Windows Server 2019 RDS Setup: Complete Single Server Deployment Guide


The most powerful features in Windows Server 2019 enable businesses to deliver secure access to desktops and applications for their employees. A single-server RDS setup is a great option for small to medium-sized organizations that want to provide remote access without the complexity of managing multiple servers. This article provides a detailed, step-by-step guide to deploying RDS on Windows Server 2019 in a single-server environment.

What is Remote Desktop Services?

Remote Desktop Services (formerly known as Terminal Services) enables multiple users to access a Windows environment hosted on a centralized server, allowing them to work remotely. With RDS, businesses can:

  • Provide employees with a full desktop experience.

  • Publish individual applications for remote use.

  • Keep company data secure by centralizing it on the server.

  • Reduce IT management overhead.

In Windows Server 2019, RDS comprises several key components:

  • Remote Desktop Session Host (RDSH): Hosts applications and desktops.

  • Remote Desktop Licensing (RD Licensing): Manages client access licenses (CALs).

  • Remote Desktop Gateway (RD Gateway): Secures connections over the Internet.

  • Remote Desktop Web Access (RD Web): Provides access through a web portal.

For single-server deployments, all these roles can run on one machine.

Prerequisites

Before deploying RDS on a single Windows Server 2019 machine, ensure:

  1. Windows Server 2019 Installed: Use the latest updates and patches.

  2. Administrator Access: Required for setup.

  3. Domain Membership (Optional): Recommended for easier management in larger environments.

  4. Network Configuration: Correct DNS resolution, static IP addressing, and firewall adjustments.

  5. Licensing: Purchase and prepare RDS Client Access Licenses (CALs).

Step 1: Install Remote Desktop Services

  1. Open Server Manager from the Start menu.

  2. Select Manage > Add Roles and Features.

  3. Choose Role-based or feature-based installation.

  4. Select the local server.

  5. Under Server Roles, check Remote Desktop Services.

  6. Add the required role services:

    • Remote Desktop Licensing

    • Remote Desktop Session Host

    • Remote Desktop Web Access

    • (Optional) Remote Desktop Connection Broker

  7. Click Install and restart if necessary.

Step 2: Configure RDS Deployment

Once the roles are installed:

  1. In Server Manager, go to Remote Desktop Services.

  2. Under Deployment Overview, click Quick Start.

  3. Select Session-based desktop deployment.

  4. Complete the wizard to deploy.

This automatically configures RDS roles on the server for initial use.

Step 3: Configure Remote Desktop Licensing

Without proper licensing, RDS operates in a temporary grace period. To activate licensing:

  1. Open Remote Desktop Licensing Manager under Tools in Server Manager.

  2. Right-click the server and select Activate Server.

  3. Use the wizard to activate (internet or phone methods available).

  4. Install the purchased RDS CALs.

Step 4: Create a Session Collection

A session collection defines how users connect and which apps they can access.

  1. In Server Manager, go to Remote Desktop Services.

  2. Under Collections, select Create Session Collection.

  3. Give the collection a name (e.g., "CompanyApps").

  4. Add the Remote Desktop Session Host server.

  5. Define which user groups can connect.

  6. Finish the wizard.

Step 5: Publish Applications or Desktops

You can publish either a full desktop session or individual applications.

  1. Open the newly created collection.

  2. Select Publish RemoteApp programs.

  3. Choose the applications you want employees to access (e.g., Microsoft Word, Excel).

  4. Alternatively, select Full Desktop for a complete desktop environment.

Step 6: Configure RD Web Access

RD Web Access provides browser-based connectivity.

  1. Users can access the portal at:
    https://<server-name>/RDWeb

  2. Provide login credentials for access.

  3. Install an SSL certificate to secure connections.

  4. For production, always use a certificate from a trusted certificate authority.

Step 7: Secure the RDS Deployment

Security is vital when deploying RDS. Follow these best practices:

  • Enable SSL/TLS Encryption on RD Gateway and RD Web Access.

  • Restrict Access to authorized user groups.

  • Use Group Policies to configure session limits and security rules.

  • Apply Multi-Factor Authentication (MFA) where possible.

  • Keep the Server Updated with security patches.

Step 8: Test Connectivity

From a client computer:

  1. Open Remote Desktop Connection (mstsc).

  2. Enter the server’s IP or hostname.

  3. Log in using authori

Comments

Post a Comment

Popular posts from this blog

How to Connect to a Linux Server from Windows Using MobaXterm

Image
   Introduction Connecting to a  Linux server from a Windows machine  is a common task for system administrators, developers, and IT professionals. MobaXterm is a powerful terminal software that provides an all-in-one solution for remote computing. It supports SSH (Secure Shell), X11 forwarding, and other network protocols, making it an excellent choice for managing Linux servers from Windows. This guide will walk you through downloading, installing, and using MobaXterm to connect to a Linux server. Step 1: Download and Install MobaXterm Download MobaXterm Open a web browser on your Windows machine. Visit the official MobaXterm website:  https://mobaxterm.mobatek.net/ Click on the "Download" button. Choose either the "Home Edition" (free version) or the "Professional Edition" (paid version with additional features). Download the installer or the portable version, depending on your preference. Install MobaXterm If you downloaded the installer, double-click ...
Read more

How to Allow Remote Desktop Connections on Windows 7

Image
Remote Desktop Protocol (RDP) is a convenient feature built into Windows operating systems. It allows users to access and control another computer remotely over a network. For businesses and individuals still using Windows 7, enabling Remote Desktop connections can be essential for managing systems from a distance, troubleshooting, or working collaboratively. In this article, we’ll guide you through the steps to enable Remote Desktop connections on Windows 7, discuss security best practices, and troubleshoot common issues you might encounter. What is a Remote Desktop? Remote Desktop is a Microsoft feature that allows users to connect to a Windows computer remotely and interact with it as if they were sitting in front of it. This is achieved using the Remote Desktop Protocol (RDP). It is widely used for: Remote system administration. Accessing files and applications from another location. Offering technical support. In Windows 7, the Remote Desktop feature is available in the Profession...
Read more

How to Secure a Windows VPS from Hackers: A Comprehensive Guide

Image
A Windows Virtual Private Server (VPS) offers the flexibility to host websites, and applications, or manage remote workloads. However, its constant internet exposure makes it an attractive target for hackers. Cyberattacks, including brute force attacks, malware infections, and unauthorized access, can compromise your VPS if proper security measures are not in place. This article provides an in-depth guide on securing a Windows VPS from hackers and ensuring the safety of your data and operations. Understanding the Threats Hackers use a variety of techniques to compromise VPS environments, including: Brute Force Attacks: Automated bots systematically try passwords to gain unauthorized access. Exploitation of Vulnerabilities: Hackers exploit outdated software and unpatched vulnerabilities. Ransomware and Malware: Malicious software can encrypt data or take control of the server. Phishing and Social Engineering: Weak user practices may inadvertently grant hackers access. Addressing th...
Read more