RD Connection Broker
In Windows Server 2003,
the feature named Session Directory was introduced to maintain user
connection states across load-balanced Terminal Servers. This feature
kept a list of sessions indexed by username. Then, when a user became
disconnected from that session and attempted to reconnect, the Session
Directory redirected the user back to the same Terminal Server that held
their disconnected session.
In Windows Server 2008, the
Session Directory was renamed to the Terminal Services Session Broker
(TS Session Broker). The renamed TS Session Broker also contains a new
feature called TS Session Broker load balancing. Microsoft introduced
the load-balancing feature to allow administrators to distribute session
loads between Terminal Servers without having to use Windows Network
Load Balancing (NLB). A typical deployment for the TS Session Broker
load-balancing feature is for Terminal Server farms that consist of 2 to
10 servers.
For Windows Server 2008 R2,
TS Session Broker was again renamed, this time to RD Connection Broker.
Like before, the RD Connection Broker role service still performs load
balancing and ensures that users get connected to the correct Remote
Desktop session. However, the RD Connection Broker also supports load
balancing and session state management for session-based desktops,
virtual desktops, and RemoteApp programs accessed by using RemoteApp and
Desktop Connection.
Note
When the RD Connection
Broker role service is installed, the RD Web Access role service is also
installed.
To track user sessions in a
load-balanced RD Session Host server farm, an RD Connection Broker
server stores information in its local database for each and every
session. This session information includes where the session resides,
its state, the session ID, and the username associated with the session.
Using this information, the RD Connection Broker redirects users with
an already existing session to the correct RD Session Host server or
virtual desktop.
With RD Connection Broker Load
Balancing, users with existing sessions are still redirected to those
sessions if they attempt to reconnect to them. However, for new session
connections, the RD Connection Broker will attempt to distribute the
session load between more-powerful and less-powerful servers in the farm
based on an assigned server weight value and which server has the least
load.
To configure RD
Connection Broker Load Balancing, an administrator must create an A or
AAAA record for each RD Session Host in a farm. The hostname for the
record is then set to the farm’s name and the IP address to the RD
Session Host server that is being added. The RD Connection Broker then
uses round-robin DNS to distribute a user’s initial connection to an RD
Session Host server farm. After the user has connected and authenticated
to the initial RD Session Host server, that server then queries the RD
Connection Broker for where to redirect the user to. The final RD
Session Host server that is returned from the RD Connection Broker is
based on the following two decisions:
Does the user have an
existing session? If so, redirect that user to the RD Session Host
server where that session exists.
If the user doesn’t have an existing session,
which RD Session Host server has the least load? Redirect that user to
the RD Session Host server with the least load.
Caution
RD Connection Broker
Load Balancing does not work with Windows Server 2003 Terminal Servers,
but does with work Windows Server 2008–based Terminal Servers.
In addition, there are also a
couple of features that allow an administrator some control over the
two previously listed decision paths. First, as mentioned, server weight
can be assigned to each RD Session Host server that has been added to
the RD Connection Broker. Configuring a server weight allows differences
in load to be spread across RD Session Host servers that might not have
the same hardware configuration. Less-powerful RD Session Host servers
would then have a lower weight and fewer sessions, whereas more-powerful
RD Session Host servers would have a higher weight and more sessions.
Second, an administrator can also configure an RD Session Host server to
act as a dedicated redirector. A dedicated redirector is an RD Session
Host server that is configured to process initial session requests, but
does not accept any user sessions. By using a dedicated redirector(s),
the time associated with the initial connection into a farm and the
resulting redirection is decreased, which results in faster logon times.
Note
By default, RD Connection
Broker Load Balancing has a limit of 16 maximum pending logon requests
per RD Session Host server. The limit is in place to prevent RD Session
Host servers from becoming overwhelmed with logon requests either when
they are coming back online or being added into a farm.
Windows System Resource
Manager
Windows System Resource Manager
(WSRM) is a feature in Windows Server 2008 R2 that allows administrators
to control how resources are allocated to applications, services, and
processes. When being used in conjunction with Remote Desktop Services,
WSRM allows administrators to precisely control the amount of resources
each user or session is allowed to consume on an RD Session Host server.
By limiting resources a session or user can use, an administrator can
reduce the chances of a user maxing out an RD Session Host server’s
resources, which might impact other users on that server.
Using Network Load
Balancing (NLB)
Since Windows 2000 Server
Terminal Services, Terminal Services nodes could be “clustered” using
Network Load Balancing (NLB) to split the client load across several
servers. With the introduction of RD Connection Broker Load Balancing,
this clustering technique is no longer the only method by which to
facilitate RD Session Host load balancing. As a general recommendation,
RD Connection Broker Load Balancing should be used for RD Session Host
server farms that need to facilitate load balancing.
Note
Do not confuse NLB-based
clustering for Windows Server 2008 RD Session Host servers with the use
of Microsoft Cluster Service (MSCS). It is recommended that you don’t
cluster your RD Session Host servers using MSCS. Clustering does not
support memory failover for a node. In the event of a failover,
information in memory is lost.
RD Licensing
In addition to purchasing a
Windows Server 2008 R2 server license, administrators must also have
the correct number of Windows Server client access licenses (CALs). When
utilizing Remote Desktop Services functionality, an additional set of
Terminal Services client access licenses (TS CALs) or Remote Desktop
Services client access licenses (RDS CALs) is needed for each user or
device. For certain types of deployments, RDS External Connector or
Service Providers License Agreement (SPLA) licenses can be purchased as
well.
Note
New CALs are not required
to deploy Windows Server 2008 R2 Remote Desktop Services. Both Windows
Server 2008 TS CALs and Windows Server 2008 R2 RDS CALs provide access
to Remote Desktop Services. However, Windows Server 2008 SP2 is required
to install RDS CALs on a TS licensing server. Therefore, Microsoft
recommends installing and using a Windows Server 2008 R2–based RD
licensing server.
Understanding Remote
Desktop Services License Types
The following Remote
Desktop Licensing types are available for use:
RDS Device CAL— This CAL type permits one device (used by any
user) to utilize Remote Desktop Services functionality on any server.
RDS User CAL— This CAL type permits one user (using any
device) to utilize Remote Desktop Services functionality on any server.
RDS External Connector— Using this type of license allows for multiple
external users to access a single Remote Desktop server; when multiple
servers are being used, additional RDS External Connectors and Windows
Server External Connectors must be purchased.
Service
Providers License Agreement (SPLA)—
Using this type of license provides a service provider with a more
flexible and robust licensing solution when hosting Remote Desktop
Services to a number of different organizations and end users.
Note
Any combination of RDS Device
CALs and RDS User CALs can be simultaneously used.
Understanding Remote
Desktop Services Client Access Licensing Mode
When using RDS CALs
(Per-User or Per-Device modes), a separate RDS CAL is required for each
user or device that is accessing Remote Desktop Services. CALs may be
reassigned from one user or device to another. This assignment can be
either permanent or temporary, depending on the need at the time.
Understanding Virtual
Desktop Infrastructure (VDI) Licensing
To correctly license a VDI
environment also requires the purchase of licenses for both the Windows
operating system being used for the virtual machine(s) and the
infrastructure/management components needed for an end-to-end VDI
deployment.
To license Windows as a guest
operating system for any VDI environment, regardless of the choice of
infrastructure or hypervisor vendor, a Virtual Enterprise Centralized
Desktop (VECD) licensing agreement must be purchased. This agreement is
available both for client devices that are covered by Software Assurance
(VECD for SA) or just VECD for devices such as thin clients.
To license the rest of a VDI
environment requires using one of two paths. The VDI infrastructure
components can be licensed using RDS CALs, whereas the VDI management
components are separately licensed. Or, the environment can be licensed
using either Microsoft Virtual Desktop Infrastructure Standard Suite or
the Microsoft Virtual Desktop Infrastructure Premium Suite. Both suites
are volume license offerings that combine the products for an optimum
VDI experience in a value package.
Understanding New RD
Licensing Features
The new features that have
been introduced in Windows Server 2008 R2 for the RD Licensing role
service are discussed in the following sections.
Automatic License
Server Discovery No Longer Supported for Remote Desktop Servers
In previous versions
of Windows Server, the licensing server was automatically discovered on
the network. In Windows Server 2008 R2, automatic discovery is no longer
supported. Instead, administrators must now specify the name of a
licensing server to use for each RD Session Host server.
Changes to the
Licensing Tab in Remote Desktop Server Configuration
When configuring an RD
Session Host server, an administrator can use the Licensing tab in the
Remote Desktop Server Configuration tool to specify the licensing
server. When using this tab, a licensing server can be chosen from a
list of servers that have been registered as a service connection point
in Active Directory or can be manually defined by entering its name. For
cases where more than one license is added, an RD Session Host server
will attempt to contact licensing servers in the order in which they
appear in the Specified License Servers box.
The Manage RDS CALs
Wizard
A new wizard has been
introduced in the RD Licensing Manager, which allows the following tasks
to be performed:
It is important to
understand that the Manage RDS CALs Wizard can only be used against
licensing servers running Windows Server 2008 R2. Therefore, if a
licensing server is not running Windows Server 2008 R2, the original
CALs on that server should be manually removed as part of the migration
process to a Windows Server 2008 R2 licensing server.
Caution
When rebuilding the RD
Licensing database, all RDS CALs are deleted and, therefore, will need
to be reinstalled.
Service Connection
Point Registration
While installing the RD
Licensing role service, the licensing server will attempt to register
itself as a Service Connection Point (SCP) in Active Directory. Once
registered, the licensing server will then show up as a known licensing
server in the Remote Desktop Server Configuration tool’s Licensing tab.
If Active Directory is not available during the role service
installation, or the SCP registration fails, an administrator must
manually register the licensing server by using Review Configuration in
the RD Licensing Manager.
