Hi,
I hope you can advise me. I am familiar with RDS (based on Windows Server 2008 R2). I just started with RDS (based on Windows Server 2012). I find the certificate requirements and DNS requirements somewhat confusing. I can't find any clear information about this on the internet and I also noticed more people are having the same questions. Allow me to explain my scenario. I have the following setup:
RDS01 = RD Licensing Server + RD Connection Broker + RD Web Access
RDSH01 = RD Session Host
RDSH02 = RD Session Host (currently not available yet. Only RDSH01 at this time!)
RDSH03 = RD Session Host (currently not available yet. Only RDSH01 at this time!)
I can easily install and configure all server roles. But here it comes. In Windows Server 2008 R2 you are able to configure a farm DNS name. In Windows Server 2012 you can’t as far as I can see. With Windows Server 2008 R2 you would then need to create several A-records (round-robin) that point to each RD Session Host. For this to work you would also need to have a Computer Certificate on each RD Session Host where the subject name matches the farm DNS name. But how does this work with Windows Server 2012? Do you still need to configure a separate farm DNS name and import certificates on every RD Session Host which matches the subject name?
I can only import a certificate (.pfx). Which by the way I find very unhandy you can’t select an already existing certificate from the certificate store. I notice when I import a certificate it is only imported on the RD Connection Broker. I understand the certificate for signing the RDP files and Web Access. But what about the RD Connection Broker? Also… the certificate configuration is globally? What if you have multiple collections, no certificate requirements per collection? Maybe I am missing something because the currently de RDSH01 is the only RD Session Host operational.
Can someone shine a light on this.
Boudewijn Plomp, BPMi Infrastructure & Security