A very short blogpost about an deployment error which I had this week:
This week I had an issue with configuring the User Profile Disk mechanism in a fresh Windows Server 2016 RDS environment. Every time when I try to enable the user profile disk mechanism it came back with the error: Could not create the template VHD. Error Message: -800391163. So the User Profile Disk mechanism was not activated and the template VHD was not created, however the NTFS rights where configured on the share. I tried several things but the solution was pretty easy. In my case this error came through a misconfiguration of the share permissions of the share. So the NTFS permissions were configured as needed but on a share level the RD Broker/Session Hosts didn’t had access. When I granted access to those servers the issue was fixed and I was able to configure the User Profile disk mechanism on the collection.
This week I made some really nice progress in achieving my end goal: ‘an automated Cloud Only Remote Desktop Services deployment’. This series consists of multiple blogposts, each blogpost covers a section which describes in detail how to configure the used technology. In the first blogpost of the series I described that this series is based on a CloudOnly deployment of RDS 2016 with as much PaaS services as possible and using Azure ARM templates for deploying the resources. The good news is that with all the progress made this week I’ve a working deployment which creates all the resources, configures Storage Spaces Direct as high available storage solution and a high available Remote Desktop Services environment.
This small blogpost is dedicated to inform you about an important hotfix and the release of the Remote Desktop Planning poster which is available for some weeks now.
KB3192404 (Preview of Monthly Rollup)
Within this Rollup update a hotfix for the User Profile Mechanism is included. In the article this is described as:
“Addressed issue where the user profile disk (UPD) does not get unmounted when a user logs off. Therefore, users get temporary profiles and are not able to work with their own profiles during their next logon. The Event ID 20491 with a description of “Remote Desktop Services could not disconnect a user disk for the user account with a SID of <SID>. The error code is 0xAA.93″ will be logged”
The preview of this Monthly Quality Rollup update can be found here: https://support.microsoft.com/en-us/kb/3192404.
Remote Desktop Service Planning Poster
The Remote Desktop Services Poster is already some weeks available but I never had the time to mention it in one of my blogposts. This poster covers Planning and Designing a Remote Desktop Services. Beside this phase the poster also covers the Build and Deploy phase as well the Run and Tune phase. This is a very complete overview of Remote Desktop Services 2016.
In this series of blogposts I’m showing you how you can deploy your ‘Cloud-Only’ RDS environment. This environment consists of as much PaaS services as possible and all components are hosted on Microsoft Azure. In the first blogpost I’ve explained how to create and prepare Azure AD Domain Services together with the corresponding Virtual Networks. In the second post I described the deployment of all Remote Desktop Services resources and roles through an Azure ARM template and explained how the initial configuration can be done from this template. In this blogpost I want to focus on providing high-available storage for hosting the User Profile disks. Since the GA of Windows Server 2016 we can use Storage Spaces Direct for this. So this blogpost describes the deployment and configuration of a Storage Spaces Direct Cluster from an Azure ARM template.
Unfortunately this year It was not possible for me to attend the ignite conference. So the news came through the social media platforms to me. One week later I want to summarize some important announcements and news presented on Ignite. Of course the most important announcement was about the General Availability of Windows Server 2016 and System Center 2016. Windows Server can be download as evaluation from this location and become available on MSDN later this month. But what about other announcements about Remote Desktop Services presented in several sessions on Ignite.
In this second blogpost of the series deploying a ‘Cloud-Only’ RDS environment I want to focus on deploying all needed roles on Azure by using an Azure Resource Manager Template. After the deployment of the resources I also want to show how the deployment of the RDS environment itself can be initiated from an ARM template. Part 1 of the series contained the creation of a AzureAD with Domain Services and the VNET peering configuration between the Classic VNET (Needed for AzureAD Domain Services) and the ARM VNET used within the ARM template for the RDS Resources. The steps described in this first blogpost are required to execute the steps in this blogpost.
In the next two blogposts I want to describe how you can create a cloud-only RDS environment with using as much Azure PaaS services as possible. In these two blogposts I want to focus on setting up a RDS environment based on Windows Server 2016 and using Azure AD Domain Services, Azure AD Application Proxy and Azure SQL Database. The support for these Azure PaaS services is added in Windows Server 2016. So this blogpost is not compatible with earlier versions of RDS. This blogpost will focus on setting up the virtual networks, virtual network peering and the Azure Active Directory including Domain Services. The second blogpost will focus on deploying the RDS environment in this newly created environment.
This is the last blogpost in the series of publishing your RDS environment with Azure AD Application Proxy. In the first post of this series I’ve described the steps needed to configure Azure AD Application Proxy pass-through authentication to publish a RDS environment. In the second post of this series I’ve focused on pre-authentication and explained the steps needed to configure pre-authentication for a RDS environment. In this last part of the series I’m focusing on High Availability of both the RD Web and RD Gateway roles and the Azure AD Application Proxy. I’m ending the series with sharing some excellent guidance provided by Microsoft of designing your Azure AD Application Proxy environment.
This blogpost is the second part in the series about publishing your RDS environment with Azure AD Application Proxy. In the first part of the series I’ve described the improvements made to RDS 2016 and the basic configuration of Azure AD Application Proxy for publishing both the RDWeb and RD Gateway role. In the first part we’ve configured pass-through authentication, this blogpost will cover all the changes needed to configure pre-authentication with Azure AD. When configured users will be redirected to the AzureAD login form and after a successful logon you will get the logged-in RDWeb feed.
In the coming series of blogposts, I want to focus on publishing your RDS environment through the Azure AD Application Proxy. Publishing your RDS environment with the Azure AD Application Proxy has several advantages compared to publishing it without the Azure AD Application Proxy. This blogpost will cover the advantages and disadvantages of publishing your environment through the Azure AD application Proxy and this part will also cover the configuration of Azure AD Application Proxy with pass-through authentication. In the next blogpost I want to focus on pre-authentication with Azure AD and in the last part I want to focus on making all components high-available. All blogposts are based on Windows Server 2016 TP5 which is in public preview at this moment.