Back

TechnologyMar 18, 2013

Windows Server 2012 RDS: Changing the Connection Broker DNS Alias

Paul Bell

background

On a recent project, we deployed Windows Server 2012 Remote Desktop Services (RDS) and came across a particular inconvenience. For High Availability with only two hosts, we chose to use two virtual machines (VMs) each with the Web Access and Connection Broker (RDCB) roles. Following the Microsoft guide, we built a Network Load Balancer (NLB) for the machines’ Web Access servers. We used a single DNS name – RDWA.corp.com, which pointed to the Cluster IP for NLB. Then, we used DNS Round Robin for the Connection Broker with two DNS entries for RDCB.corp.com for the separate IP addresses of the VMs.

problem

This configuration worked well until we deployed the certificate. When the RDCB connection was made, the certificate warning popped up and indicated the site had changed from RDWA.corp.com to RDCB.corp.com. As a result, the certificate was no longer valid.

solution

As we assessed the situation, we came up with several possible solutions: add a certificate for the RDCB.corp.com name, get a SAN certificate, or use the NLB again for RDCB instead of DNS Round Robin. The last method seemed to be simplest. We opened Windows Server 2012 Server Manager -> Remote Desktop Services -> Overview -> Deployment Overview, Tasks -> Edit Deployment Properties (see Figure 1).

Figure 1

In this window, we could see “High Availability settings” and the field for the DNS Round Robin name. Unfortunately, this field was not editable and to change it, via the Remote Desktop Manager, would mean we would have to break HA and rebuild it. Fortunately, PowerShell was AMAZING and helped solve the problem!

implementation

There were two simple steps needed to make the change. First, we set the active RDCB server by going into RDMS > Overview -> Deployment Overview, Tasks -> Set active RD Connection Broker Server. Then opened an elevated PowerShell prompt and ran:

Set-RDClientAccessName -ConnectionBroker <ACTIVE MANAGEMENT SERVER NAME> -ClientAccessName <NEW DNS RR NAME>

Of course, it is important to change < ACTIVE MANAGEMENT SERVER NAME > to your current active Connection Broker found in the first step and to change the < NEW DNS RR NAME > to your NLB DNS name. This process took us 15 seconds to complete instead of half the day AND it did not break the HA configuration!

More information about the Set-RDClientAccessName PowerShell cmdlet can be found on TechNet.

making the plunge to vdi

VDI makes an excellent choice for users who need a standard desktop with similar applications. Key features include increased manageability and security. It also allows access to a standard company desktop from any device with remote desktop client access like thin clients, tablets, home PCs, teleworkers, and some smartphones. This makes VDI an easy sell to management. VDI’s ability to lengthen the lifetime of your desktop hardware and reduce the cost per desktop overall further increases the ROI over a traditional full desktop solution.

Need help in deciding if Microsoft Server 2012 Remote Desktop Servers is right for your business or identifying which desktop model is the best fit? Credera is available to guide you through initiating a proof of concept implementation where you can choose to utilize one or all of the new Remote Desktop Services offerings.

To contact a VDI expert, email info@credera.com or call 972.759.1836. For more information on Microsoft Server 2012 and RDS, please visit our blog or follow us at @CrederaMSFT.