primary RDCB) so that you can manage it from there.
- Create Active Directory Security Group and add all your Connection Broker servers to it. We need this group to be able to convert the RD Connection Broker to a highly available RD Connection Broker.
- Configure the DNS Round Robin using the IP address’s of the Connection Brokers.
- SQL server is a must. I will run this on SQL 2016. Be sure to pre-create a folder to store the SQL database files on SQL server if you are not planing to use SQL default path. Give RD Connection Brokers full access on the folder.
- Ensure that all RDCB Servers have the SQL Server Native Client Installed
Let’s get started.
- Add second connection broker in the All servers list in Server Manager
- Create new security group in AD and add both RDCB servers in it. In my case ,RD Connection Brokers. Reboot RD Connection Broker servers.
- Next step is to create new host record in DNS. It will be used for DNS round robin for the broker servers. In my case I am using the DNS name of RDSFarm
- Let’s configure the SQL Server. Check if TCP/IP is enabled under Client Protocols. SQL Server 2016 install enables this by default, but check it just to be sure, especially if you use an existing SQL Server.
Click on Protocols for MSSQLSERVER and be sure that the TCP/IP is enabled.
Be sure that port 1433 is not being blocked by Windows Firewall. I added new rule SQL Server with port 1433 to the exception list to allow all inbound traffic.
When that is done, open SQL Management Studio –> expand Security and right click on Logins –> New Login
Click on Search
Change Object Types to Group, change Locations to Entire Directory and Add RD Group. Once Done, click OK
On Login – New Wizard, Click Server Roles and mark dbcreator. Click OK
We have granted the RDS Connection Broker server the right to create databases.
We need this because the RDS Connection Broker service will try to migrate from WID (Windows Internal Database to a (high available) SQL Server instance when we convert the Broker to a high available broker.
- Our next step is to install SQL Client on all RD Connection Broker servers so that they can communicate with the SQL Server. I have sql iso file on both RDCB Servers. Start SQL server installation and add Client Tools Connectivity.
Everything should be in place now so let’s convert the RD Connection Broker to HA.
In Server Manager click on remote desktop service node -> Overview –> Right-Click on RD Connection Broker and select Configure High Availability
Before you begin wizard will pop-up. Click Next
On Configure RD Connection Broker for HA page, click on Dedicated database server and click Next. Choose second option (Shared database server) if you manually created database on sql server.
On Configure RD Connection Broker for HA page, type in the DNS Round Robin name, Connection String and where you want to store the database.
DNS Name: RDSFARM.mehic.se
Connection String: DRIVER=SQL Server Native Client 11.0;SERVER=<name of SQL server>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;DATABASE=<name of database>
Folder path: C:Program FilesMicrosoft SQL ServerMSSQL13.MSSQLSERVERMSSQLDATA
Once done, click next
On Confirmation Page, click Configure
And if everything is configured properly you should see Succeeded. Click Close
The RD Connection Broker is now in High Availability Mode which we can see in Server Manager Overview
Before we continue let’s go back to our SQL server to check if database is created.
Expand Security –> Double-Click on your connection broker login and under User Mapping click on RDS database and give db_owner permission. Once done click ok
Now we are ready to add second Connection Broker server. Go to Server Manager –> Remote Desktop Services, right click on RD Connection Broker and choose Add RD Connection Broker Server to add your new broker server
On Before you begin page, click Next
On Select a server page, select your Connection Broker server and click Next
On Confirm selections page, click ADD
Once the configuration is completed, we will now need to re-apply the certificates for Single-Sign On and Publishing. This certificate will be required on all broker servers. Select the option Configure certificate
Deployment Properties wizard will pop-up. You can see that status is showing Error. This is because I already pre-created my certificates. Click Select existing certificate
Locate the certificate, enter the password and select the checkbox to allow the certificate to be added to the Trusted Root Certification Authorities certificate store on the destination computers and hit OK.
Hit Apply to assign the certificate and you will see Success. Do the same for Publishing. Click on OK and close the wizard.
The RDS Farm is now configured with two highly available RD Connection broker servers.
If you would like to change RD Management server you can do it under tasks –> Select RD management server.
That’s it. In the next posts we will continue with our RDS Deployment and add additional session host and configure RD Gateway.
Thanks for reading.
Cheers,
Nedim
This guide will show you how to deploy RDS 2012 on a single 2012 Server enabling the use of Remote Desktop Sessions and RemoteApps.
Point to note: This demonstration shows how to deploy RDS using Quick start. I will demonstrate how to deploy RDS using Standard deployment in a later post.
Preparing for RDS 2012
Before I Install RDS 2012, I will create the OUs and Security Groups required for my deployment. This will make the configuration of group polices easier later.
OU’s
- RDS Security Groups
- RDSH Servers
- RDS Servers
- RDS Computers
I have also created the following Security Groups for RDS
- Personal-Pool VDI Users : Remote desktop users with allocated Virtual desktops
- RDWeb Users: Remote desktop web users
- RemoteApp Users: Remote App users
- VDI Users: Virtual desktop users
There is no requirement to setup OU’s and security groups like I have done, but I would recommend doing so to improve the manageability of your RDS deployment.
Installing RDS – Session Based deployment
It is important to know that you can only have A Remote Desktop session or RemoteApps Session per Session Collection. There is a workaround (not supported) for this and is covered at the end of this post.
Installing RDS Single Server – Session Based Deployment:
Open Server Manager > Add Roles and Feature Wizard
Installation type > Remote Desktop Services Installation
Quick install allows you to deploy a RDS platform and create a session collect straight from install.
Installing RDS Session Deployment using PowerShell
Installing the Server Roles:
New-SessionDeployment -ConnectionBroker RDS1.test.Local -WebAccessServer RDS1.test.Local -SessionHost RDS1.test.Local
Creating the Session collection for Desktop Sessions:
New-RDSessionCollection -CollectionName TestSessionCollection -SessionHost RDS1.test.Local -CollectionDescription “Demo Collection" -ConnectionBroker RDS1.test.Local
Creating a RemoteApp:
new-rdremoteapp -Alias Wordpad -DisplayName WordPad -FilePath "C:Program FilesWindows NTAccessorieswordpad.exe" -ShowInWebAccess 1 -collectionname TestSessionCollection -ConnectionBroker RDS1.test.local
Post Install
After installing the RDS roles, you will need to then configure the RDS Certificates that will be required for access via the endpoint/client device. please see the following link for the configuration of RDS Certificates: Configuring RDS Certificates and SSO
Once the RDS installation is complete, you will see RDMS and this is where you can manage your RDS environment.
Adding Remote Desktop session to a RemoteApp session Collection
I mentioned earlier that you could only have a Remote Desktop Session Collection or a RemoteApp Session Collection.
There is a workaround for this and its easy to configure. you can also look at the following link which shows you how to enable this through the registry:
Publish Remote Desktop Session in a Remote App Session Collection
It is also important to note that there is a issue using both remote apps and desktop sessions on the same server, please see the following link for more details:
RDS 2012 R2 Apps and Session’s using UPD Issue
To publish a Remote Desktop Session you would need to navigate to RemoteApp Programs and select tasks.
Tasks > Publish RemoteApp Programs
Select Remote Desktop Connection
In the field: “Always use the following command-line parameters”
Enter the following:
/V:<FQDN of RDSH Server>
/V:RDS1.test.local
There you have it, a single Server deployment with RemoteApps and Remote Desktop Sessions.